threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Submission: On April 10 via manual (April 10th 2020, 7:23:22 am UTC) from AE

Summary HTTP 246 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 53 IPs in 8 countries across 38 domains to perform 246 HTTP transactions. The main IP is 35.173.160.135, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is threatpost.com.
TLS certificate: Issued by Thawte EV RSA CA 2018 on June 17th 2019. Valid for: a year.

This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	35.173.160.135 35.173.160.135	14618 (AMAZON-AES) (AMAZON-AES)
11	13.225.73.24 13.225.73.24	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:303... 2606:4700:3036::681b:86bc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
8	2600:9000:215... 2600:9000:2156:2a00:2:9275:3d40:93a1	16509 (AMAZON-02) (AMAZON-02)
13	2600:9000:21f... 2600:9000:21f3:c400:0:5c46:4f40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 7	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
14	185.220.205.220 185.220.205.220	41436 (CLOUDWEBM...) (CLOUDWEBMANAGE-EU)
7	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
3	23.213.165.44 23.213.165.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.52.2.19 216.52.2.19	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
8	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
4	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
10 25	152.199.22.24 152.199.22.24	15133 (EDGECAST) (EDGECAST)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	185.33.223.206 185.33.223.206	29990 (ASN-APPNEX) (ASN-APPNEX)
1	134.209.129.254 134.209.129.254	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f02... 2a03:2880:f02d:e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	2a05:f500:10:... 2a05:f500:10:101::b93f:9101	14413 (LINKEDIN) (LINKEDIN)
1	199.232.53.140 199.232.53.140	54113 (FASTLY) (FASTLY)
1 2	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE)
1	91.228.74.218 91.228.74.218	27281 (QUANTCAST) (QUANTCAST)
1	151.101.112.157 151.101.112.157	54113 (FASTLY) (FASTLY)
1 1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	13.225.86.250 13.225.86.250	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
18	185.167.96.40 185.167.96.40	41436 (CLOUDWEBM...) (CLOUDWEBMANAGE-EU)
10	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81a::2003	15169 (GOOGLE) (GOOGLE)
2	52.29.59.145 52.29.59.145	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	104.109.78.125 104.109.78.125	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 3	54.77.139.233 54.77.139.233	16509 (AMAZON-02) (AMAZON-02)
6 6	35.158.17.58 35.158.17.58	16509 (AMAZON-02) (AMAZON-02)
1 6	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 2	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE)
9	63.250.56.119 63.250.56.119	41436 (CLOUDWEBM...) (CLOUDWEBMANAGE-EU)
1	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1	23.213.164.238 23.213.164.238	16625 (AKAMAI-AS) (AKAMAI-AS)
1	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	134.209.131.220 134.209.131.220	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1400	41041 (VCLK-EU-) (VCLK-EU-)
1 1	154.59.122.74 154.59.122.74	174 (COGENT-174) (COGENT-174)
4	185.127.16.51 185.127.16.51	210329 (CLOUDWEBM...) (CLOUDWEBMANAGE-UK-1)
1	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
1	18.185.23.43 18.185.23.43	16509 (AMAZON-02) (AMAZON-02)
246	53

12 35.173.160.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com

threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kasperskycontenthub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 13.225.73.24 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-24.fra2.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3036::681b:86bc (United States)

ASN13335 (CLOUDFLARENET, US)

qd.admetricspro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2156:2a00:2:9275:3d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:9000:21f3:c400:0:5c46:4f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

media.threatpost.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 185.220.205.220 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, GB)

live.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.213.165.44 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-165-44.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.19 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.95.120.147 (United States)

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

teachingaids-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
primis-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 152.199.22.24 (United States) 10 redirects

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.223.206 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.129.254 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

e.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:e:face:b00c:0:2 (Ireland)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.53.140 (Manchester, United Kingdom)

ASN54113 (FASTLY, US)

www.reddit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.218 (United Kingdom)

ASN27281 (QUANTCAST, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.225.86.250 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-86-250.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 185.167.96.40 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, GB)

video.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.29.59.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-59-145.eu-central-1.compute.amazonaws.com

prebid-server.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.77.139.233 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-139-233.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.158.17.58 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-17-58.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.156.0.31 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.208.34 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f34.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 63.250.56.119 (United States)

ASN41436 (CLOUDWEBMANAGE-EU, GB)

live.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.213.164.238 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-164-238.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 134.209.131.220 (North Bergen, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

sync.serverbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

serverbid-sync.nyc3.cdn.digitaloceanspaces.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1400 (Sweden)

ASN41041 (VCLK-EU-, SE)

aol-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.59.122.74 (United States) 1 redirects

ASN174 (COGENT-174, US)

acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.127.16.51 (London, United Kingdom)

ASN210329 (CLOUDWEBMANAGE-UK-1, GB)

video.sekindo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.250 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.185.23.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-23-43.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	sekindo.com live.sekindo.com video.sekindo.com	5 MB
32	advertising.com 16 redirects adserver-us.adtech.advertising.com ads.adaptv.advertising.com Failed pixel.advertising.com	16 KB
32	threatpost.com threatpost.com assets.threatpost.com media.threatpost.com	2 MB
28	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	406 KB
14	doubleclick.net 3 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	94 KB
11	adlightning.com tagan.adlightning.com	320 KB
10	google.com 1 redirects www.google.com adservice.google.com	2 KB
8	yahoo.com 2 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com	7 KB
8	rubiconproject.com fastlane.rubiconproject.com prebid-server.rubiconproject.com eus.rubiconproject.com	7 KB
8	openx.net teachingaids-d.openx.net primis-d.openx.net u.openx.net eu-u.openx.net	2 KB
8	googletagservices.com www.googletagservices.com	210 KB
5	adnxs.com ib.adnxs.com acdn.adnxs.com	4 KB
5	google.de adservice.google.de www.google.de	797 B
5	admetricspro.com qd.admetricspro.com	163 KB
4	ampproject.org cdn.ampproject.org	144 KB
4	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	289 B
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	casalemedia.com as-sec.casalemedia.com	3 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	amazon-adsystem.com c.amazon-adsystem.com	28 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	103 KB
2	serverbid.com 1 redirects e.serverbid.com sync.serverbid.com	843 B
2	lijit.com ap.lijit.com	723 B
1	acuityplatform.com 1 redirects acuityplatform.com	472 B
1	dotomi.com aol-match.dotomi.com	104 B
1	digitaloceanspaces.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
1	twitter.com analytics.twitter.com	651 B
1	quantcount.com rules.quantcount.com	356 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	quantserve.com secure.quantserve.com pixel.quantserve.com Failed	8 KB
1	reddit.com www.reddit.com	3 KB
1	linkedin.com www.linkedin.com
1	facebook.com graph.facebook.com	526 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	kasperskycontenthub.com kasperskycontenthub.com	398 B
0	adap.tv Failed sync.adap.tv Failed
0	t.co Failed t.co Failed
246	38

	Domain	Requested by
25	adserver-us.adtech.advertising.com	10 redirects threatpost.com
23	live.sekindo.com	threatpost.com live.sekindo.com
22	video.sekindo.com	threatpost.com live.sekindo.com
17	pagead2.googlesyndication.com	tagan.adlightning.com pagead2.googlesyndication.com threatpost.com securepubads.g.doubleclick.net
13	media.threatpost.com	threatpost.com
11	tpc.googlesyndication.com	tagan.adlightning.com threatpost.com cdn.ampproject.org
11	tagan.adlightning.com	threatpost.com tagan.adlightning.com
11	threatpost.com	threatpost.com securepubads.g.doubleclick.net assets.threatpost.com
8	assets.threatpost.com	threatpost.com
8	www.googletagservices.com	threatpost.com tagan.adlightning.com securepubads.g.doubleclick.net
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net threatpost.com
7	www.google.com	1 redirects threatpost.com tagan.adlightning.com
6	ups.analytics.yahoo.com	1 redirects threatpost.com
6	pixel.advertising.com	6 redirects
5	qd.admetricspro.com	threatpost.com
4	googleads.g.doubleclick.net	tagan.adlightning.com pagead2.googlesyndication.com
4	cdn.ampproject.org	securepubads.g.doubleclick.net threatpost.com
4	ib.adnxs.com	qd.admetricspro.com live.sekindo.com
4	fastlane.rubiconproject.com	qd.admetricspro.com
4	adservice.google.de	tagan.adlightning.com
3	match.adsrvr.org	2 redirects
3	adservice.google.com	tagan.adlightning.com
3	hbopenbid.pubmatic.com	qd.admetricspro.com live.sekindo.com
3	teachingaids-d.openx.net	qd.admetricspro.com live.sekindo.com
3	as-sec.casalemedia.com	qd.admetricspro.com live.sekindo.com
2	cm.g.doubleclick.net	2 redirects
2	pr-bh.ybp.yahoo.com	1 redirects threatpost.com
2	u.openx.net	live.sekindo.com
2	eus.rubiconproject.com	live.sekindo.com qd.admetricspro.com
2	primis-d.openx.net	live.sekindo.com
2	prebid-server.rubiconproject.com	live.sekindo.com
2	fonts.googleapis.com	live.sekindo.com
2	c.amazon-adsystem.com	live.sekindo.com c.amazon-adsystem.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	ap.lijit.com	qd.admetricspro.com
1	acuityplatform.com	1 redirects
1	aol-match.dotomi.com
1	serverbid-sync.nyc3.cdn.digitaloceanspaces.com	qd.admetricspro.com
1	sync.serverbid.com	1 redirects
1	ads.pubmatic.com	qd.admetricspro.com
1	eu-u.openx.net	qd.admetricspro.com
1	acdn.adnxs.com	qd.admetricspro.com
1	analytics.twitter.com	tagan.adlightning.com
1	ads.adaptv.advertising.com	live.sekindo.com
1	fonts.gstatic.com	threatpost.com
1	rules.quantcount.com	secure.quantserve.com
1	www.google.de	threatpost.com
1	stats.g.doubleclick.net	1 redirects
1	static.ads-twitter.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.reddit.com	threatpost.com
1	www.linkedin.com	threatpost.com
1	graph.facebook.com	threatpost.com
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	threatpost.com
1	e.serverbid.com	qd.admetricspro.com
1	kasperskycontenthub.com	threatpost.com
0	sync.adap.tv Failed	threatpost.com
0	t.co Failed	threatpost.com
0	pixel.quantserve.com Failed	threatpost.com
246	60

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
feedly.com
www.instagram.com
cofense.com
tools.cisco.com
media.threatpost.com
attendee.gotowebinar.com
akismet.com
t.co
indd.adobe.com
spotlight.threatpost.com

Subject Issuer	Validity	Valid
threatpost.com Thawte EV RSA CA 2018	`2019-06-17` - `2020-06-17`	a year	crt.sh
*.adlightning.com Amazon	`2019-08-19` - `2020-09-19`	a year	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-02-04` - `2020-10-09`	8 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
assets.threatpost.com Amazon	`2020-03-04` - `2021-04-04`	a year	crt.sh
kasperskycontenthub.com Thawte RSA CA 2018	`2019-06-14` - `2020-06-13`	a year	crt.sh
media.threatpost.com Amazon	`2020-03-04` - `2021-04-04`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
www.sekindo.com Go Daddy Secure Certificate Authority - G2	`2019-05-23` - `2020-06-18`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2019-03-11` - `2020-05-10`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
*.adtech.advertising.com DigiCert SHA2 High Assurance Server CA	`2018-05-22` - `2020-05-26`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
e.serverbid.com Let's Encrypt Authority X3	`2020-03-24` - `2020-06-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2020-09-09`	6 months	crt.sh
*.reddit.com DigiCert SHA2 Secure Server CA	`2020-04-06` - `2020-10-03`	6 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2019-10-04` - `2020-10-07`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-03-24` - `2020-06-16`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-01-04` - `2020-07-02`	6 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-02-13` - `2020-08-11`	6 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2019-05-16` - `2020-05-16`	a year	crt.sh
*.nyc3.cdn.digitaloceanspaces.com DigiCert SHA2 Secure Server CA	`2020-03-11` - `2021-04-14`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-08-28`	6 months	crt.sh

This page contains 29 frames:

Primary Page: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Frame ID: 102D6A44C6C04D07732F3A32D4D6883F
Requests: 111 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1586503368&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=undefined
Frame ID: 09CCE37E5777E4827AE00B09678A1C5B
Requests: 43 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=NjSCg_IbX1Pdc6A9cf-rvw4e&theme=standard&size=normal&cb=x40pjfkqnibz
Frame ID: D3CF316EFF0D4CBE33C33A46006CD286
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=NjSCg_IbX1Pdc6A9cf-rvw4e&theme=light&size=normal&cb=y3vuclxfr7iz
Frame ID: 2E9B387289A13220A30670B3FE20F536
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=NjSCg_IbX1Pdc6A9cf-rvw4e&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=o9brvkhojsr7
Frame ID: 4C54518E7834236949F6ADDBD33A6E71
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=NjSCg_IbX1Pdc6A9cf-rvw4e&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&cb=pt63e67y0dp7
Frame ID: 29787208FAA92DE367D69B9829D057D8
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 56D5D18B19C9733EAB265D123A7EF990
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 3E0A0905DF16A39674FF05A95A5C3323
Requests: 21 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-2a28c82-a5333fca.js
Frame ID: 18C3CCDD79401E0A2F4BFDCD594FE3F8
Requests: 14 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-2a28c82-a5333fca.js
Frame ID: 9089C39D3930D5D44A6C05F1DD074C1D
Requests: 14 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-2a28c82-a5333fca.js
Frame ID: 6F699B5F270C7E2B26FEB04C25BFAA24
Requests: 13 HTTP requests in this frame

Frame: https://tagan.adlightning.com/math-aids-threatpost/bl-2a28c82-a5333fca.js
Frame ID: 19FE22695FD2F41D727AF974EB22178A
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200406/r20190131/zrt_lookup.html
Frame ID: 7A1A0CC565CFFEE4002461839B98AF97
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7500593236707325&output=html&h=90&slotname=7759284332&adk=4262696766&adf=776186313&w=728&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1586503369861&bpp=20&bdt=211&fdt=236&idt=236&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&correlator=3192560957384&frm=23&ife=4&pv=2&ga_vid=320803153.1586503369&ga_sid=1586503370&ga_hid=1109160268&ga_fc=0&iag=3&icsg=8362&nhd=1&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=10&biw=1585&bih=1200&isw=728&ish=90&ifk=4107119065&scr_x=0&scr_y=0&eid=21065473%2C42530311%2C44716442&oid=3&pvsid=184479812213045&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.soo5dsk4hn8s&fsb=1&dtd=248
Frame ID: 13B623BD609A9A86A3CB83CFD0B621B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186312&w=336&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1586503369899&bpp=5&bdt=239&fdt=253&idt=253&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&correlator=3192560957384&frm=23&ife=4&pv=1&ga_vid=320803153.1586503369&ga_sid=1586503370&ga_hid=320223532&ga_fc=0&iag=3&icsg=8362&nhd=1&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1057&ady=257&biw=1585&bih=1200&isw=336&ish=280&ifk=2151208310&scr_x=0&scr_y=0&eid=42530290%2C42530312&oid=3&pvsid=3809696801791697&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.zfugapvhtay5&fsb=1&dtd=258
Frame ID: 2DC8C03B4CEA8BC4D2EC1617F172A078
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=776186319&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1586503369936&bpp=5&bdt=270&fdt=232&idt=232&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&correlator=3192560957384&frm=23&ife=4&pv=1&ga_vid=320803153.1586503369&ga_sid=1586503370&ga_hid=1381723301&ga_fc=0&iag=3&icsg=8362&nhd=1&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=1537&biw=1585&bih=1200&isw=300&ish=250&ifk=2476985908&scr_x=0&scr_y=0&eid=42530312&oid=3&pvsid=108670096391253&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.q6rehqvyowf8&btvi=1&fsb=1&dtd=237
Frame ID: 331B3ABCAB58DF01271F46FF58C859D6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 7F5B09491B40FAA95F82190A067AD309
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: E9334736376283108798EDA9501F603D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: DE0EEFA2D3F66968059B64363DDDE3EE
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: 872A94CD5AB14B8E18C298066D5FDD48
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: 603E504AC5C12DC09D2618E8F6CC2F20
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: 81CA2F91991CDB221DE084C7F6A63F48
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html
Frame ID: 0CF62DC31097F74381C1A9D59D5DA713
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 44683578456C19D65E26A5471F5296CA
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Frame ID: 52C328030EC53D7D767C98B3F42B140D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: E69C42E4C0BD10EFDEBA0B88CD44842E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 82E06A849A40E9FAD0D949557A235591
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13394437
Frame ID: CE18594E914A45B2FC0131EEBAC425A3
Requests: 1 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
Frame ID: BB91E89B88C40C47B242879E0A6B1D64
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

246
Requests

93 %
HTTPS

40 %
IPv6

38
Domains

60
Subdomains

53
IPs

8
Countries

8051 kB
Transfer

12261 kB
Size

5
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/threatpost/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/threatpost

Search URL Search Domain Scan URL

URL: https://feedly.com/threatpost

Search URL Search Domain Scan URL

URL: https://www.instagram.com/Threatpost/

Search URL Search Domain Scan URL

URL: https://cofense.com/new-phishing-campaign-spoofs-webex-target-remote-workers/
Title: Thursday analysis

Search URL Search Domain Scan URL

URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161221-cco
Title: legitimate vulnerability

Search URL Search Domain Scan URL

URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/04/08155257/cisco-webex-phishing-1.png

Search URL Search Domain Scan URL

URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/04/08155344/cisco-webex-phishing-2.png

Search URL Search Domain Scan URL

URL: https://attendee.gotowebinar.com/register/4136632530104301068?source=art
Title: A Practical Guide to Securing the Cloud in the Face of Crisis

Search URL Search Domain Scan URL

URL: https://akismet.com/privacy/
Title: Learn how your comment data is processed

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23Zoom
Title: #Zoom

Search URL Search Domain Scan URL

URL: http://twitter.com/alexstamos
Title: @alexstamos

Search URL Search Domain Scan URL

URL: http://twitter.com/search?q=%23security
Title: #security

Search URL Search Domain Scan URL

URL: https://t.co/ajJYM0lyCl
Title: https://t.co/ajJYM0lyCl

Search URL Search Domain Scan URL

URL: https://twitter.com/threatpost
Title: Follow @threatpost

Search URL Search Domain Scan URL

URL: https://indd.adobe.com/view/01579c19-a6ca-4cb0-8106-ed4d5d02a292
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://spotlight.threatpost.com/
Title: HackerOne Spotlight

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884

Request Chain 45

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884

Request Chain 46

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884

Request Chain 47

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884

Request Chain 48

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884; HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884

Request Chain 73

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;apid=1A15159bcc-7afc-11ea-8b02-12ddab465c88;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884

Request Chain 74

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;apid=1A15158cf4-7afc-11ea-b7c1-12d2f833f2cc;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884

Request Chain 75

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;apid=1A1515935c-7afc-11ea-a79b-12359aeea65a;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884

Request Chain 76

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;apid=1A1513d7d8-7afc-11ea-b492-12569b584e72;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884

Request Chain 77

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884 HTTP 302
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;apid=1A1515e30c-7afc-11ea-8401-1222202f268e;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884

Request Chain 91

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=604547296&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ul=en-us&de=UTF-8&dt=Cisco%20%E2%80%98Critical%20Update%E2%80%99%20Phishing%20Attack%20Steals%20Webex%20Credentials%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEAB~&jid=199015885&gjid=645194259&cid=320803153.1586503369&tid=UA-35676203-21&_gid=1196071620.1586503369&_r=1&gtm=2wg432PM29HLF&z=1458076432 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35676203-21&cid=320803153.1586503369&jid=199015885&_gid=1196071620.1586503369&gjid=645194259&_v=j81&z=1458076432 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=320803153.1586503369&jid=199015885&_v=j81&z=1458076432 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=320803153.1586503369&jid=199015885&_v=j81&z=1458076432&slf_rd=1&random=4030851907

Request Chain 214

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://pixel.advertising.com/ups/55953/sync?uid=fbe12e1f-ed47-4941-bcf7-6afcf1022326&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=fbe12e1f-ed47-4941-bcf7-6afcf1022326 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=fbe12e1f-ed47-4941-bcf7-6afcf1022326&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=fbe12e1f-ed47-4941-bcf7-6afcf1022326&apid=1A1515e30c-7afc-11ea-8401-1222202f268e

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEFEPF7grSBnaxiKroL-c7tA&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFEPF7grSBnaxiKroL-c7tA&google_cver=1&apid=1A1515e30c-7afc-11ea-8401-1222202f268e

Request Chain 216

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D&_test=XpAe0wAAAJyV-w9x HTTP 302
https://sync.adap.tv/sync?type=gif&key=tubemogul&uid=XpAe0wAAAJyV-w9x&_test=XpAe0wAAAJyV-w9x

Request Chain 226

https://sync.serverbid.com/ss/2000891.html HTTP 302
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html

Request Chain 227

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_sc&_origin=0 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEOAuTjLUiS59bAeyC01nmlk&_origin=0&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEOAuTjLUiS59bAeyC01nmlk&_origin=0&google_cver=1&apid=1A1515e30c-7afc-11ea-8401-1222202f268e

Request Chain 230

https://acuityplatform.com/Adserver/atds?getuserid=https://pixel.advertising.com/ups/55950/sync?uid=$UID&_origin=0 HTTP 302
https://pixel.advertising.com/ups/55950/sync?uid=501865447012 HTTP 302
https://ups.analytics.yahoo.com/ups/55950/sync?uid=501865447012&apid=1A1515e30c-7afc-11ea-8401-1222202f268e

Request Chain 231

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=1A1515e30c-7afc-11ea-8401-1222202f268e HTTP 302
https://pr-bh.ybp.yahoo.com/sync/adtech/1A1515e30c-7afc-11ea-8401-1222202f268e?gdpr=0&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/56465/sync?uid=y-XVBGzpF1lxnFKn9XEwBfSVlVujL0Cp7csO9M&_origin=0&nsync=0 HTTP 302
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-XVBGzpF1lxnFKn9XEwBfSVlVujL0Cp7csO9M&_origin=0&nsync=0&apid=1A1515e30c-7afc-11ea-8401-1222202f268e

246 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
threatpost.com/cisco-critical-update-phishing-webex/154585/ 82 KB
21 KB 3879ms
212ms Document
text/html 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

6d11ed4f44f125cb56f0f2e897d63091dfb4e57c4b0c5d356cf3bf59bdd14e15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: threatpost.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Server: nginx
Date: Fri, 10 Apr 2020 07:22:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Link: <https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/?p=154585>; rel=shortlink
X-Frame-Options: SAMEORIGIN
X-Debug-Auth: off
X-Request-Host: threatpost.com
x-cache-hit: HIT
Content-Encoding: gzip

GET
H/1.1 200
OK main.css
threatpost.com/wp-content/themes/threatpost-2018/assets/css/ 236 KB
36 KB 221ms
220ms Stylesheet
text/css 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1586443113
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7d9944f6f4e2d0330ca2a9d758a404fdca5937f4a0ddf939247ca3505f9f0bbc

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Pragma: public
Date: Fri, 10 Apr 2020 07:22:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Apr 2020 14:38:35 GMT
Server: nginx
ETag: W/"5e8f336b-3b1cb"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 17 Apr 2020 07:22:48 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/math-aids-threatpost/ 33 KB
12 KB 86ms
22ms Script
application/javascript 13.225.73.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-24.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3369ba8c1759eac291cbdccf3f156cf193c0c4ac33c4ef72455bb38631dd2581

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

x-amz-version-id: o3W3YOU7ma1_UO47ufGKBxV1ftUBWRoM
content-encoding: gzip
age: 420
x-cache: Hit from cloudfront
status: 200
date: Fri, 10 Apr 2020 07:15:49 GMT
content-length: 12248
x-amz-meta-git_commit: 0d4dfcb
last-modified: Fri, 10 Apr 2020 04:33:35 GMT
server: AmazonS3
etag: "0f8aaad21a65ce024fd4b7ce8d8e7add"
content-type: application/javascript
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: YSsypr4EtxzXLAZYjfn6WEMu7S957lhpZn2wjJ84hUqT3jIMepU5Mw==

GET
H2 200 ros-layout.js Show response
qd.admetricspro.com/js/threatpost/ 18 KB
2 KB 41ms
15ms Script
application/javascript 2606:4700:3036::681b:86bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:86bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e00db38c7c200422a1b2604eccaee91db1aa7dd5aead5383f62b85cead19068

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 23 Mar 2020 17:20:59 GMT
server: cloudflare
age: 125
etag: W/"4871-5a188dbd16705-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 581ab8052b53dfbf-FRA
access-control-allow-origin: *
expires: Fri, 10 Apr 2020 07:24:10 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 43 KB
14 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2fbc4f9d9a2ef67033fbcc310d9e200a2c20049f24baaa95605ad62a8c404366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "481 / 187 of 1000 / last-modified: 1586454386"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 14327
x-xss-protection: 0
expires: Fri, 10 Apr 2020 07:22:48 GMT

GET
H2 200 cmp.js Show response
qd.admetricspro.com/js/threatpost/ 218 KB
61 KB 52ms
27ms Script
application/javascript 2606:4700:3036::681b:86bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:86bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aaf45a172ec90c76bcecd61c68d998c2256fe9b1700371e80011d1161c5ab629

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Sep 2019 21:07:46 GMT
server: cloudflare
age: 100
etag: W/"367ba-5938f47194c80-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 581ab8052b54dfbf-FRA
access-control-allow-origin: *
expires: Fri, 10 Apr 2020 07:25:19 GMT

GET
H2 200 targeting.js Show response
qd.admetricspro.com/js/threatpost/ 275 B
519 B 40ms
15ms Script
application/javascript 2606:4700:3036::681b:86bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/targeting.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:86bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cdc57f82f4b0d09e5b4e584ca4736cd3871f20563d4ce25120b057d8ffb4eb2

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 08 Feb 2020 20:49:18 GMT
server: cloudflare
age: 125
etag: W/"113-59e16a3cfb471-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 581ab8052b59dfbf-FRA
access-control-allow-origin: *
expires: Fri, 10 Apr 2020 07:22:50 GMT

GET
H2 200 prebid.js Show response
qd.admetricspro.com/js/threatpost/ 294 KB
86 KB 44ms
18ms Script
application/javascript 2606:4700:3036::681b:86bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:86bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f40f7297122393e1425eec62e78a75c3211f7ad3f6b09a356aa317fcedc2cf3

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 26 Feb 2020 03:30:32 GMT
server: cloudflare
age: 125
etag: W/"49929-59f723a0fd39e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 581ab8052b5ddfbf-FRA
access-control-allow-origin: *
expires: Fri, 10 Apr 2020 07:26:14 GMT

GET
H2 200 engine.js Show response
qd.admetricspro.com/js/threatpost/ 16 KB
12 KB 41ms
16ms Script
application/javascript 2606:4700:3036::681b:86bc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qd.admetricspro.com/js/threatpost/engine.js
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::681b:86bc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bcf391dd0b006a87698ac0894d71039d610480913d24fcdaa1f2fdeeeda943e3

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sun, 24 Nov 2019 00:06:08 GMT
server: cloudflare
age: 125
etag: W/"41f6-5980c69fe949d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=14400
cf-ray: 581ab8052b62dfbf-FRA
access-control-allow-origin: *
expires: Fri, 10 Apr 2020 07:24:10 GMT

GET
H2 200 /
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 77 KB
17 KB 57ms
8ms Stylesheet
text/css 2600:9000:2156:2a00:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=f6ff4628

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2156:2a00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a9ccdefe0a821df80b8292afc4991c8f61a16a5d1b6507bc0409a50d7cd805d1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 09 Apr 2020 14:38:45 GMT
content-encoding: gzip
age: 60243
x-cache: Hit from cloudfront
status: 200
content-length: 16546
last-modified: Thu, 09 Apr 2020 14:38:33 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-cache-hit: MISS
x-debug-auth: off
x-amz-cf-pop: FRA50-C1
x-request-host: kasperskycontenthub.com
x-amz-cf-id: H_JfR8cVGBAijIsUwgxjb4y0X409SPyeTmniXlCbpxKntzIcwkaJcQ==
expires: Fri, 10 Apr 2020 14:38:45 GMT

GET
H/1.1 200
OK jquery.js Show response
threatpost.com/wp-includes/js/jquery/ 95 KB
37 KB 334ms
113ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: public
Date: Fri, 10 Apr 2020 07:22:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 18 Dec 2019 22:32:15 GMT
Server: nginx
ETag: W/"5dfaa8ef-17a69"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 17 Apr 2020 07:22:48 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 175 KB
55 KB 62ms
12ms Script
application/x-javascript 2600:9000:2156:2a00:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=f6ff4628

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2156:2a00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

9b42bbd5450ab8a8b966866f452365736dd4c548b930cf6f612f47df65352ee7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 09 Apr 2020 14:39:09 GMT
content-encoding: gzip
age: 60219
x-cache: Hit from cloudfront
status: 200
content-length: 55933
last-modified: Thu, 09 Apr 2020 14:38:34 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-cache-hit: MISS
x-debug-auth: off
x-amz-cf-pop: FRA50-C1
x-request-host: kasperskycontenthub.com
x-amz-cf-id: gQZWtNYl1IaMPyUVvkqEj0KXiYrErepf3YhoTFXQB2JLQkDJYNV2zw==
expires: Fri, 10 Apr 2020 14:39:09 GMT

GET
H/1.1 200
OK / Show response
kasperskycontenthub.com/ 0
398 B 491ms
117ms Script
application/javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=493982071&back=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-173-160-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 10 Apr 2020 07:22:48 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
x-cache-hit: HIT
Transfer-Encoding: chunked
X-Debug-Auth: off
Connection: close
X-Request-Host: kasperskycontenthub.com
X-XSS-Protection: 1; mode=block

GET
H2 200 cisco-webex.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/04/08155232/ 130 KB
130 KB 47ms
8ms Image
image/jpeg 2600:9000:21f3:c400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/04/08155232/cisco-webex.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e115986479f27b4d9eea43d5711ab4bf0efa822af0608dc60132a94c17e099eb

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 13:00:48 GMT
via: 1.1 d79148f01e44f5598c15bdd5ce1c1997.cloudfront.net (CloudFront), 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified: Wed, 08 Apr 2020 19:52:33 GMT
server: AmazonS3
age: 66121
etag: "7114ae919f4fc793d60184d27e12d8f3"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA54, FRA2-C2
accept-ranges: bytes
content-length: 132655
x-amz-cf-id: FFVOIlmDRs_cDzCuiXuLd_jI1yOBx4WlTJi-YFUMtrYXzs1abYK_Tw==
expires: Thu, 08 Apr 2021 19:52:32 GMT

GET
H2 200 0.jpeg
media.threatpost.com/wp-content/uploads/sites/103/2018/08/15115541/ 10 KB
11 KB 60ms
21ms Image
image/jpeg 2600:9000:21f3:c400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/08/15115541/0.jpeg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b1b3e1dbec0a6b898bf6b8f17caa692c112ba2d215a1300b1c014c75f9f5ad8

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 17 Feb 2020 07:12:59 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront), 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified: Mon, 20 Aug 2018 15:57:19 GMT
server: AmazonS3
age: 4579790
etag: "756a0525b47f4557fdfec408731afd91"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA2-C2
accept-ranges: bytes
content-length: 10662
x-amz-cf-id: qqbP0DhT4wiPTawqa7cqRaGTYAcBvf3YnURcKrPrUYhEwmw2l_zoAg==
expires: Tue, 20 Aug 2019 15:57:18 GMT

GET
H2 200 subscribe2.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/ 8 KB
9 KB 8ms
7ms Image
image/jpeg 2600:9000:21f3:c400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/19151457/subscribe2.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa64fa30a3263fa3105736228a6feaaa4f7d32d8ef96b12e56f6fb95511b66a7

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 06:22:32 GMT
via: 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront), 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified: Tue, 19 Feb 2019 20:14:58 GMT
server: AmazonS3
age: 4755617
etag: "5ba45563f793f39ef6baf02645651654"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA6-C1, FRA2-C2
accept-ranges: bytes
content-length: 8281
x-amz-cf-id: YNQhx9SdTGxRSYvvpHpSioaxIMew7rNzIm3lDeoFcPdVbZ14ZujeWA==
expires: Wed, 19 Feb 2020 20:14:57 GMT

GET
H2 200 cisco-webex-phishing-1-1024x641.png
media.threatpost.com/wp-content/uploads/sites/103/2020/04/08155257/ 537 KB
538 KB 13ms
13ms Image
image/png 2600:9000:21f3:c400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/04/08155257/cisco-webex-phishing-1-1024x641.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c19c199501ff93ffd360da87cda5a21fb2ade9d9138b64fd9334d7ef90de2d2f

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 13:01:05 GMT
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront), 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified: Wed, 08 Apr 2020 19:52:59 GMT
server: AmazonS3
age: 66103
etag: "01fa19d9081aa4aa1cd042c30949c9c2"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2, FRA2-C2
accept-ranges: bytes
content-length: 549533
x-amz-cf-id: XpRQI_Qa3oBWcpTOs8qehabolUAw9Nm47zHTj2tzFH6GOWXRIxE_6A==
expires: Thu, 08 Apr 2021 19:52:58 GMT

GET
H2 200 cisco-webex-phishing-2-1024x487.png
media.threatpost.com/wp-content/uploads/sites/103/2020/04/08155344/ 90 KB
91 KB 11ms
11ms Image
image/png 2600:9000:21f3:c400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/04/08155344/cisco-webex-phishing-2-1024x487.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d076f33deb9aa7e65ec01acbeaf7a4d8381d0c18c9a0cd2eda54fe85f2a9859

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 09 Apr 2020 13:01:06 GMT
via: 1.1 09f4ecc806a7e34780fd19a93b984724.cloudfront.net (CloudFront), 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified: Wed, 08 Apr 2020 19:53:46 GMT
server: AmazonS3
age: 66103
etag: "8834661726abebe56faf5b1af9672f36"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA54, FRA2-C2
accept-ranges: bytes
content-length: 92292
x-amz-cf-id: Wv__vW3m8sGq6vpZIlwRmClcfkxmWVPYsOaWhe7BoWJFJ95Ckr_2iQ==
expires: Thu, 08 Apr 2021 19:53:45 GMT

GET
H2 200 728x380_Protecting-your-Organization-During-the-Coronavirus-Pandemic-1-540x270.png
media.threatpost.com/wp-content/uploads/sites/103/2020/04/06150839/ 327 KB
328 KB 8ms
8ms Image
image/png 2600:9000:21f3:c400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/04/06150839/728x380_Protecting-your-Organization-During-the-Coronavirus-Pandemic-1-540x270.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3068d1a44489c7e5d45702c988a70e4a4a9c53869b9e323c2d190b4c9620f28

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 08 Apr 2020 13:01:30 GMT
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront), 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified: Mon, 06 Apr 2020 19:08:43 GMT
server: AmazonS3
age: 152479
etag: "5b773bfd166df7fc87ce3c0f59d7d8d8"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2, FRA2-C2
accept-ranges: bytes
content-length: 335269
x-amz-cf-id: GJAsMUHaWhB5inZr6urS4IZ4-JnHsQ_mcgtQ7aNewUEoLBOK9yml-g==
expires: Tue, 06 Apr 2021 19:08:42 GMT

GET
H2 200 Video-Conference-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/04/03172916/ 25 KB
25 KB 6ms
6ms Image
image/jpeg 2600:9000:21f3:c400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/04/03172916/Video-Conference-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ebfb9f1779b5e8f9d0c34a73a15fa49a24faaa26384eab3ab664bef0feb03603

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Mon, 06 Apr 2020 09:49:46 GMT
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront), 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified: Fri, 03 Apr 2020 21:29:20 GMT
server: AmazonS3
age: 336782
etag: "2626cbd519c25c637623807ec2964b67"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA2-C2
accept-ranges: bytes
content-length: 25597
x-amz-cf-id: JvJ4kzOolzmrCjlx5yJWSty5IbcQUTU0Lej-dNEWi8IhrmaWBlnMTg==
expires: Sat, 03 Apr 2021 21:29:19 GMT

GET
H2 200 coronavirus-540x270.jpg
media.threatpost.com/wp-content/uploads/sites/103/2020/03/13114019/ 45 KB
45 KB 8ms
8ms Image
image/jpeg 2600:9000:21f3:c400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/03/13114019/coronavirus-540x270.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa5ae4eac062cd4bfb55a379661314e88d8814e570b09be42aa29598dd58092b

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 13 Mar 2020 16:40:40 GMT
via: 1.1 b454a0b154ae18408006bc2a9abd88ec.cloudfront.net (CloudFront), 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified: Fri, 13 Mar 2020 15:40:23 GMT
server: AmazonS3
age: 2385729
etag: "000ff4116c936eff7b835deec28f6b3e"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA54, FRA2-C2
accept-ranges: bytes
content-length: 45715
x-amz-cf-id: psS58hDMGn26fz6NWTPykRvf7ueGAjwHuru5QPRU-D6wnYzEQr04NA==
expires: Sat, 13 Mar 2021 15:40:22 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 674 B
545 B 16ms
15ms Script
text/javascript 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6474ee05294dc02ecb3149b02d443d02e3dc3da0929ee6f5fb99a4e889184d4b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 445
x-xss-protection: 1; mode=block
expires: Fri, 10 Apr 2020 07:22:48 GMT

GET
H2 200 data-center-64x64.png
media.threatpost.com/wp-content/uploads/sites/103/2020/01/15162631/ 8 KB
9 KB 6ms
6ms Image
image/png 2600:9000:21f3:c400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2020/01/15162631/data-center-64x64.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d36800d5a9c72e02424db4f2ee2d3e3391388e8b7e863533f73c788df14ab5e

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 16 Feb 2020 06:15:20 GMT
via: 1.1 a75b67932d84d80b40e12159613deb17.cloudfront.net (CloudFront), 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified: Wed, 15 Jan 2020 21:26:52 GMT
server: AmazonS3
age: 4669649
etag: "93668d327fc4fcc8e57177484d96236e"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA2-C2
accept-ranges: bytes
content-length: 8414
x-amz-cf-id: CzfyqncgUzUBI-_IlcMjmTej5POIBJujj0ntuFu6wvHtHOz3czeTlA==
expires: Thu, 14 Jan 2021 21:26:49 GMT

GET
H2 200 cyber-threat-2020-64x64.png
media.threatpost.com/wp-content/uploads/sites/103/2019/10/25090853/ 3 KB
4 KB 7ms
6ms Image
image/png 2600:9000:21f3:c400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/10/25090853/cyber-threat-2020-64x64.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e69b4aedd4ba4df00f7340e4a299dacca0abd06295d6c871f6816ea07db2507c

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 19 Feb 2020 01:19:23 GMT
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront), 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified: Fri, 25 Oct 2019 13:08:56 GMT
server: AmazonS3
age: 4428206
etag: "97535062e07e5bd8bf0ddb185a9869c7"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA2-C2
accept-ranges: bytes
content-length: 3569
x-amz-cf-id: ZKRPUxx5f4cXz2DCeKFrsLOZsCfDA0La1qfS1D-PEvRJJbTEwUb8sA==
expires: Sat, 24 Oct 2020 13:08:53 GMT

GET
H2 200 patches-64x64.png
media.threatpost.com/wp-content/uploads/sites/103/2017/05/06225026/ 9 KB
9 KB 7ms
7ms Image
image/png 2600:9000:21f3:c400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2017/05/06225026/patches-64x64.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b546be5b42d65b5d2eb3ef247886a1d692512462946bac11547df2a0a5ed02a2

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Wed, 08 Apr 2020 23:31:44 GMT
via: 1.1 79503619d600dbc1c9e04a650d3d7f3f.cloudfront.net (CloudFront), 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified: Tue, 03 Jul 2018 01:47:16 GMT
server: AmazonS3
age: 114665
etag: "34fd711c1863cbefe6bf897a5665a720"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA54, FRA2-C2
accept-ranges: bytes
content-length: 8748
x-amz-cf-id: 3fs9jU3YBTofuQSh6JzrWCioYCoS8fn9rTHokQo_t54nQlxAxf1CDQ==
expires: Wed, 03 Jul 2019 01:47:12 GMT

GET
H2 200 artificial_intelligence-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2018/10/01152243/ 2 KB
2 KB 7ms
7ms Image
image/jpeg 2600:9000:21f3:c400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2018/10/01152243/artificial_intelligence-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a968b405c5b4dcd85f76e5400c41930968710351102d83a80cf114ad7549b5d0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sun, 16 Feb 2020 10:04:08 GMT
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront), 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified: Mon, 01 Oct 2018 19:22:48 GMT
server: AmazonS3
age: 4655921
etag: "a67a437ee807847e498f42bfe1dd14fa"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1, FRA2-C2
accept-ranges: bytes
content-length: 1834
x-amz-cf-id: RvlvxvXi-Jm-bi_R4kcYe-77GE7n_BhGpa1YGwwSY26lJgJqifGyFg==
expires: Tue, 01 Oct 2019 19:22:43 GMT

GET
H2 200 Hacker-64x64.jpg
media.threatpost.com/wp-content/uploads/sites/103/2019/01/23110846/ 1 KB
2 KB 10ms
10ms Image
image/jpeg 2600:9000:21f3:c400:0:5c46:4f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.threatpost.com/wp-content/uploads/sites/103/2019/01/23110846/Hacker-64x64.jpg
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:c400:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3e05b274c76d548e39c6633af671d715bd1be28a929ab47a5ae8d29ff120df7

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 20 Mar 2020 13:47:44 GMT
via: 1.1 6e8dd39e00d9a5c1a31d69ffa2821a5e.cloudfront.net (CloudFront), 1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified: Wed, 23 Jan 2019 16:08:49 GMT
server: AmazonS3
age: 1791305
etag: "0c579c9f31a7fe9e5b94b47a6fd20620"
x-cache: Hit from cloudfront
content-type: image/jpeg
status: 200
cache-control: max-age=31536000
x-amz-cf-pop: FRA54, FRA2-C2
accept-ranges: bytes
content-length: 1393
x-amz-cf-id: 9MRu48b_TG0sFXIVOJL9Ya7Ja-mQ2HlszzWePpHu9pkxlL1G1hvRFQ==
expires: Thu, 23 Jan 2020 16:08:46 GMT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ 25 KB
7 KB 117ms
34ms Script
text/javascript 185.220.205.220
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.205.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: 7d01362edd2f0fd6c801bb3edc24980e3738646e96732b9073a51a81355678db

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:48 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.16
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/javascript; charset=utf-8

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 7ms
6ms Script
application/x-javascript 2600:9000:2156:2a00:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/jquery.json.min.js&ver=f6ff4628

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2156:2a00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 09 Apr 2020 14:38:46 GMT
content-encoding: gzip
age: 60242
x-cache: Hit from cloudfront
status: 200
content-length: 926
last-modified: Thu, 09 Apr 2020 14:38:30 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-cache-hit: MISS
x-debug-auth: off
x-amz-cf-pop: FRA50-C1
x-request-host: kasperskycontenthub.com
x-amz-cf-id: c21klycRaDYh0YangmmS6UgDbkbLmvaCjBGRzoe-C1pcPIMsRz3kPA==
expires: Fri, 10 Apr 2020 14:38:46 GMT

GET
H/1.1 200
OK gravityforms.min.js Show response
threatpost.com/wp-content/plugins/gravityforms/js/ 34 KB
12 KB 347ms
117ms Script
application/x-javascript 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.17.15
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: public
Date: Fri, 10 Apr 2020 07:22:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Apr 2020 14:38:30 GMT
Server: nginx
ETag: W/"5e8f3366-88c2"
Transfer-Encoding: chunked
Content-Type: application/x-javascript
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 17 Apr 2020 07:22:48 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 7 KB
3 KB 7ms
7ms Script
application/x-javascript 2600:9000:2156:2a00:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/conditional_logic.min.js&ver=f6ff4628

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2156:2a00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 09 Apr 2020 14:38:46 GMT
content-encoding: gzip
age: 60242
x-cache: Hit from cloudfront
status: 200
content-length: 2685
last-modified: Thu, 09 Apr 2020 14:38:31 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-cache-hit: MISS
x-debug-auth: off
x-amz-cf-pop: FRA50-C1
x-request-host: kasperskycontenthub.com
x-amz-cf-id: rCabFc9VLRvI6hyW_M7-aei0MlKPFbdX89AHeDdh0j4FuPYaIvDP7A==
expires: Fri, 10 Apr 2020 14:38:46 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 5 KB
2 KB 7ms
6ms Script
application/x-javascript 2600:9000:2156:2a00:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/gravityforms/js/placeholders.jquery.min.js&ver=f6ff4628

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2156:2a00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 09 Apr 2020 14:38:46 GMT
content-encoding: gzip
age: 60242
x-cache: Hit from cloudfront
status: 200
content-length: 1747
last-modified: Thu, 09 Apr 2020 14:38:30 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-cache-hit: MISS
x-debug-auth: off
x-amz-cf-pop: FRA50-C1
x-request-host: kasperskycontenthub.com
x-amz-cf-id: ydHCSWNQYRzMEfB-KofkabZ9pjnmQ4EM9q_YuEsTWgUQOYyL-iy8Qg==
expires: Fri, 10 Apr 2020 14:38:46 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 676 B
526 B 16ms
16ms Script
text/javascript 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en&render=explicit&ver=5.3.2

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9060fb01746d2d2767d8bbc547fe3b8c5dc9ac671f777fede7c11a7fc3802316

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 446
x-xss-protection: 1; mode=block
expires: Fri, 10 Apr 2020 07:22:48 GMT

GET
H2 200 / Show response
assets.threatpost.com/wp-content/plugins/bwp-minify/min/ 2 KB
1 KB 6ms
6ms Script
application/x-javascript 2600:9000:2156:2a00:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/js/wp-embed.min.js,wp-content/plugins/akismet/_inc/form.js&ver=f6ff4628

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:9000:2156:2a00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

a2e2059610101cb4718d6d9cf8d6e44243838304968710f35ed7f44188a9c279

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 09 Apr 2020 14:38:46 GMT
content-encoding: gzip
age: 60242
x-cache: Hit from cloudfront
status: 200
content-length: 947
last-modified: Wed, 18 Dec 2019 22:32:15 GMT
server: nginx
cache-control: max-age=86400
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
x-cache-hit: MISS
x-debug-auth: off
x-amz-cf-pop: FRA50-C1
x-request-host: kasperskycontenthub.com
x-amz-cf-id: BY55Pt3uvUxInualCpjkGlqIaR5N5giSvxpFitoT9jNlIxysbRrqcg==
expires: Fri, 10 Apr 2020 14:38:46 GMT

GET
H2 200 b-0d4dfcb.js Show response
tagan.adlightning.com/math-aids-threatpost/ 53 KB
15 KB 22ms
22ms Script
application/javascript 13.225.73.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-24.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92236ba12e109fff1e82ecabec1eda229af59c8374c54374a38a46dc01f53559

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 06:57:31 GMT
content-encoding: gzip
age: 4580718
x-cache: Hit from cloudfront
status: 200
content-length: 14481
x-amz-meta-git_commit: 0d4dfcb
last-modified: Mon, 20 Jan 2020 21:00:33 GMT
server: AmazonS3
etag: "bf1a2a1d4ffb353d268fccfda0736572"
x-amz-version-id: PGsbLvp7r6PsyaqOJTHRTfOBKlgvnkI7
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: mFFw5EovVlPVoOgQftS5Xn6lK3VG-jVak08Qbh3593mmX1LH9xB2kw==

GET
H2 200 bl-2a28c82-a5333fca.js Show response
tagan.adlightning.com/math-aids-threatpost/ 112 KB
47 KB 23ms
22ms Script
application/javascript 13.225.73.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-2a28c82-a5333fca.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-24.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 487214b4019bdcde555ab419d3074f75aae877d58c0b328b0e82fb5993aeb46e

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 04:36:33 GMT
content-encoding: gzip
age: 9976
x-cache: Hit from cloudfront
status: 200
content-length: 47598
x-amz-meta-git_commit: 2a28c82
last-modified: Fri, 10 Apr 2020 04:33:23 GMT
server: AmazonS3
etag: "94231d039c8d122104a173f3dcfb83e6"
x-amz-version-id: PA7..6ZYsb.NUsCZVXNSAiwR.ARvqzrf
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: zV4Y-w6mnfDQExFxYo6qV4TVVBH4VKHvMyTo5zEXa_FfdaOYKUM7mQ==

GET
H2 200 pubads_impl_2020040702.js Show response
securepubads.g.doubleclick.net/gpt/ 167 KB
61 KB 67ms
27ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

740078cb1778d885689a3108d2ca696b01fd80cb73437528af4ed0dd6e7466b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 10 Apr 2020 07:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Apr 2020 20:25:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 62521
x-xss-protection: 0
expires: Fri, 10 Apr 2020 07:22:48 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ 113 B
175 B 19ms
18ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=threatpost.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 108
x-xss-protection: 0

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 24 B
987 B 172ms
102ms XHR
application/json 23.213.165.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=438654&v=7.2&r=%7B%22id%22%3A%22122fdaa89af664%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222bc462fd54c131%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%223e3b5fefa1c69a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%224a3f7c7f808722%22%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22sid%22%3A%221005%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D&ac=j&sd=1&
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.165.44 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 476bf675bdd42df21a5d2db3c947c1f3fc0ae6eb940b6185ebff8dc48167fbb6

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:49 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Fri, 10 Apr 2020 07:22:49 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 47 B
723 B 111ms
48ms XHR
application/json 216.52.2.19
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.8.0
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c557ef7cd593fc1fbf78af8ad08bc15e6537018c88d132c5f2f502edf29e26e

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 10 Apr 2020 07:22:48 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 65

GET
H2 200 arj Show response
teachingaids-d.openx.net/w/1.0/ 172 B
569 B 87ms
34ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=c4f99804-3c83-49da-ba7d-79fca8618617%2Cc4f99804-3c83-49da-ba7d-79fca8618617%2C5e77a780-5c46-4be6-a2bf-794c3f5b311f%2Ca0d04924-ea95-4733-bec6-355b34c4a28a%2Ca0d04924-ea95-4733-bec6-355b34c4a28a&nocache=1586503368881&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&aus=728x90%2C970x250%2C970x90%7C728x90%2C970x250%2C970x90%7C300x250%2C336x280%7C300x250%2C300x600%7C300x250%2C300x600&divIds=div-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-3%2Cdiv-gpt-ad-6794670-5%2Cdiv-gpt-ad-6794670-5&auid=540932704%2C540932709%2C540932713%2C540932715%2C540932720&
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash: db160b08d95a086db788d5b5e805234e9f72ef95a2298ec1e634476ee4388ed1

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:48 GMT
content-encoding: gzip
server: OXGW/16.183.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 306 B
1 KB 105ms
31ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=2&alt_size_ids=55%2C57&p_pos=atf&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&tk_flint=pbjs_lite_v3.8.0&x_source.tid=c4f99804-3c83-49da-ba7d-79fca8618617&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6149428562170127
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 568a733005e0074eecbb5845f42f2937f3f08026e451517675686ccec40d1a90

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:48 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=430
Content-Length: 306
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 147ms
68ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=16&p_pos=atf&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&tk_flint=pbjs_lite_v3.8.0&x_source.tid=5e77a780-5c46-4be6-a2bf-794c3f5b311f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7213207885042194
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 612d76be55c90a8f0dbac4326ef715bcdb017d469ee00dd8d3265e19336c5029

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:48 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=411
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
2 KB 152ms
73ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509506&size_id=15&alt_size_ids=10&p_pos=atf&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&tk_flint=pbjs_lite_v3.8.0&x_source.tid=a0d04924-ea95-4733-bec6-355b34c4a28a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5392052753847316
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 58f54960d8174f03664ac6c99001deac6f2ae705ed075609011e77984bda1a65

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:48 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=500
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
2 KB 183ms
102ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=10&p_pos=atf&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&tk_flint=pbjs_lite_v3.8.0&x_source.tid=a0d04924-ea95-4733-bec6-355b34c4a28a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6438692316690269
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 2619b3a198327e7dc324c1e4bb2f8efa64179945926069fde3f93b00343caf79

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:48 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=5, max=338
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884

0
-1 B

191ms
122ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
access-control-allow-origin: https://threatpost.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884

0
-1 B

177ms
108ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
access-control-allow-origin: https://threatpost.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884

0
-1 B

190ms
121ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
access-control-allow-origin: https://threatpost.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884

0
-1 B

178ms
110ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
access-control-allow-origin: https://threatpost.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884;
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884

0
-1 B

177ms
108ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
access-control-allow-origin: https://threatpost.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 80ms
27ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 10 Apr 2020 07:22:48 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 375 B
1 KB 207ms
141ms XHR
application/json 185.33.223.206
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.206 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

93e3c665b7b56aa7afb03e4d4b30b38b9e4b248962612150f2f06fa7e9a1dc4e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:51 GMT
X-Proxy-Origin: 195.242.213.148; 195.242.213.148; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.141:80
AN-X-Request-Uuid: 479b06c7-3b66-4a66-90de-f6f9ddf03586
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 375
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 376 B
1 KB 110ms
46ms XHR
application/json 185.33.223.206
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.206 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

97e52bbd68ce963ade1b31e922a2f61d11d099714706554695303bda4d36c920

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:50 GMT
X-Proxy-Origin: 195.242.213.148; 195.242.213.148; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.38:80
AN-X-Request-Uuid: fd9fb8ca-642c-46b8-b717-74c54659af74
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 376
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 v2 Show response
e.serverbid.com/api/ 911 B
744 B 343ms
120ms XHR
application/json 134.209.129.254
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://e.serverbid.com/api/v2
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: /
Resource Hash: fc31235164285506e9bfbff1e3b514810a5908a36c2d6f254d580bc77778fe75

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: br
status: 200
vary: Origin
content-type: application/json
access-control-allow-origin: https://threatpost.com
access-control-allow-credentials: true
content-length: 467

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 107 KB
35 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81e759191d47efe43cd633d6eef12bf1a750be76490f71c636700b7c2eb06888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:48 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 35224
x-xss-protection: 0
last-modified: Fri, 10 Apr 2020 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Apr 2020 07:22:48 GMT

GET icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 0
0

GET icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 0
0

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/NjSCg_IbX1Pdc6A9cf-rvw4e/ 259 KB
92 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:821::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/NjSCg_IbX1Pdc6A9cf-rvw4e/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9c35c6377a52093f4c4f766b5c528106835a654c31b3bba5015d79826633441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 06 Apr 2020 16:37:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 06 Apr 2020 04:05:21 GMT
server: sffe
age: 312345
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 94421
x-xss-protection: 0
expires: Tue, 06 Apr 2021 16:37:03 GMT

GET logo.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 0
0

GET
H/1.1 200
OK museosans-300-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 422ms
212ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1586443113
Origin: https://threatpost.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Apr 2020 07:22:49 GMT
Last-Modified: Thu, 09 Apr 2020 14:38:33 GMT
Server: nginx
ETag: "5e8f3369-51b8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20920
Expires: Sat, 10 Apr 2021 07:22:49 GMT

GET
H/1.1 200
OK museosans-700-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 864ms
212ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1586443113
Origin: https://threatpost.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Apr 2020 07:22:49 GMT
Last-Modified: Thu, 09 Apr 2020 14:38:35 GMT
Server: nginx
ETag: "5e8f336b-51a4"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20900
Expires: Sat, 10 Apr 2021 07:22:49 GMT

GET
H/1.1 200
OK museosans-100-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
21 KB 1313ms
219ms Font
font/woff2 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1586443113
Origin: https://threatpost.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Apr 2020 07:22:50 GMT
Last-Modified: Thu, 09 Apr 2020 14:38:35 GMT
Server: nginx
ETag: "5e8f336b-50c8"
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20680
Expires: Sat, 10 Apr 2021 07:22:50 GMT

GET museosans-500-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 0
0

GET museosans-700italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 0
0

GET museosans-300italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 0
0

GET mail-plane-light.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 0
0

GET twitter-blue.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 0
0

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame 09CC 2 KB
1 KB 32ms
32ms Script
text/javascript 185.220.205.220
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1586503368&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=undefined
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.205.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: f9ff7a42683a015d70a495d75eb1df28a339cf7cf093b683728f5d61e2bcc8d2

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:48 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.16
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/javascript; charset=utf-8

GET mail-plane-large-dark.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 0
0

GET logo-white.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 0
0

GET
H2 200 flipboard.svg
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/ 236 B
574 B 10ms
10ms Image
image/svg+xml 2600:9000:2156:2a00:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/flipboard.svg
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:2a00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=f6ff4628
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: public
date: Thu, 09 Apr 2020 07:45:27 GMT
content-encoding: gzip
last-modified: Thu, 09 Apr 2020 07:44:30 GMT
server: nginx
age: 85042
etag: W/"5e8ed25e-ec"
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200
cache-control: max-age=604800, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: DHSbMSmeEtF21-w0XjKuHhI6XCSIe-Q2qprtc5E9eUynbI5gk_-OYA==
via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
expires: Thu, 16 Apr 2020 07:45:27 GMT

GET
H2 200 fontawesome-webfont.woff2
assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/ 75 KB
76 KB 23ms
9ms Font
font/woff2 2600:9000:2156:2a00:2:9275:3d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:2a00:2:9275:3d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-includes/css/dist/block-library/style.min.css,wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=f6ff4628
Origin: https://threatpost.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sun, 16 Feb 2020 06:29:58 GMT
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
age: 4668771
x-cache: Hit from cloudfront
status: 200
content-length: 77160
pragma: public
last-modified: Thu, 13 Feb 2020 16:24:52 GMT
server: nginx
etag: "5e457854-12d68"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: Ofzr8Uf_zx-7DLndCG5ALKx0xcaOuW7MJonlv2iAf6EmPI6s7XQXXA==
expires: Mon, 15 Feb 2021 06:29:58 GMT

GET photo-newsletter.jpg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 0
0

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame D3CF 0
0 24ms
24ms Document
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=NjSCg_IbX1Pdc6A9cf-rvw4e&theme=standard&size=normal&cb=x40pjfkqnibz

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A3aw07SEZE20QNxYvBHwjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=NjSCg_IbX1Pdc6A9cf-rvw4e&theme=standard&size=normal&cb=x40pjfkqnibz
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 Apr 2020 07:22:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-A3aw07SEZE20QNxYvBHwjg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10529
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2

302

ADTECH;apid=1A15159bcc-7afc-11ea-8b02-12ddab465c88;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;apid=1A15159bcc-7afc-11ea-8b02-12ddab465c88;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=15...

0
-1 B

122ms
121ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;apid=1A15159bcc-7afc-11ea-8b02-12ddab465c88;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
access-control-allow-origin: https://threatpost.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;apid=1A15159bcc-7afc-11ea-8b02-12ddab465c88;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;apid=1A15159bcc-7afc-11ea-8b02-12ddab465c88;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1A15158cf4-7afc-11ea-b7c1-12d2f833f2cc;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;apid=1A15158cf4-7afc-11ea-b7c1-12d2f833f2cc;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=15...

0
-1 B

121ms
120ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;apid=1A15158cf4-7afc-11ea-b7c1-12d2f833f2cc;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
access-control-allow-origin: https://threatpost.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;apid=1A15158cf4-7afc-11ea-b7c1-12d2f833f2cc;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;apid=1A15158cf4-7afc-11ea-b7c1-12d2f833f2cc;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1A1515935c-7afc-11ea-a79b-12359aeea65a;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;apid=1A1515935c-7afc-11ea-a79b-12359aeea65a;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=158...

0
-1 B

120ms
120ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;apid=1A1515935c-7afc-11ea-a79b-12359aeea65a;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
access-control-allow-origin: https://threatpost.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;apid=1A1515935c-7afc-11ea-a79b-12359aeea65a;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;apid=1A1515935c-7afc-11ea-a79b-12359aeea65a;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1A1513d7d8-7afc-11ea-b492-12569b584e72;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;apid=1A1513d7d8-7afc-11ea-b492-12569b584e72;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=15...

0
-1 B

108ms
108ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;apid=1A1513d7d8-7afc-11ea-b492-12569b584e72;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
access-control-allow-origin: https://threatpost.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;apid=1A1513d7d8-7afc-11ea-b492-12569b584e72;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;apid=1A1513d7d8-7afc-11ea-b492-12569b584e72;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

302

ADTECH;apid=1A1515e30c-7afc-11ea-8401-1222202f268e;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/
Redirect Chain

https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884
https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;apid=1A1515e30c-7afc-11ea-8401-1222202f268e;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=15...

0
-1 B

121ms
121ms

XHR

152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;apid=1A1515e30c-7afc-11ea-8401-1222202f268e;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
access-control-allow-origin: https://threatpost.com
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;apid=1A1515e30c-7afc-11ea-8401-1222202f268e;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status: 302
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: nginx
status: 302
location: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;apid=1A1515e30c-7afc-11ea-8401-1222202f268e;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 0
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 / Show response
graph.facebook.com/ 82 B
526 B 56ms
43ms XHR
application/json 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4275d3aff575b716ea38a91c516d8c591c9897d54fb5f88f139a9a2396634c21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
etag: "4df5a3c965a47a157fa66758ee9ac89cfceccd7d"
x-app-usage: {"call_count":0,"total_cputime":0,"total_time":0}
status: 200
x-fb-rev: 1001972383
alt-svc: h3-27=":443"; ma=3600
content-length: 82
pragma: no-cache
x-fb-debug: /X/Y9zAXcD2Sf8Y8xJqhttzFWjCV6/jCtRlRsyk6iva7zuBCbi9t2eKjijHZgho5Q+5nI4Uf5oBZPZBAPzMFdA==
x-fb-trace-id: C0XP8fTXn18
date: Fri, 10 Apr 2020 07:22:49 GMT, Fri, 10 Apr 2020 07:22:49 GMT
content-type: application/json
access-control-allow-origin: *
x-fb-request-id: ACRnsUpiD9CFmzzqbm1vapy
cache-control: private, no-cache, no-store, must-revalidate
facebook-api-version: v2.12
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 404 share
www.linkedin.com/countserv/count/ 0
0 178ms
124ms Script
text/html 2a05:f500:10:101::b93f:9101
LINKEDIN

General

Check archive.org

Show headers Download Go to

Full URL: https://www.linkedin.com/countserv/count/share?url=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&format=jsonp&callback=jQuery112404247987176809487_1586503368924&_=1586503368925
Requested by: Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:10:101::b93f:9101 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

GET
H2 200 info.json Show response
www.reddit.com/api/ 8 KB
3 KB 276ms
193ms XHR
application/json 199.232.53.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F

Requested by

Host: threatpost.com
URL: https://threatpost.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.232.53.140 Manchester, United Kingdom, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

39c06ae3cf3326dbd42a923c718d88d990131a0576c5cc40ab3b65c53f176941

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
x-cache: MISS
status: 200
vary: accept-encoding
content-length: 1758
x-xss-protection: 1; mode=block
x-served-by: cache-man4136-MAN
x-moose: majestic
expires: -1
server: snooserv
x-timer: S1586503369.274604,VS0,VE129
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/json; charset=UTF-8
via: 1.1 varnish
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ua-compatible: IE=edge
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 1587
date: Fri, 10 Apr 2020 06:56:22 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Fri, 10 Apr 2020 08:56:22 GMT

GET
H/1.1 200
OK quant.js Show response
secure.quantserve.com/ 22 KB
8 KB 111ms
28ms Script
application/x-javascript 91.228.74.218
QUANTCAST

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.quantserve.com/quant.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.218 , United Kingdom, ASN27281 (QUANTCAST, US),

Reverse DNS

Software

QS /

Resource Hash

4e16c98707c96cfd08772a34827f5c3650b6c03d049ed6d622fb276f969f73ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 10 Apr 2020 07:22:49 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10-Apr-2020 07:22:49 GMT
Server: QS
Etag: M0-70156c78
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=604800
Connection: keep-alive
Content-Length: 8001
Expires: Fri, 17 Apr 2020 07:22:49 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 1072ms
18ms Script
application/javascript 151.101.112.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:50 GMT
content-encoding: gzip
age: 83326
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-hhn4061-HHN
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1586503370.242505,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H/1.1 200
OK iab_consent_sdk.v1.0.js Show response
live.sekindo.com/content/ClientDetections/ Frame 09CC 19 KB
6 KB 29ms
28ms Script
application/javascript 185.220.205.220
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1586503368&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.205.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 10 Apr 2020 07:22:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Feb 2020 15:01:36 GMT
Server: nginx
ETag: W/"5e441350-4be0"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Expires: Sat, 10 Apr 2021 07:22:48 GMT

GET
H/1.1 200
OK DetectGDPR2.v1.0.js Show response
live.sekindo.com/content/ClientDetections/ Frame 09CC 8 KB
3 KB 57ms
27ms Script
application/javascript 185.220.205.220
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/ClientDetections/DetectGDPR2.v1.0.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1586503368&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.205.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: ace61d80f3fe90bbb02ab328d9705b57a9c8a95d3a0bf6b4cd510d4dacd033df

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 10 Apr 2020 07:22:48 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Jan 2020 18:48:12 GMT
Server: nginx
ETag: W/"5e2ddeec-211f"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Expires: Sat, 10 Apr 2021 07:22:48 GMT

GET
H/1.1 200
OK DetectGDPR.v1.0.js Show response
live.sekindo.com/content/ClientDetections/ Frame 09CC 7 KB
3 KB 81ms
27ms Script
application/javascript 185.220.205.220
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/ClientDetections/DetectGDPR.v1.0.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1586503368&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.205.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 993ebc45d9927d420801f05819222e8cc1aa523187e4c0b290df02b23ce18093

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 10 Apr 2020 07:22:48 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Jan 2020 11:58:13 GMT
Server: nginx
ETag: W/"5e2d7ed5-1d87"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Expires: Sat, 10 Apr 2021 07:22:48 GMT

GET
H/1.1 200
OK hls.0.12.4_1.min.js Show response
live.sekindo.com/content/video/hls/ Frame 09CC 247 KB
85 KB 104ms
46ms Script
application/javascript 185.220.205.220
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1586503368&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.205.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 7d0492c66125b1c2bdc419641e41542857e7d90e323d355ee0b8bb268da121fb

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 10 Apr 2020 07:22:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 06 Jan 2020 15:31:55 GMT
Server: nginx
ETag: W/"5e1352eb-3dcb9"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Expires: Sat, 10 Apr 2021 07:22:48 GMT

GET
H/1.1 200
OK prebidVid.2.44.3_2.min.js Show response
live.sekindo.com/content/prebid/ Frame 09CC 267 KB
99 KB 128ms
46ms Script
application/javascript 185.220.205.220
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1586503368&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.205.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 4ee36d77a67f176a8468c3fafd5c230a2b8584293b81221b004619e700f84106

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 10 Apr 2020 07:22:48 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jan 2020 06:21:36 GMT
Server: nginx
ETag: W/"5e3275f0-42b3f"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=31536000, public
Expires: Sat, 10 Apr 2021 07:22:48 GMT

GET
H/1.1 200
OK liveVideo.php Show response
live.sekindo.com/live/ Frame 09CC 407 KB
115 KB 166ms
39ms Script
text/html 185.220.205.220
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30342D31305F31307D7B7331323334383830387D7B433236307D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e901ec90c4d4&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.39250183105469&geoLong=8.45460033416748&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=101281&cbuster=%%CACHEBUSTER%%&pubUrl=%%REFERRER_URL_ESC%%&x=[WIDTH]&y=[HEIGHT]&vp_content=plembed173akunvrojp&vp_template=6615&subId=[SUBID_ENCODED]&schain=1.0,1!admetricspro.com,1005,1&cbuster=1586503368&pubUrlAuto=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&videoType=flow&floatWidth=320&floatHeight=180&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.205.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: 13da351bcba23848443b31a1fdc424b9a64889dd6e7679f371d78f9699a8b3bb

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Fri, 10 Apr 2020 07:22:48 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/7.3.16
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 2E9B 0
0 26ms
26ms Document
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=NjSCg_IbX1Pdc6A9cf-rvw4e&theme=light&size=normal&cb=y3vuclxfr7iz

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Dk95C6/j8gMRPRC5933iSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&co=aHR0cHM6Ly90aHJlYXRwb3N0LmNvbTo0NDM.&hl=en&v=NjSCg_IbX1Pdc6A9cf-rvw4e&theme=light&size=normal&cb=y3vuclxfr7iz
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 Apr 2020 07:22:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-Dk95C6/j8gMRPRC5933iSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10144
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&aip=1&a=604547296&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ul=en-us&de=UTF-8&dt=Cisco...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-35676203-21&cid=320803153.1586503369&jid=199015885&_gid=1196071620.1586503369&gjid=645194259&_v=j81&z=1458076432
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=320803153.1586503369&jid=199015885&_v=j81&z=1458076432
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=320803153.1586503369&jid=199015885&_v=j81&z=1458076432&slf_rd=1&random=4030851907

42 B
109 B

16ms
16ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=320803153.1586503369&jid=199015885&_v=j81&z=1458076432&slf_rd=1&random=4030851907

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-35676203-21&cid=320803153.1586503369&jid=199015885&_v=j81&z=1458076432&slf_rd=1&random=4030851907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ADTECH;apid=1A1513d7d8-7afc-11ea-b492-12569b584e72;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ 2 KB
2 KB 163ms
163ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166615/0/0/ADTECH;apid=1A1513d7d8-7afc-11ea-b492-12569b584e72;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=4800a090f4ab605;misc=1586503368884
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 645db1049f2ffb2e226745ed4273aedb5d7ae501dcb6abb1296dbf8e94101c28

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 2232
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1A1515935c-7afc-11ea-a79b-12359aeea65a;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ 2 KB
2 KB 159ms
157ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166612/0/0/ADTECH;apid=1A1515935c-7afc-11ea-a79b-12359aeea65a;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=49801175a19159;misc=1586503368884
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 7ffa5a5714cf8e17ea3c8e6be9540cfbeb30a3dded2a918fa129f0b67d778cae

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 2233
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1A15158cf4-7afc-11ea-b7c1-12d2f833f2cc;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ 2 KB
2 KB 158ms
157ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166617/0/0/ADTECH;apid=1A15158cf4-7afc-11ea-b7c1-12d2f833f2cc;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=50a47cdc499af2c;misc=1586503368884
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: e3744c0470adc84e06268061a600d99189879a31d03d15e9b35caf192135f877

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 2232
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1A15159bcc-7afc-11ea-8b02-12ddab465c88;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ 2 KB
2 KB 158ms
157ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166847/0/0/ADTECH;apid=1A15159bcc-7afc-11ea-8b02-12ddab465c88;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=47507961bc438f7;misc=1586503368884
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 97e3ee10484ae3b41f67b3233dc9c27df8110105ef4ddd86c2072fc2dbbd9ee5

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 2232
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;apid=1A1515e30c-7afc-11ea-8401-1222202f268e;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884 Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ 2 KB
2 KB 158ms
157ms XHR
application/json 152.199.22.24
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10927.1/5166606/0/0/ADTECH;apid=1A1515e30c-7afc-11ea-8401-1222202f268e;cfp=1;rndc=1586503368;v=2;cmd=bid;cors=yes;alias=462a8c7c08a35a7;misc=1586503368884
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.24 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 325d09d9da6b89ba888417f624bb827b288358fd14cafe3d25cae424c648b5be

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:49 GMT
server: Adtech Adserver
status: 200
access-control-allow-methods: POST,GET,HEAD,OPTIONS
p3p: CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin: https://threatpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 2232
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 rules-p-_7kVx0t9Jqj90.js Show response
rules.quantcount.com/ 3 B
356 B 362ms
361ms Script
application/x-javascript 2600:9000:2156:c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-_7kVx0t9Jqj90.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:28 GMT
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
last-modified: Fri, 03 Mar 2017 23:52:35 GMT
server: AmazonS3
age: 21
etag: "8a80554c91d9fca8acb82f023de02f11"
x-cache: Error from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3
x-amz-cf-id: y8YABztn2GszGi-GZizxDDn0qLY-6QxF-bFRTO0eAQca_4XhBhbz4A==

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 4C54 0
0 28ms
28ms Document
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=NjSCg_IbX1Pdc6A9cf-rvw4e&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=o9brvkhojsr7

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Mj+69icfD/DvBRTqO04nKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=NjSCg_IbX1Pdc6A9cf-rvw4e&k=6Lfgf_8SAAAAADYbQAnKFOk7cvnWbkqo6y57-4-U&cb=o9brvkhojsr7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 Apr 2020 07:22:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-Mj+69icfD/DvBRTqO04nKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1179
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 2978 0
0 29ms
28ms Document
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=NjSCg_IbX1Pdc6A9cf-rvw4e&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&cb=pt63e67y0dp7

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SsT5N2vOu38Fd+BzXepw7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=NjSCg_IbX1Pdc6A9cf-rvw4e&k=6LehhAETAAAAAAcsm2ZGDsLCqyGhesy4Yn43WNBe&cb=pt63e67y0dp7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

status: 200
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 10 Apr 2020 07:22:49 GMT
content-security-policy: script-src 'report-sample' 'nonce-SsT5N2vOu38Fd+BzXepw7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1177
server: GSE
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 09CC 87 KB
25 KB 94ms
43ms Script
application/javascript 13.225.86.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30342D31305F31307D7B7331323334383830387D7B433236307D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e901ec90c4d4&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.39250183105469&geoLong=8.45460033416748&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: Server /
Resource Hash: ba0c265ab3075d53058c5bf389da28a977c6a6629d084472fea1a79f2a72354f

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 05:27:00 GMT
content-encoding: gzip
server: Server
age: 6948
etag: 5a6f7c22da51c6b65ddd5cdb2840c3a7
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: _p8VUcKNiLzheJqcqIPOc2u05k8wKzPl7ghL8lLds-K5CzeQPr-08g==
via: 1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
8 KB 111ms
111ms XHR
text/plain 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4451232727642279&correlator=872048799106725&output=ldjh&impl=fifs&adsid=NT&eid=21065828%2C21062331%2C21065203%2C21065517%2C21065724&vrg=2020040702&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200410&iu_parts=21707124336%2CThreatPost-970x250-ATF%2CThreatPost-300x250-ATF%2CThreatPost-300x600-ATF%2CThreatPost-2x2-Skin&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C336x280%2C300x250%7C300x600%2C2x2&eri=1&cust_params=urlhost%3Dhttps%253A%252F%252Fthreatpost.com%252F%26urlpath%3D%252Fcisco-critical-update-phishing-webex%252F154585%252F%26urlquery%3Dgoogfc%26contentid%3D154585%26category%3Dcloud-security%26contenttags%3Dcisco%252Ccisco-critical-update%252Ccisco-vulnerability%252Ccisco-webex%252Ccofense%252Ccredentials%252Ccritical-bug%252Cemail%252Clanding-page%252Cphishing%252Cphishing-attack%252Csecurity-advisory%252Cwebex&cookie_enabled=1&bc=31&abxe=1&lmt=1586503369&dt=1586503369512&dlt=1586503368476&idt=348&frm=20&biw=1585&bih=1200&oid=3&adxs=429%2C1075%2C1075%2C0&adys=10%2C257%2C1518%2C0&adks=1015519800%2C654286612%2C375389812%2C3385906655&ucis=1%7C2%7C3%7C4&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&dssz=48&icsg=45100303104&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90%7C300x250%7C300x250%7C1585x2&msz=728x90%7C300x250%7C300x250%7C1585x2&ga_vid=320803153.1586503369&ga_sid=1586503370&ga_hid=604547296&fws=0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

ed9c7989265558a3160e24120c85791ed57c53a5ba859b91dcee35f6832c647e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 7878
x-xss-protection: 0
google-lineitem-id: 5193129080,5256232715,5192770279,5283645110
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293210130,138298747257,138293210928,138301519116
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://threatpost.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_2020040702.js Show response
securepubads.g.doubleclick.net/gpt/ 64 KB
23 KB 27ms
27ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

fb30d19bfdc58c092bdabad889657613116021c0d07e936fdb3e9e5dbd669872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Apr 2020 20:25:36 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 23928
x-xss-protection: 0
expires: Fri, 10 Apr 2020 07:22:49 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

GET
H2 200 css
fonts.googleapis.com/ Frame 56D5 2 KB
672 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30342D31305F31307D7B7331323334383830387D7B433236307D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e901ec90c4d4&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.39250183105469&geoLong=8.45460033416748&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00d4fbacbadc6ecbd73be323ec77febf3d856ce00dc5334d06462a315c7da8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Apr 2020 07:22:49 GMT
server: ESF
date: Fri, 10 Apr 2020 07:22:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Apr 2020 07:22:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3E0A 2 KB
626 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00d4fbacbadc6ecbd73be323ec77febf3d856ce00dc5334d06462a315c7da8e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Apr 2020 07:22:49 GMT
server: ESF
date: Fri, 10 Apr 2020 07:22:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Apr 2020 07:22:49 GMT

GET
H/1.1 200
OK placeHolder.png
live.sekindo.com/content/video/splayer/assets/ 23 KB
24 KB 27ms
27ms Image
image/png 185.220.205.220
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/content/video/splayer/assets/placeHolder.png
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.205.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx /
Resource Hash: 76102878c1198de858725194952ba1c6b35bdee0f870cc6a124e93d17385e64e

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 10 Apr 2020 07:22:49 GMT
Last-Modified: Sun, 11 Jun 2017 08:03:58 GMT
Server: nginx
ETag: "593cf96e-5dbf"
Content-Type: image/png
Cache-Control: no-cache, private
Accept-Ranges: bytes
Content-Length: 23999
Expires: Fri, 10 Apr 2020 07:22:48 GMT

GET
H/1.1 200
OK vid5e832537d83c4485940751.jpg
video.sekindo.com/uploads/cn11/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame 3E0A 12 KB
12 KB 124ms
31ms Image
image/jpeg 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn11/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.jpg?cbuster=1585653052

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),

Reverse DNS

Software

Tengine /

Resource Hash

7901a338459c22c0342032a67f88fcff22553652e5b09beb907c79bd5e309f6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 10 Apr 2020 07:22:04 GMT
Last-Modified: Tue, 31 Mar 2020 14:42:46 GMT
Server: Tengine
ETag: "5e8356e6-2e0a"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 11786
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5e850867a1995532803363.jpg
video.sekindo.com/uploads/cn12/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame 3E0A 11 KB
12 KB 158ms
32ms Image
image/jpeg 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn12/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5e850867a1995532803363.jpg?cbuster=1585776752

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),

Reverse DNS

Software

Tengine /

Resource Hash

92d0171289868d45a2099f1e0507824921169d4e8048aaecdf52802adae3c939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 10 Apr 2020 07:22:04 GMT
Last-Modified: Thu, 02 Apr 2020 08:43:13 GMT
Server: Tengine
ETag: "5e85a5a1-2d3a"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 11578
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5e849800e1569588875333.jpg
video.sekindo.com/uploads/cn12/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame 3E0A 21 KB
22 KB 193ms
35ms Image
image/jpeg 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn12/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5e849800e1569588875333.jpg?cbuster=1585747972

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),

Reverse DNS

Software

Tengine /

Resource Hash

ae7714d4eb8acee0b6fadfbc955be9c3be8d0eb7789caa7bb104fb47ec40678d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 10 Apr 2020 07:22:04 GMT
Last-Modified: Thu, 02 Apr 2020 02:33:01 GMT
Server: Tengine
ETag: "5e854edd-5553"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 21843
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5e8b5f267a36c678021328.jpg
video.sekindo.com/uploads/cn12/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame 3E0A 14 KB
14 KB 226ms
32ms Image
image/jpeg 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn12/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5e8b5f267a36c678021328.jpg?cbuster=1586192173

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),

Reverse DNS

Software

Tengine /

Resource Hash

2ee5b7690b25ec1fc9c677ff8be58a101a96b0a3ca0711ddc86ba778e52a7bc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 10 Apr 2020 07:22:04 GMT
Last-Modified: Mon, 06 Apr 2020 17:03:13 GMT
Server: Tengine
ETag: "5e8b60d1-373a"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 14138
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5e8b5f1f794d4522388745.jpg
video.sekindo.com/uploads/cn12/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame 3E0A 12 KB
13 KB 259ms
32ms Image
image/jpeg 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn12/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5e8b5f1f794d4522388745.jpg?cbuster=1586192164

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),

Reverse DNS

Software

Tengine /

Resource Hash

e4be5b94ae5d44559ee0e809b87774c6f6e3df1c523e6ab24e31977e965e76a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 10 Apr 2020 07:22:04 GMT
Last-Modified: Mon, 06 Apr 2020 17:02:45 GMT
Server: Tengine
ETag: "5e8b60b5-31c4"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 12740
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5e8f3cde2a86a186474544.jpg
video.sekindo.com/uploads/cn12/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame 3E0A 11 KB
12 KB 197ms
31ms Image
image/jpeg 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn12/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5e8f3cde2a86a186474544.jpg?cbuster=1586445541

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),

Reverse DNS

Software

Tengine /

Resource Hash

561fde11244d78e18a8b2b74c65cf0c79998caf8babc358272c552d27a9fe2a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 10 Apr 2020 07:22:04 GMT
Last-Modified: Thu, 09 Apr 2020 15:20:09 GMT
Server: Tengine
ETag: "5e8f3d29-2dff"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 11775
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5e86d7b36a41a121341580.jpg
video.sekindo.com/uploads/cn12/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame 3E0A 21 KB
21 KB 198ms
34ms Image
image/jpeg 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn12/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5e86d7b36a41a121341580.jpg?cbuster=1585895352

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),

Reverse DNS

Software

Tengine /

Resource Hash

fd920468078f9ce3bd928870d328f15f530bd07ef49098cc310acee65e9e9284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 10 Apr 2020 07:22:04 GMT
Last-Modified: Fri, 03 Apr 2020 06:30:08 GMT
Server: Tengine
ETag: "5e86d7f0-52a0"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 21152
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5e85567f405b4101337973.jpg
video.sekindo.com/uploads/cn12/video/users/converted/24485/video1523972806/ Frame 3E0A 11 KB
11 KB 196ms
32ms Image
image/jpeg 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn12/video/users/converted/24485/video1523972806/vid5e85567f405b4101337973.jpg?cbuster=1585796736

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),

Reverse DNS

Software

Tengine /

Resource Hash

e15f6c29e9985d9a9fc5ae3daccd4bf0b754793fb2c8d1e130d02ab9f6b2a267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 10 Apr 2020 07:22:04 GMT
Last-Modified: Thu, 02 Apr 2020 11:20:16 GMT
Server: Tengine
ETag: "5e85ca70-2a16"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 10774
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5e84f0f91d6a6681074359.jpg
video.sekindo.com/uploads/cn12/video/users/converted/24485/video1523972806/ Frame 3E0A 18 KB
18 KB 197ms
33ms Image
image/jpeg 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn12/video/users/converted/24485/video1523972806/vid5e84f0f91d6a6681074359.jpg?cbuster=1585770746

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),

Reverse DNS

Software

Tengine /

Resource Hash

afbb3f85073bf0b7c98647a860091228baa81d5763773c2aa4f80b23254e8fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 10 Apr 2020 07:22:04 GMT
Last-Modified: Thu, 02 Apr 2020 07:22:49 GMT
Server: Tengine
ETag: "5e8592c9-479e"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 18334
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5e8368cd8eeb6542884529.jpg
video.sekindo.com/uploads/cn12/video/users/converted/24485/video1523972806/ Frame 3E0A 15 KB
15 KB 196ms
32ms Image
image/jpeg 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn12/video/users/converted/24485/video1523972806/vid5e8368cd8eeb6542884529.jpg?cbuster=1585670351

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),

Reverse DNS

Software

Tengine /

Resource Hash

0eeb4ba88863b588948f115b2c80169ebaa2cb6c466229da9c0fd13efbe6ed4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 10 Apr 2020 07:22:04 GMT
Last-Modified: Tue, 31 Mar 2020 18:37:47 GMT
Server: Tengine
ETag: "5e838dfb-3a74"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 14964
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK vid5e832537d83c4485940751.jpg
video.sekindo.com/uploads/cn11/video/users/converted/28530/video_5d5baf9fe4c32389620327/ Frame 56D5 12 KB
12 KB 287ms
31ms Image
image/jpeg 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://video.sekindo.com/uploads/cn11/video/users/converted/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.jpg?cbuster=1585653052

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),

Reverse DNS

Software

Tengine /

Resource Hash

7901a338459c22c0342032a67f88fcff22553652e5b09beb907c79bd5e309f6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://amli.sekindo.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Fri, 10 Apr 2020 07:22:04 GMT
Last-Modified: Tue, 31 Mar 2020 14:42:46 GMT
Server: Tengine
ETag: "5e8356e6-2e0a"
X-Cache-Status: HIT
Strict-Transport-Security: max-age=31536000
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 11786
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
DATA 200
OK truncated
/ Frame 56D5 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 56D5 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame 09CC 71 KB
3 KB 131ms
131ms XHR
application/json 185.220.205.220
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.0.0&vid_viewabilityState=1&vid_playbackMethod=auto&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn11%2Fvideo%2Fusers%2Fconverted%2F28530%2Fvideo_5d5baf9fe4c32389620327%2Fvid5e832537d83c4485940751.mp4&vid_content_id=727995&vid_content_desc=Uber+is+donating+free+trips+and+meals+to+NHS+staff+in+the+UK+&vid_content_title=Uber+is+donating+free+trips+and+meals+to+NHS+staff+in+the+UK+&vid_content_duration=66&debugInformation=&x=400&y=225&fpl=2&pubUrl=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ri=6C69766553746174737C736B317B54307D7B64323032302D30342D31305F31307D7B7331323334383830387D7B433236307D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&isApp=0&geoLati=47.39250183105469&geoLong=8.45460033416748&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e901ec90c4d4&cbuster=1586503369572&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30342D31305F31307D7B7331323334383830387D7B433236307D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e901ec90c4d4&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.39250183105469&geoLong=8.45460033416748&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.205.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: 3d8d4b063dc9f756791c9516cd107424f7f72dbb65f4185bfa9b24ffe9dcc776

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:49 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.16
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 2877

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame 09CC 71 KB
3 KB 218ms
202ms XHR
application/json 185.220.205.220
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.0.0&vid_viewabilityState=1&vid_playbackMethod=auto&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn11%2Fvideo%2Fusers%2Fconverted%2F28530%2Fvideo_5d5baf9fe4c32389620327%2Fvid5e832537d83c4485940751.mp4&vid_content_id=727995&vid_content_desc=Uber+is+donating+free+trips+and+meals+to+NHS+staff+in+the+UK+&vid_content_title=Uber+is+donating+free+trips+and+meals+to+NHS+staff+in+the+UK+&vid_content_duration=66&debugInformation=&x=320&y=180&fpl=2&pubUrl=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ri=6C69766553746174737C736B317B54307D7B64323032302D30342D31305F31307D7B7331323334383830387D7B433236307D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&isApp=0&geoLati=47.39250183105469&geoLong=8.45460033416748&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e901ec90c4d4&cbuster=1586503369573&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30342D31305F31307D7B7331323334383830387D7B433236307D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e901ec90c4d4&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.39250183105469&geoLong=8.45460033416748&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.205.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: 0f04fbf70635f11eefedf0749971d89ace6c0c7cbe432a2abba2351a439063b6

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:49 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.16
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 2876

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame 09CC 23 KB
2 KB 243ms
111ms XHR
application/json 185.220.205.220
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.0.0&vid_viewabilityState=0&vid_playbackMethod=auto&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn11%2Fvideo%2Fusers%2Fconverted%2F28530%2Fvideo_5d5baf9fe4c32389620327%2Fvid5e832537d83c4485940751.mp4&vid_content_id=727995&vid_content_desc=Uber+is+donating+free+trips+and+meals+to+NHS+staff+in+the+UK+&vid_content_title=Uber+is+donating+free+trips+and+meals+to+NHS+staff+in+the+UK+&vid_content_duration=66&debugInformation=&x=400&y=225&fpl=2&pubUrl=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ri=6C69766553746174737C736B317B54307D7B64323032302D30342D31305F31307D7B7331323334383830387D7B433236307D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&isApp=0&geoLati=47.39250183105469&geoLong=8.45460033416748&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e901ec90c4d4&cbuster=1586503369573&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30342D31305F31307D7B7331323334383830387D7B433236307D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e901ec90c4d4&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.39250183105469&geoLong=8.45460033416748&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.205.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: 9b6e3acc81d4b6dc56378433258b1acf5df943737aeb6ccb2bacab4e2f348f58

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:49 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.16
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 1750

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 09CC 6 KB
3 KB 304ms
18ms XHR
application/javascript 13.225.86.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.86.250 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-86-250.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 09 Apr 2020 23:49:14 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 27216
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 09 Apr 2020 23:46:54 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 f99b5b46e77cfe9c3413f99dc8a4088c.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Y14A0k4ZDMqHBkL7xBhceO5xAYGQ9RAw_ThwLj_s1Q8Vd2k3PncNhw==

GET
H2 200 bl-2a28c82-a5333fca.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 18C3 112 KB
47 KB 23ms
22ms Script
application/javascript 13.225.73.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-2a28c82-a5333fca.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-24.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 487214b4019bdcde555ab419d3074f75aae877d58c0b328b0e82fb5993aeb46e

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 04:36:33 GMT
content-encoding: gzip
age: 9977
x-cache: Hit from cloudfront
status: 200
content-length: 47598
x-amz-meta-git_commit: 2a28c82
last-modified: Fri, 10 Apr 2020 04:33:23 GMT
server: AmazonS3
etag: "94231d039c8d122104a173f3dcfb83e6"
x-amz-version-id: PA7..6ZYsb.NUsCZVXNSAiwR.ARvqzrf
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: lGJgcU8nirzSK0h341LKglf9tQC96WNf4teaKlL9RZkdYSJoyQEgRg==

GET
H2 200 b-0d4dfcb.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 18C3 53 KB
15 KB 33ms
32ms Script
application/javascript 13.225.73.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-24.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92236ba12e109fff1e82ecabec1eda229af59c8374c54374a38a46dc01f53559

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 06:57:31 GMT
content-encoding: gzip
age: 4580719
x-cache: Hit from cloudfront
status: 200
content-length: 14481
x-amz-meta-git_commit: 0d4dfcb
last-modified: Mon, 20 Jan 2020 21:00:33 GMT
server: AmazonS3
etag: "bf1a2a1d4ffb353d268fccfda0736572"
x-amz-version-id: PGsbLvp7r6PsyaqOJTHRTfOBKlgvnkI7
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: dJ4_1XTuIYus_FrFtdzzj0Xrhr3B-5BvcZqTojrQQhux_dqfd7OcrQ==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 18C3 108 KB
39 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce37e7f8c6a4c89cfdcf052dddb45e423295c90d0db72c430630ae8ce9b7c424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39625
x-xss-protection: 0
server: cafe
etag: 6030511940536498671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Apr 2020 07:22:49 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 18C3 74 KB
28 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f9503a89e2b1f106a8c929b2e1b9acaf8d829bb6b1ba8a8755d64e433ffda1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586358454042789"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28738
x-xss-protection: 0
expires: Fri, 10 Apr 2020 07:22:49 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aa7805210217646c3d658860971b320dd622fe4b694ec4a482573e20107e645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586358454042789"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28434
x-xss-protection: 0
expires: Fri, 10 Apr 2020 07:22:49 GMT

GET
H2 200 bl-2a28c82-a5333fca.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 9089 112 KB
47 KB 26ms
25ms Script
application/javascript 13.225.73.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-2a28c82-a5333fca.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-24.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 487214b4019bdcde555ab419d3074f75aae877d58c0b328b0e82fb5993aeb46e

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 04:36:33 GMT
content-encoding: gzip
age: 9977
x-cache: Hit from cloudfront
status: 200
content-length: 47598
x-amz-meta-git_commit: 2a28c82
last-modified: Fri, 10 Apr 2020 04:33:23 GMT
server: AmazonS3
etag: "94231d039c8d122104a173f3dcfb83e6"
x-amz-version-id: PA7..6ZYsb.NUsCZVXNSAiwR.ARvqzrf
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: SIXVIGKW6W4gQttWxjpd0AZeKo7iAyyxXJc9d4Ykd_44h-NAcT8w1w==

GET
H2 200 b-0d4dfcb.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 9089 53 KB
15 KB 26ms
25ms Script
application/javascript 13.225.73.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-24.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92236ba12e109fff1e82ecabec1eda229af59c8374c54374a38a46dc01f53559

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 06:57:31 GMT
content-encoding: gzip
age: 4580719
x-cache: Hit from cloudfront
status: 200
content-length: 14481
x-amz-meta-git_commit: 0d4dfcb
last-modified: Mon, 20 Jan 2020 21:00:33 GMT
server: AmazonS3
etag: "bf1a2a1d4ffb353d268fccfda0736572"
x-amz-version-id: PGsbLvp7r6PsyaqOJTHRTfOBKlgvnkI7
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: LZBzEUWa4yHYetwWnjF0WCpEZ5N2kpxy-P-3LrJrYEWV4tQeDzjdTw==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9089 108 KB
39 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce37e7f8c6a4c89cfdcf052dddb45e423295c90d0db72c430630ae8ce9b7c424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39625
x-xss-protection: 0
server: cafe
etag: 6030511940536498671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Apr 2020 07:22:49 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9089 74 KB
28 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f9503a89e2b1f106a8c929b2e1b9acaf8d829bb6b1ba8a8755d64e433ffda1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586358454042789"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28738
x-xss-protection: 0
expires: Fri, 10 Apr 2020 07:22:49 GMT

GET
H2 200 bl-2a28c82-a5333fca.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 6F69 112 KB
47 KB 24ms
24ms Script
application/javascript 13.225.73.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-2a28c82-a5333fca.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-24.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 487214b4019bdcde555ab419d3074f75aae877d58c0b328b0e82fb5993aeb46e

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 04:36:33 GMT
content-encoding: gzip
age: 9977
x-cache: Hit from cloudfront
status: 200
content-length: 47598
x-amz-meta-git_commit: 2a28c82
last-modified: Fri, 10 Apr 2020 04:33:23 GMT
server: AmazonS3
etag: "94231d039c8d122104a173f3dcfb83e6"
x-amz-version-id: PA7..6ZYsb.NUsCZVXNSAiwR.ARvqzrf
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 5s-IMhnOboPbZpaK-aya4nOa02jHblyzsuK8WCNuKqSUT4ssotZAYA==

GET
H2 200 b-0d4dfcb.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 6F69 53 KB
15 KB 28ms
27ms Script
application/javascript 13.225.73.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-24.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92236ba12e109fff1e82ecabec1eda229af59c8374c54374a38a46dc01f53559

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 06:57:31 GMT
content-encoding: gzip
age: 4580719
x-cache: Hit from cloudfront
status: 200
content-length: 14481
x-amz-meta-git_commit: 0d4dfcb
last-modified: Mon, 20 Jan 2020 21:00:33 GMT
server: AmazonS3
etag: "bf1a2a1d4ffb353d268fccfda0736572"
x-amz-version-id: PGsbLvp7r6PsyaqOJTHRTfOBKlgvnkI7
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: A9ejMsMKhVUxbufzPKQp8EcO-sRN0j4WxpwFUpkKcQCBgdMN0XKDXQ==

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6F69 108 KB
39 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce37e7f8c6a4c89cfdcf052dddb45e423295c90d0db72c430630ae8ce9b7c424

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 39625
x-xss-protection: 0
server: cafe
etag: 6030511940536498671
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 10 Apr 2020 07:22:49 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F69 74 KB
28 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f9503a89e2b1f106a8c929b2e1b9acaf8d829bb6b1ba8a8755d64e433ffda1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586358454042789"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28738
x-xss-protection: 0
expires: Fri, 10 Apr 2020 07:22:49 GMT

GET
H2 200 bl-2a28c82-a5333fca.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 19FE 112 KB
47 KB 20ms
19ms Script
application/javascript 13.225.73.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/bl-2a28c82-a5333fca.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-24.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 487214b4019bdcde555ab419d3074f75aae877d58c0b328b0e82fb5993aeb46e

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 04:36:33 GMT
content-encoding: gzip
age: 9977
x-cache: Hit from cloudfront
status: 200
content-length: 47598
x-amz-meta-git_commit: 2a28c82
last-modified: Fri, 10 Apr 2020 04:33:23 GMT
server: AmazonS3
etag: "94231d039c8d122104a173f3dcfb83e6"
x-amz-version-id: PA7..6ZYsb.NUsCZVXNSAiwR.ARvqzrf
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: aiRQ5FSL5rdw7Qm7uvJha12Pgi0asJZoU12vFCyTJjcb6zTKyuYBBA==

GET
H2 200 b-0d4dfcb.js Show response
tagan.adlightning.com/math-aids-threatpost/ Frame 19FE 53 KB
15 KB 22ms
21ms Script
application/javascript 13.225.73.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.225.73.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-24.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92236ba12e109fff1e82ecabec1eda229af59c8374c54374a38a46dc01f53559

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 06:57:31 GMT
content-encoding: gzip
age: 4580719
x-cache: Hit from cloudfront
status: 200
content-length: 14481
x-amz-meta-git_commit: 0d4dfcb
last-modified: Mon, 20 Jan 2020 21:00:33 GMT
server: AmazonS3
etag: "bf1a2a1d4ffb353d268fccfda0736572"
x-amz-version-id: PGsbLvp7r6PsyaqOJTHRTfOBKlgvnkI7
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: R_cpRUwu6tIvTyuC_yB-suRb4jARupOU4sB0j2v7C0BCaKtvcy0Aaw==

GET
H2 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ 20 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-host-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d30ac22ab046870c2859ae90b8598967936e693bf0773ef5e41dae33a04f0a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 38184
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 7162
x-xss-protection: 0
server: sffe
date: Thu, 09 Apr 2020 20:46:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "124c7b7cd5d53550"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Apr 2021 20:46:25 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 18C3 0
0 30ms
30ms Fetch
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLfLwmN1ZlumzUXfozX72RTkn42fR2CuYvXlYY_WlGMP3CjHt-Tc_0kPSwGkmJXM3S-1qzF-aux8WsLa4N5itRZvxxqnWMYP0fPwq7WQObJUurtt6wsPcUnOExmiZDr4OwK19Apyngy2Vff6u6X6HIfuJgF-szItM7YrVP1TMptwHeiPuotMZdLbH7aIBDtXaqobwMiKCKd5brTvShWgOnveNOlC4jcji4POha86sjmJ_PFARFggS089RDconf-pJhsiNJmhXSyIVZNK_Ex3otYA&sai=AMfl-YTtyvaJk0jlw4BwVrZ-F-pFODvT0LdN5pKV-g81xqc_n_Pcl2LD3Dba3p56fDLuyCKH2Tunp0s3FsmSy_kvQsX5eyRTCGz112hhMNdE2Q&sig=Cg0ArKJSzCcVa-ljwV1XEAE&urlfix=1&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Fri, 10 Apr 2020 07:22:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Apr 2020 07:22:49 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9089 0
0 30ms
30ms Fetch
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst3C83JyykAVeK--Zu5oNWBLyUIkW3EFNcr-zvE_YuYeyAvIrYgNa5safoQKR01lB1s5uxBMpu-bEUriQtip9T_-xYC7_H91cf90BF-rGTbwZfbV8IiryFk-72RIz7gkjiQwwM7MMfjWOoYsX6LqleOuzqCOiQh3VTBItSeuvQm0CYVzsWWfPcP4iqy-UWbEqOOiM0KSfttdYb6mZRPfBryW9J57ga06ANDP1e6c5g6Mb1PtUGtzrs4_UC_QtxE-xbH4JiyDCF2lhSxkZdM-9b_iQ&sai=AMfl-YTYgOq6Ae-9ENTdBH30sFsIS2aEX3_6_kYH9e9WkM4YjjdGbjs6vQJegHE3ew5KuB0yBws-J0o4NEnIQ8frsHQ_vQo9f_aYQ00n8pqWbQ&sig=Cg0ArKJSzFP6JFTGI9fDEAE&urlfix=1&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Fri, 10 Apr 2020 07:22:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 10 Apr 2020 07:22:49 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6F69 0
0 32ms
32ms Fetch
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuumrsXQ09FRGb9h8dj-YbzYlVn0RkUnGgOU3bmuwyjWDnLKimptMphiLWm-4mWt4rV8RHm_NjrCf1TYVhKtxHlQwHyE0NAXmjK9QhGBJ9wFTZLHys7IZsIkWcppCoeBAVFkbx757jt4etpclq-T3MlT4zqwFEauySHvVpgfoGHALKQ-P0drjKq3Gtpu--SlbIiAcq0yvQ3T5KWWQayZ-jb3N5Rj7BC7_F_DbYLZ5p1HfbxtDN5HTZU29nnlzvo1reQRDgUYx-4FloIpnUm-s18IQ&sai=AMfl-YQiKr5dHU4kTtCgVsvRI8B6H8OPPxl-z4r1bwGA5Ea3pWMmdgXQ9yUQWc9EDKYAw866_rwR_VXq38etEnPreJDxNDHN0cApy7nSf0qcfw&sig=Cg0ArKJSzHpdFo56PCgDEAE&urlfix=1&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

timing-allow-origin: *
date: Fri, 10 Apr 2020 07:22:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ Frame 19FE 200 KB
55 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 51717
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55871
x-xss-protection: 0
server: sffe
date: Thu, 09 Apr 2020 17:00:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5920a4a9dcd48347"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Apr 2021 17:00:52 GMT

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012003262059300/ Frame 19FE 200 KB
55 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 51717
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 55871
x-xss-protection: 0
server: sffe
date: Thu, 09 Apr 2020 17:00:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5920a4a9dcd48347"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Apr 2021 17:00:52 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012003262059300/v0/ Frame 19FE 93 KB
28 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012003262059300/v0/amp-analytics-0.1.js

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 51711
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28417
x-xss-protection: 0
server: sffe
date: Thu, 09 Apr 2020 17:00:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "40aee2f6297ccc56"
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 09 Apr 2021 17:00:58 GMT

GET
H2 200 7464639028652035684
tpc.googlesyndication.com/simgad/ Frame 19FE 330 B
454 B 6ms
6ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7464639028652035684

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f19e7ee6cdf20bd478c037707c447b7cd469051de4dadeac32a795efb463c2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 04 Feb 2020 01:13:14 GMT
x-content-type-options: nosniff
age: 5724575
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
last-modified: Tue, 28 Jan 2020 23:02:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 01:13:14 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 19FE 0
57 B 29ms
29ms Image
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSabHH-HgJbcBs_fua6YKifEQKoOjdGKC4_Yy4vcD7TbjJ3-Fo7fep1KcaexAc5z4jhkjXfuzBr-8Rwvl7xiTW2iutOUM-KtZqHvt4YOR0E3Hl5uZZWSYynnLMbXuDpPtaKZsYn1VF7CjQc63samk5todRX2NyNpTrzGvbECGjD-vy7bbRLba-VS-72IVg3bD9NO2NKPgi9K1yvfJJMvUqeeQM0Lc0BrWdysGZHf7p4NXCEsbja566ER8wXflv8eCAWFUE6txT2dwJXL4&sai=AMfl-YTlRlm8dMkgHYgW3QowQiBUg8-2vqr-KRoy12RkciuQRMs-HQ8BSLK3PmaUyMLBGFoDEyBVgbJ6KuIO1uk7Y52lK1dawqUW9Xg1TxK-Ww&sig=Cg0ArKJSzFYoCTag2vKLEAE&adurl=

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 19FE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc779ed4b68ce5dd06e03975290beea0d406ced77103fae7d1a65ad015d358fb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 18C3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 543d1cf5b948127201bb68b70cd8b6cd02a71489e37a929c856d39ee8052c610

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9089 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e935e13f2755e12f66b4f00277f45a7270654303725e204ed3418767ea247230

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 18C3 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=threatpost.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 18C3 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=threatpost.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/ Frame 18C3 215 KB
81 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ce8e9e137ee6f76fc6b9d1be5e70fdc9b354a976607081d0987c4ff05243369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 82826
x-xss-protection: 0
server: cafe
etag: 8787963883823995547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Apr 2020 07:22:49 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200406/r20190131/ Frame 7A1A 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200406/r20190131/zrt_lookup.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200406/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnyN87qbPxuyEhHC5_GEcb8LHstEQAz0EonVFKxL59wIqtw8aSGBw-V6au7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Fri, 10 Apr 2020 00:55:48 GMT
expires: Fri, 24 Apr 2020 00:55:48 GMT
content-type: text/html; charset=UTF-8
etag: 1284906565632978074
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4913
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 23221
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
DATA 200
OK truncated
/ Frame 6F69 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba0e3f27ba7e49eb87630a4f390a4f595eda0aadd9828ac1b6bd00c6c7b0ff72

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9089 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=threatpost.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9089 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=threatpost.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/ Frame 9089 215 KB
81 KB 25ms
25ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ce8e9e137ee6f76fc6b9d1be5e70fdc9b354a976607081d0987c4ff05243369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 82826
x-xss-protection: 0
server: cafe
etag: 8787963883823995547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Apr 2020 07:22:49 GMT

GET
H/1.1 200
OK liveView.php Show response
live.sekindo.com/live/ Frame 09CC 23 KB
2 KB 99ms
99ms XHR
application/json 185.220.205.220
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.0.0&vid_viewabilityState=0&vid_playbackMethod=auto&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn11%2Fvideo%2Fusers%2Fconverted%2F28530%2Fvideo_5d5baf9fe4c32389620327%2Fvid5e832537d83c4485940751.mp4&vid_content_id=727995&vid_content_desc=Uber+is+donating+free+trips+and+meals+to+NHS+staff+in+the+UK+&vid_content_title=Uber+is+donating+free+trips+and+meals+to+NHS+staff+in+the+UK+&vid_content_duration=66&debugInformation=&x=320&y=180&fpl=2&pubUrl=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ri=6C69766553746174737C736B317B54307D7B64323032302D30342D31305F31307D7B7331323334383830387D7B433236307D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&isApp=0&geoLati=47.39250183105469&geoLong=8.45460033416748&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e901ec90c4d4&cbuster=1586503369906&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032302D30342D31305F31307D7B7331323334383830387D7B433236307D7B53644768795A5746306347397A6443356A6232303D7D7B626368726F6D657D7B716465736B746F707D7B6F6D61636F73787D7B583330307D7B593235307D7B66317D7B4C363631357DFEFE&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0+%28Macintosh%3B+Intel+Mac+OS+X+10_14_5%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F74.0.3729.169+Safari%2F537.36&playerVersion=3.0.0&fpl=-1&debugInformation=&isWePassGdpr=0&schain=1.0%2C1%21admetricspro.com%2C1005%2C1&csuuid=5e901ec90c4d4&debugInfo=12348808_&debugPlayerSession=&sta=12348808&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed173akunvrojp&secondaryContent=&x=300&y=250&pubUrl=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=320&flow_height=180&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.39250183105469&geoLong=8.45460033416748&vpTemplate=6615&flowMode=both&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.205.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: 558625955df0fb55b481180feaba87793b0775fda00bb17b5f83e9c85c4340ed

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:49 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.16
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json; charset=utf-8
Content-Length: 1747

GET
H/1.1 200
OK chunklist_640.m3u8 Show response
video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/ Frame 09CC 454 B
854 B 119ms
30ms XHR
application/vnd.apple.mpegurl 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/chunklist_640.m3u8
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 85d57eabdb95d5f5376132df0225191f15b8a3954a94c6675b8f9e1f3481307e

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 07:22:04 GMT
Last-Modified: Tue, 31 Mar 2020 14:48:08 GMT
Server: Tengine
ETag: "5e835828-1c6"
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: *
Expires: Fri, 17 Apr 2020 07:22:04 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 454
X-Proxy-Cache: HIT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 6F69 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=threatpost.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6F69 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=threatpost.com

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/ Frame 6F69 215 KB
81 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ce8e9e137ee6f76fc6b9d1be5e70fdc9b354a976607081d0987c4ff05243369

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 82826
x-xss-protection: 0
server: cafe
etag: 8787963883823995547
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Apr 2020 07:22:49 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 56D5 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:81a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Roboto&display=swap
Origin: https://threatpost.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 19:10:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 6696738
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 11016
x-xss-protection: 0
expires: Fri, 22 Jan 2021 19:10:31 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 09CC 141 B
360 B 317ms
30ms XHR
application/json 52.29.59.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.59.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-59-145.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 5783720bbd3350ffb6d544a2982c620f8f0da3747e8e31c09a3d25968c06e1d4

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:50 GMT
content-encoding: gzip
status: 200
content-type: application/json
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 147
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 09CC 0
59 B 26ms
26ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 10 Apr 2020 07:22:49 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com

POST openrtb
ads.adaptv.advertising.com/rtb/ Frame 09CC 0
0

GET
H2 200 avjp Show response
teachingaids-d.openx.net/v/1.0/ Frame 09CC 92 B
295 B 37ms
37ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=8dc4134f-e997-4921-9e47-2283907a982b&nocache=1586503370018&gdpr_consent=&gdpr=1&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&skip=1&auid=540882778&vwd=320&vht=180&
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash: 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:50 GMT
via: 1.1 google
server: OXGW/16.183.0
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 92
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 09CC 144 B
839 B 34ms
33ms XHR
application/json 185.33.223.206
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.206 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

68757f9755dfa27a25d377837030ba568d225fac72639f44bb5706c9d966824a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:52 GMT
X-Proxy-Origin: 195.242.213.148; 195.242.213.148; 301.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.44:80
AN-X-Request-Uuid: f881c0e5-ae62-448c-b12a-ddd97753d6d4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 09CC 25 B
1 KB 99ms
98ms XHR
application/json 23.213.165.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=435871&v=8.1&r=%7B%22id%22%3A%221195560c5ce9c15%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22127e4eb665cd0a6%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435871%22%2C%22sid%22%3A%22320x180%22%7D%2C%22bidfloor%22%3A0.86%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22api%22%3A%5B1%2C2%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22w%22%3A320%2C%22h%22%3A180%2C%22placement%22%3A1%7D%7D%2C%7B%22id%22%3A%2213cf14964818b3c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435870%22%2C%22sid%22%3A%22320x180%22%7D%2C%22bidfloor%22%3A0.86%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22api%22%3A%5B1%2C2%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22w%22%3A320%2C%22h%22%3A180%2C%22placement%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&nf=1&
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.165.44 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7db771dfd78d610efe6a458f8a61ca337822daec22794b11fd8d2e1e484fe94e

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Fri, 10 Apr 2020 07:22:50 GMT

GET pixel;r=837234175;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F;fpan=1;fpa=P0-1484324915-1586503370037;ns=0;ce=1;qjs=1;qv=5a0...
pixel.quantserve.com/ 0
0

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 13B6 0
0 137ms
137ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7500593236707325&output=html&h=90&slotname=7759284332&adk=4262696766&adf=776186313&w=728&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1586503369861&bpp=20&bdt=211&fdt=236&idt=236&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&correlator=3192560957384&frm=23&ife=4&pv=2&ga_vid=320803153.1586503369&ga_sid=1586503370&ga_hid=1109160268&ga_fc=0&iag=3&icsg=8362&nhd=1&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=10&biw=1585&bih=1200&isw=728&ish=90&ifk=4107119065&scr_x=0&scr_y=0&eid=21065473%2C42530311%2C44716442&oid=3&pvsid=184479812213045&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.soo5dsk4hn8s&fsb=1&dtd=248

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7500593236707325&output=html&h=90&slotname=7759284332&adk=4262696766&adf=776186313&w=728&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1586503369861&bpp=20&bdt=211&fdt=236&idt=236&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&correlator=3192560957384&frm=23&ife=4&pv=2&ga_vid=320803153.1586503369&ga_sid=1586503370&ga_hid=1109160268&ga_fc=0&iag=3&icsg=8362&nhd=1&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=429&ady=10&biw=1585&bih=1200&isw=728&ish=90&ifk=4107119065&scr_x=0&scr_y=0&eid=21065473%2C42530311%2C44716442&oid=3&pvsid=184479812213045&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.soo5dsk4hn8s&fsb=1&dtd=248
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnyN87qbPxuyEhHC5_GEcb8LHstEQAz0EonVFKxL59wIqtw8aSGBw-V6au7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 10 Apr 2020 07:22:50 GMT
server: cafe
content-length: 204
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 18C3 74 KB
28 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aa7805210217646c3d658860971b320dd622fe4b694ec4a482573e20107e645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586358454042789"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28434
x-xss-protection: 0
expires: Fri, 10 Apr 2020 07:22:50 GMT

GET
H/1.1 200
OK w_640_000.ts Show response
video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/ Frame 09CC 435 KB
435 KB 50ms
49ms XHR
video/mp2t 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/w_640_000.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 9d9b846e55f01d2f7e09f99ed502d61f7c673ce3cd259c1bb9d4d24b310e705c

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 07:22:04 GMT
Last-Modified: Tue, 31 Mar 2020 14:47:56 GMT
Server: Tengine
ETag: "5e83581c-6ca44"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 17 Apr 2020 07:22:04 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 444996
X-Proxy-Cache: HIT

GET
BLOB 200
OK 1ba9145d-a362-48cd-9c37-910800befaa2
https://threatpost.com/ Frame 09CC 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://threatpost.com/1ba9145d-a362-48cd-9c37-910800befaa2
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: worker

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 2DC8 0
0 134ms
134ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186312&w=336&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1586503369899&bpp=5&bdt=239&fdt=253&idt=253&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&correlator=3192560957384&frm=23&ife=4&pv=1&ga_vid=320803153.1586503369&ga_sid=1586503370&ga_hid=320223532&ga_fc=0&iag=3&icsg=8362&nhd=1&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1057&ady=257&biw=1585&bih=1200&isw=336&ish=280&ifk=2151208310&scr_x=0&scr_y=0&eid=42530290%2C42530312&oid=3&pvsid=3809696801791697&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.zfugapvhtay5&fsb=1&dtd=258

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7500593236707325&output=html&h=280&slotname=7077012612&adk=2662501839&adf=776186312&w=336&psa=0&guci=1.2.0.0.2.2.0.0&format=336x280&url=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1586503369899&bpp=5&bdt=239&fdt=253&idt=253&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&correlator=3192560957384&frm=23&ife=4&pv=1&ga_vid=320803153.1586503369&ga_sid=1586503370&ga_hid=320223532&ga_fc=0&iag=3&icsg=8362&nhd=1&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1057&ady=257&biw=1585&bih=1200&isw=336&ish=280&ifk=2151208310&scr_x=0&scr_y=0&eid=42530290%2C42530312&oid=3&pvsid=3809696801791697&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.zfugapvhtay5&fsb=1&dtd=258
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnyN87qbPxuyEhHC5_GEcb8LHstEQAz0EonVFKxL59wIqtw8aSGBw-V6au7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 10 Apr 2020 07:22:50 GMT
server: cafe
content-length: 8173
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9089 74 KB
28 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aa7805210217646c3d658860971b320dd622fe4b694ec4a482573e20107e645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586358454042789"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28434
x-xss-protection: 0
expires: Fri, 10 Apr 2020 07:22:50 GMT

GET
H2 200 ads
googleads.g.doubleclick.net/pagead/ Frame 331B 0
0 175ms
170ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=776186319&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1586503369936&bpp=5&bdt=270&fdt=232&idt=232&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&correlator=3192560957384&frm=23&ife=4&pv=1&ga_vid=320803153.1586503369&ga_sid=1586503370&ga_hid=1381723301&ga_fc=0&iag=3&icsg=8362&nhd=1&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=1537&biw=1585&bih=1200&isw=300&ish=250&ifk=2476985908&scr_x=0&scr_y=0&eid=42530312&oid=3&pvsid=108670096391253&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.q6rehqvyowf8&btvi=1&fsb=1&dtd=237

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7500593236707325&output=html&h=250&slotname=2376748102&adk=2477513961&adf=776186319&w=300&psa=0&guci=1.2.0.0.2.2.0.0&format=300x250&url=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ea=0&flash=0&wgl=1&adsid=NT&dt=1586503369936&bpp=5&bdt=270&fdt=232&idt=232&shv=r20200406&cbv=r20190131&ptt=9&saldr=aa&correlator=3192560957384&frm=23&ife=4&pv=1&ga_vid=320803153.1586503369&ga_sid=1586503370&ga_hid=1381723301&ga_fc=0&iag=3&icsg=8362&nhd=1&dssz=14&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1075&ady=1537&biw=1585&bih=1200&isw=300&ish=250&ifk=2476985908&scr_x=0&scr_y=0&eid=42530312&oid=3&pvsid=108670096391253&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=20&bc=31&ifi=1&uci=1.q6rehqvyowf8&btvi=1&fsb=1&dtd=237
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnyN87qbPxuyEhHC5_GEcb8LHstEQAz0EonVFKxL59wIqtw8aSGBw-V6au7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 10 Apr 2020 07:22:50 GMT
server: cafe
content-length: 205
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F69 74 KB
28 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aa7805210217646c3d658860971b320dd622fe4b694ec4a482573e20107e645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1586358454042789"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 28434
x-xss-protection: 0
expires: Fri, 10 Apr 2020 07:22:50 GMT

GET
H2 200 7464639028652035684
tpc.googlesyndication.com/simgad/ Frame 19FE 330 B
405 B 6ms
5ms Image
image/png 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7464639028652035684

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f19e7ee6cdf20bd478c037707c447b7cd469051de4dadeac32a795efb463c2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 04 Feb 2020 01:13:14 GMT
x-content-type-options: nosniff
age: 5724576
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 330
x-xss-protection: 0
last-modified: Tue, 28 Jan 2020 23:02:00 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Feb 2021 01:13:14 GMT

GET adsct
t.co/i/ 0
0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 18C3 7 KB
5 KB 17ms
17ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200406&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fb953f86407b3087aaadfde33ac054efcc6f459f71388f3bfb901768d0bebfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Apr 2020 07:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5210
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 18C3 14 KB
5 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Fri, 10 Apr 2020 07:22:50 GMT

GET
H/1.1 200
OK w_640_001.ts Show response
video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/ Frame 09CC 442 KB
442 KB 40ms
36ms XHR
video/mp2t 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/w_640_001.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 0d44327d4c43582dd7875d7fec06e63878f33f9e1b02822ee4a69fd058e01354

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 07:22:04 GMT
Last-Modified: Tue, 31 Mar 2020 14:47:57 GMT
Server: Tengine
ETag: "5e83581d-6e860"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 17 Apr 2020 07:22:04 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 452704
X-Proxy-Cache: HIT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 7F5B 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 10 Apr 2020 07:15:40 GMT
expires: Sat, 10 Apr 2021 07:15:40 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 430
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 3E0A 0
379 B 30ms
29ms Image
text/html 185.220.205.220
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=16&serverTime=1586503369&s=0&sta=12348808&x=320&y=180&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&csuuid=5e901ec90c4d4&contentFileId=727995&mediaPlayListId=5946&playerVer=3.0.0&contentMatchType=&isExcludeFromOpt=0&cbuster=1586503370375&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.220.205.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:49 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.16
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6F69 6 KB
5 KB 18ms
18ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200406&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88fac77b8933dac7b84ea3814ff0a10d2daeb8543644c0e2be63a627ff7e6aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Apr 2020 07:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5057
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6F69 14 KB
5 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Fri, 10 Apr 2020 07:22:50 GMT

GET
H/1.1 200
OK w_640_002.ts Show response
video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/ Frame 09CC 514 KB
515 KB 32ms
30ms XHR
video/mp2t 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/w_640_002.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 1ebaa68ae735bb43768fc0a6d50ad75cbf2e30bbd58fe55d828c71cad167c7b0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 07:22:05 GMT
Last-Modified: Tue, 31 Mar 2020 14:47:59 GMT
Server: Tengine
ETag: "5e83581f-808fc"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 17 Apr 2020 07:22:05 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 526588
X-Proxy-Cache: HIT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame E933 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 10 Apr 2020 07:15:40 GMT
expires: Sat, 10 Apr 2021 07:15:40 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 430
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H/1.1 200
OK w_640_003.ts Show response
video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/ Frame 09CC 447 KB
447 KB 30ms
30ms XHR
video/mp2t 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/w_640_003.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: Tengine /
Resource Hash: a3fc9dd3347cdc4876e13d4b40188863e521dc77284fbc0b01107192f1cb7755

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 07:22:05 GMT
Last-Modified: Tue, 31 Mar 2020 14:48:00 GMT
Server: Tengine
ETag: "5e835820-6fc34"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 17 Apr 2020 07:22:05 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 457780
X-Proxy-Cache: HIT

GET
H/1.1 200
OK w_640_004.ts Show response
video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/ Frame 09CC 395 KB
396 KB 30ms
30ms XHR
video/mp2t 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/w_640_004.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 952fc0e277367f525e3b2e0039a99edc460efab47f3939d5199a76534efe1030

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 07:22:05 GMT
Last-Modified: Tue, 31 Mar 2020 14:48:01 GMT
Server: Tengine
ETag: "5e835821-62dd8"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 17 Apr 2020 07:22:05 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 404952
X-Proxy-Cache: HIT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 18C3 0
58 B 15ms
15ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200406&jk=184479812213045&bg=!i4iliJBY7UeER8M7NusCAAAAYFIAAABGmQFgLHuyfmwmleMtX_UIAGcq04NeOU2ufmOHvk79JajETPjm1n17j1B0vA5QYgCQStvlDUfCHoPpe37leKUZk1oX2GBxwCpAhRy4E7bpwrXuCprKFceGHg6GmRcXXY4vecqiTDkc8tY59nME5tnI3LU3NkBk7LXTWhvq932eUr4uYgCnh3QEZnxFI9EWuFJvE9kIotRa4EGAXnwH5s9eVnp7Km_vTucYV-0NENiFQ32CGWBDO0qXwPNm_PAXm8K8Z5l-efZz1-Isp71BPW8WYiZ71MFLuVpB1_JgHPqyqq93iuyfr8d2FeHkKu2b5UYtza5OeSqbc3qKixuZFrC4RfnZstmxDUferX-jK5I_A9VUQ5a4_qsgxP1UwXmE95lZPGgFIlJw6RMj_5eZau-iBbIpkyAviefjnUPNvXW9hkd9q4mGXTsokeE5A10GKZdtaXIQ_-Wqlp0SW9MfVEQfzvnwSg

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:50 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6F69 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200406&jk=108670096391253&bg=!ubqluqJYEhlB1uT0NUgCAAAAhFIAAABHmQFgCuVDNs80U69O6rba_LxWoRTXUP-AC0DBWysS1tpkDsG8kn-XImq01n6ZMTJZNY-lvWgHiwyjxmDwwAl3Jz-LWODpY2gplohZowsm6kjHurUl19iLEH_GVbTTRm6DwJmWbwqi-cJc8pU66JN5HpzulYWt2dMVxipAUGE5t_vBBEF6RLvOVILImsGD5h8_GH8MpPhKGNuMcZFrkiTegUr4aLh6mZ_B2yO5LFBV0NQzCg7EM2EymdFrboalyY7cN_L76OVCDHEKyiF-suenu5luSKvIJQUmKjwa-S2H2rw9yXDZOtHJ4qPA1YGv9onLjJ4GvCsEKYLEBjCB9SBtg00hs0BzMX-oiA48qNlfpJTO-UpLEJ3jWkf1vRCZVhM_XrUz1aP9ZtO7YakUhGfp11ERxv3sgYOYC26nrNO38jN6U9t68BSZXiRhjtLuWiNU8S6IGvU1FGJTUIQzsCLaSKFYdA

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:50 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK w_640_005.ts Show response
video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/ Frame 09CC 467 KB
467 KB 30ms
30ms XHR
video/mp2t 185.167.96.40
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/w_640_005.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.167.96.40 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 2aedde3f7c3180f50d654c8e1f9c29402516066a10d9f4f1b5fe1366519cd3b2

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 07:22:05 GMT
Last-Modified: Tue, 31 Mar 2020 14:48:02 GMT
Server: Tengine
ETag: "5e835822-74ac8"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 17 Apr 2020 07:22:05 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 477896
X-Proxy-Cache: HIT

GET
H2 200 avjp Show response
primis-d.openx.net/v/1.0/ Frame 09CC 92 B
472 B 81ms
33ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=9f93d336-28a9-4e91-b854-23e647402a13&nocache=1586503370899&gdpr_consent=&gdpr=1&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C!primis.tech%2C19668%2C1%2C%2C%2C&skip=1&auid=540392761&vwd=320&vht=180&
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash: 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:50 GMT
via: 1.1 google
server: OXGW/16.183.0
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 92
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK museosans-500-webfont.woff
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 26 KB
27 KB 438ms
214ms Font
application/font-woff 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7b39de55a44cfca0e37dd405f6316bd6421c6f1fb41e525fc182e10afe8bf3a8

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1586443113
Origin: https://threatpost.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Apr 2020 07:22:51 GMT
Last-Modified: Thu, 09 Apr 2020 14:38:33 GMT
Server: nginx
ETag: "5e8f3369-6910"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 26896
Expires: Sat, 10 Apr 2021 07:22:51 GMT

GET
H/1.1 200
OK museosans-700italic-webfont.woff
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 20 KB
20 KB 453ms
221ms Font
application/font-woff 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 10ba4b86c6c7566ff87535ac9d33ebdb537bb3c12cd393e7b75e974d7e01a449

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1586443113
Origin: https://threatpost.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Apr 2020 07:22:51 GMT
Last-Modified: Thu, 09 Apr 2020 14:38:35 GMT
Server: nginx
ETag: "5e8f336b-4ef0"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 20208
Expires: Sat, 10 Apr 2021 07:22:51 GMT

GET
H/1.1 200
OK museosans-300italic-webfont.woff
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 29 KB
30 KB 948ms
221ms Font
application/font-woff 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff
Requested by: Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b8a79df726a07ee5e793ddb65ef0f88f736ab5c66ea4d5fd6ff25adb2c69df15

Request headers

Referer: https://threatpost.com/wp-content/themes/threatpost-2018/assets/css/main.css?v=1586443113
Origin: https://threatpost.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Apr 2020 07:22:51 GMT
Last-Modified: Thu, 09 Apr 2020 14:38:35 GMT
Server: nginx
ETag: "5e8f336b-7484"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=31536000, public
Connection: close
Accept-Ranges: bytes
Content-Length: 29828
Expires: Sat, 10 Apr 2021 07:22:51 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9089 7 KB
6 KB 31ms
19ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200406&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200406/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc3e9a47af4edfea54db13c18dd0e82534c32784aba18faf54600222e169209a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Apr 2020 07:22:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5148
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9089 14 KB
6 KB 25ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Fri, 10 Apr 2020 07:22:51 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame DE0E 0
0 6ms
5ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/b-0d4dfcb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 10 Apr 2020 06:59:00 GMT
expires: Sat, 10 Apr 2021 06:59:00 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1431
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9089 0
728 B 26ms
14ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gda_r20200406&jk=3809696801791697&bg=!RkWlRV1YFuosFFbfh1gCAAAARFIAAAAOmQFgkE7dq1mXzY62C22yMAsKJ2-jDIOQWuzAblWs8MP2Eop_AdMBy8HPhNXh641F32NaFnICPs0_a8ZGUv6NeWonAooqOHff1AqW4gZQffTWCHUgjZ236f09MXXV1BNGsFxJMNfi1Y4ltPD-RrzUaB8b8WMi_MwiS5wvE2AJQA72Z_hmolsUxIj4OnfNcOCpgjLHmW6R-0Yf7sOe7cEo16gsyIZUTDPPhyoskoQhcSl7LghaQa5WXow9YiDCVTKhe7T1rTixanCRfwkkk2bsaPkpVOibfwOzwYROpHH08GohVxctWEQ995eYF-h-XJmiR6E4m9BRUkVUXEojl5eg1NDaRTm2GVdy8Kkzi9hukpNak4tk9cqVh-jghdmZAjzs744IpQupr5wCIiG8DIbmfryO-eHLcmSRdAt48qPh4_gLBl3BeTrjupRENC3Sii3I0l9ZDI3olA8wLM0-cG3osBejkQ

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:51 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 19FE 42 B
115 B 14ms
14ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukOu9EkSNi-Oq7qBVi5BDlPaHo0VYd9rAQmhH1kbIyW5XAD1SL1R8W3YaLI63f8i8pJhBNOB9pn3ydr95OCD9WrKMDmxTLJkGVfjCGgYg&sig=Cg0ArKJSzPiQUCOt1J2HEAE&id=ampim&o=0,0&d=2,2&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=173&tls=1174&g=100&h=100&tt=1174&r=v&adk=3385906655&avms=ampa

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:51 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9089 42 B
110 B 15ms
14ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv9yv9Pz9eN9ZttmTlA3y3uBNuMSmwM8nxm91ZzQ4ufaEX79DaFN44GzlqHNuB8EeZ-u2Y2liKAzXo9VXcVTQsEZefHkaIH73fIcl2rVgw&sig=Cg0ArKJSzGuEEpvYNjZ-EAE&adk=654286612&tt=-1&bs=1585%2C1200&mtos=1067,1067,1067,1067,1067&tos=1067,0,0,0,0&p=257,1057,537,1393&gcm=1&lcs=1&mcvt=1067&rs=0&ht=0&tfs=456&tls=1487&mc=1&lte=0&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1586503369665&dlt&rpt=413&isd=0&msd=0&ext&xdi=0&msp=1&ps=1585%2C5547&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-14-7-13-13-0-0-0&tvt=1482&is=336%2C280&iframe_loc=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&r=v&id=osdim&vs=4&uc=14&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200408

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:51 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 18C3 42 B
110 B 14ms
14ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssC8r3m-fnOHgXeVlo3a15F04NQqKnzt-IYPX7l6QPhlSnQsodFbG_LR0u4Ma8WxZueayHmNK6MlpM1fBX1h7JfkOxiHGTV-3CUIZjxPAw&sig=Cg0ArKJSzODpX-JhFvA1EAE&adk=1015519800&tt=-1&bs=1585%2C1200&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&p=10,429,100,1157&gcm=1&lcs=1&mcvt=1037&rs=0&ht=0&tfs=492&tls=1529&mc=1&lte=0&bas=0&bac=0&met=ie&avms=nio&exg=1&md=2&btr=0&lm=2&rst=1586503369657&dlt&rpt=384&isd=0&msd=0&ext&xdi=0&msp=1&ps=1585%2C5547&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-14-8-13-13-0-0-0&tvt=1523&is=728%2C90&iframe_loc=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&r=v&id=osdim&vs=4&uc=14&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=0x0&itpl=19&v=20200408

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:51 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 29ms
17ms XHR
application/json 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020040702&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2020040702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f878657d8c4e55f567bf2c95eeaeba148274132d5b6ff6d9068f0e0cb73392ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Apr 2020 07:22:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5208
x-xss-protection: 0

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 190ms
137ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 112
pragma: no-cache
last-modified: Fri, 10 Apr 2020 07:22:52 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e6a3c0d58cd77e5152d04d3274fc24be
x-transaction: 006252dc009196c4
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H/1.1 200
OK icons.svg Show response
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 11 KB
4 KB 349ms
116ms XHR
image/svg+xml 35.173.160.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by: Host: assets.threatpost.com
URL: https://assets.threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js,wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js,wp-content/plugins/honeypot-comments/public/assets/js/public.js,wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js,wp-content/themes/threatpost-2018/assets/js/main.js,wp-content/themes/threatpost-2018/assets/js/loadmore.js,wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js&ver=f6ff4628
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-173-160-135.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 76ba07e059d9e2113f9c940f1a31efc95bd9d5badd68bbc3637177e892a08099

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: empty

Response headers

Pragma: public
Date: Fri, 10 Apr 2020 07:22:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Apr 2020 14:38:35 GMT
Server: nginx
ETag: W/"5e8f336b-2b9f"
Transfer-Encoding: chunked
Content-Type: image/svg+xml
Cache-Control: max-age=604800, public
Connection: close
Expires: Fri, 17 Apr 2020 07:22:52 GMT

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 872A 0
0 323ms
18ms Document
text/html 104.109.78.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: rsid=1|AIfsdBUO++vuGxiryvY/OiLuoLISe5vB1nw/TZ2fPQ9yq+qYUnHjQcTybLrliuOkEkPC62XsWjn9CRWWAEnwKwjor1MAhVIF8C9/PYGHF3IsvGuqYKQxbvOoJKG3Nw==; ses15=; vis15=300372^1; khaos=K8TV5636-1O-1Y3V; audit=1|hLZGFuTafB0bLFXpVgtqi181asM7wLzExLE+oSAulfE3gC2sbs52J0D3pCcW8TpHcpj76PKZXj8oT2OqK/B16qwRNgFmLHdP
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 03 Apr 2020 17:00:48 GMT
Content-Encoding: gzip
Content-Length: 9105
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=34533
Expires: Fri, 10 Apr 2020 16:58:25 GMT
Date: Fri, 10 Apr 2020 07:22:52 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd
u.openx.net/w/1.0/ Frame 603E 0
0 7395ms
39ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=22b90fe6-3017-071a-1ec8-919f98541d2e|1586503368
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=22b90fe6-3017-071a-1ec8-919f98541d2e|1586503368; Version=1; Expires=Sat, 10-Apr-2021 07:22:59 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1586503379|mOgikimWiygu; Version=1; Expires=Sat, 25-Apr-2020 07:22:59 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 10 Apr 2020 07:22:59 GMT
content-type: text/html
content-length: 375
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd
u.openx.net/w/1.0/ Frame 81CA 0
0 7395ms
41ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash

Request headers

:method: GET
:authority: u.openx.net
:scheme: https
:path: /w/1.0/pd?gdpr=1&gdpr_consent=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=22b90fe6-3017-071a-1ec8-919f98541d2e|1586503368
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=22b90fe6-3017-071a-1ec8-919f98541d2e|1586503368; Version=1; Expires=Sat, 10-Apr-2021 07:22:59 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1586503379|mOgikimWiygu; Version=1; Expires=Sat, 25-Apr-2020 07:22:59 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 10 Apr 2020 07:22:59 GMT
content-type: text/html
content-length: 375
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 %7Bcombo_uid%7D
pr-bh.ybp.yahoo.com/sync/adaptv_ortb/ Frame 09CC 43 B
791 B 127ms
41ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adaptv_ortb/%7Bcombo_uid%7D

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 10 Apr 2020 07:22:52 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
status: 200
x-content-type-options: nosniff
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55953/ Frame 09CC
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
https://pixel.advertising.com/ups/55953/sync?uid=fbe12e1f-ed47-4941-bcf7-6afcf1022326&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=fbe12e1f-ed47-4941-bcf7-6afcf1022326
https://ups.analytics.yahoo.com/ups/55953/sync?uid=fbe12e1f-ed47-4941-bcf7-6afcf1022326&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=fbe12e1f-ed47-4941-bcf7-6afcf1022326&apid=1A1515e30c-7afc-11ea...

0
977 B

60ms
23ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=fbe12e1f-ed47-4941-bcf7-6afcf1022326&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=fbe12e1f-ed47-4941-bcf7-6afcf1022326&apid=1A1515e30c-7afc-11ea-8401-1222202f268e

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 07:22:52 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 10 Apr 2020 07:22:52 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=fbe12e1f-ed47-4941-bcf7-6afcf1022326&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=fbe12e1f-ed47-4941-bcf7-6afcf1022326&apid=1A1515e30c-7afc-11ea-8401-1222202f268e
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/57304/ Frame 09CC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc
https://pixel.advertising.com/ups/57304/sync?uid=CAESEFEPF7grSBnaxiKroL-c7tA&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFEPF7grSBnaxiKroL-c7tA&google_cver=1&apid=1A1515e30c-7afc-11ea-8401-1222202f268e

0
977 B

42ms
23ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFEPF7grSBnaxiKroL-c7tA&google_cver=1&apid=1A1515e30c-7afc-11ea-8401-1222202f268e

Requested by

Host: threatpost.com
URL: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 07:22:52 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 10 Apr 2020 07:22:52 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFEPF7grSBnaxiKroL-c7tA&google_cver=1&apid=1A1515e30c-7afc-11ea-8401-1222202f268e
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET

sync
sync.adap.tv/ Frame 09CC
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D&_test=XpAe0wAAAJyV-w9x
https://sync.adap.tv/sync?type=gif&key=tubemogul&uid=XpAe0wAAAJyV-w9x&_test=XpAe0wAAAJyV-w9x

0
0

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 3E0A 0
379 B 358ms
33ms Image
text/html 63.250.56.119
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=36&serverTime=1586503369&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&csuuid=5e901ec90c4d4&contentFileId=0&mediaPlayListId=0&cbuster=1586503371921&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.250.56.119 , United States, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:51 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.16
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 26ms
14ms Script
text/javascript 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Fri, 10 Apr 2020 07:22:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1582746470043195"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 5456
x-xss-protection: 0
expires: Fri, 10 Apr 2020 07:22:51 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/209/ Frame 0CF6 0
0 6ms
6ms Document
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/209/runner.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/209/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 5727
date: Fri, 10 Apr 2020 06:59:00 GMT
expires: Sat, 10 Apr 2021 06:59:00 GMT
last-modified: Tue, 25 Feb 2020 17:32:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1431
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
60 B 14ms
14ms Image
image/gif 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=209&t=2&li=gpt_2020040702&jk=4451232727642279&bg=!yMuly9NYUsKHzYie36sCAAAARFIAAAAQmQFaDE-XftH-xQWlZ3FsSxme6u4BlGlSHu3JcFQ83iUmXr0zkjYlF1xY0NcrfqkCr9IqeFF-VoksT6MsaE_H3lVm5jJ5JvAN2SBoatTTIC1PGhE3Nm0AUVPeDuigT5B5IsSuYFAzfh2VS1_n796VWRW7Qnv1uJNVp2A-YmYbgmwfArV0oUiuXKxGwpA2lnceuc08-A_b9Nh1i_oODxbRuwCdpI142A8B8isd4WUcZrbILrHb82A9Q71Ku3P_JXd4wmsVmji6TwAZHYmr42MGcBamgkFHHriM9IYbIzQrrS5KwUAlPpitpQI9t59b-e7SZP4xUlaJRmm3cCEp4JTcfEvsNVBTgIhGNJxlwO0FN7AwnX1q9d-ezyPEItihhhDkoh0dHDMZwvgqlYLyrSyItOpSu4ijRW3x8mqZzIy3CPMIMnAPduLeoCcQyAqEorvUkb4lkwnQY56eT1RmqA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:52 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 4468 0
0 60ms
20ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.9.13 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgI8ppIEAoYASABKAEwy73A9AU4AUABSAEQy73A9AUYAA..; uuid2=3493753525492841320
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

Connection: keep-alive
Content-Length: 506
Server: nginx/1.9.13
Content-Type: text/html
Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: W/"573e714d-3e3"
Expires: Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control: max-age=31536000
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 10 Apr 2020 07:22:52 GMT
Age: 21418856
X-Served-By: cache-jfk8123-JFK, cache-hhn4082-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1276778, 2225207
X-Timer: S1586503373.581861,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 52C3 0
0 320ms
30ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=22b90fe6-3017-071a-1ec8-919f98541d2e|1586503368
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=22b90fe6-3017-071a-1ec8-919f98541d2e|1586503368; Version=1; Expires=Sat, 10-Apr-2021 07:22:52 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1586503372|mOgikimWiygu; Version=1; Expires=Sat, 25-Apr-2020 07:22:52 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.183.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 10 Apr 2020 07:22:52 GMT
content-type: text/html
content-length: 375
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame E69C 0
0 363ms
46ms Document
text/html 23.213.164.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.164.238 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-164-238.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

Last-Modified: Tue, 04 Feb 2020 05:12:07 GMT
ETag: "13006b6-9f85-59db914d12ccf"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14955
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=161981
Expires: Sun, 12 Apr 2020 04:22:33 GMT
Date: Fri, 10 Apr 2020 07:22:52 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html
eus.rubiconproject.com/ Frame 82E0 0
0 21ms
20ms Document
text/html 104.109.78.125
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.78.125 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: rsid=1|AIfsdBUO++vuGxiryvY/OiLuoLISe5vB1nw/TZ2fPQ9yq+qYUnHjQcTybLrliuOkEkPC62XsWjn9CRWWAEnwKwjor1MAhVIF8C9/PYGHF3IsvGuqYKQxbvOoJKG3Nw==; ses15=; vis15=300372^1; khaos=K8TV5636-1O-1Y3V; audit=1|hLZGFuTafB0bLFXpVgtqi181asM7wLzExLE+oSAulfE3gC2sbs52J0D3pCcW8TpHcpj76PKZXj8oT2OqK/B16qwRNgFmLHdP; pux=1512%3D90056%262231%3D90056%262249%3D90056%262307%3D90056%262974%3D90056%263778%3D90056%26brx%3D90056%26idl%3D90056%26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Last-Modified: Fri, 03 Apr 2020 17:00:48 GMT
Content-Encoding: gzip
Content-Length: 9105
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=34533
Expires: Fri, 10 Apr 2020 16:58:25 GMT
Date: Fri, 10 Apr 2020 07:22:52 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK Cookie set beacon
ap.lijit.com/ Frame CE18 0
0 1364ms
31ms Document
text/html 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13394437
Requested by: Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Host: ap.lijit.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D; ljt_reader=7fd2f3502b0c55a8d0d021d5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

Server: nginx
Date: Fri, 10 Apr 2020 07:22:53 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Vary: Accept-Encoding
Expires: Fri, 20 Mar 2009 00:00:00 GMT
Set-Cookie: ljtrtbexp=eJxlj0EOgDAIBP%2FSswehUMCvGf%2FeRE%2BMx4HMstxDxiWeEaIV8xjaca3Os2PAlhN76IL4qorfJOEgI3EjkZnomAZ2MPIVvn775VnxMhpP%2BIY%2Bhjyrzg7f2%2F%2FPBr43Uuo%3D;Path=/;Domain=.lijit.com;Expires=Sat, 10-Apr-2021 07:22:53 GMT;Max-Age=31536000;Secure;SameSite=None ljt_reader=7fd2f3502b0c55a8d0d021d5;Path=/;Domain=.lijit.com;Expires=Sat, 10-Apr-2021 07:22:53 GMT;Max-Age=31536000;Secure;SameSite=None ljtrtb=eJyrrgUAAXUA%2BQ%3D%3D;Path=/;Domain=.lijit.com;Expires=Sat, 10-Apr-2021 07:22:53 GMT;Max-Age=31536000;Secure;SameSite=None
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
Content-Encoding: gzip
X-Sovrn-Pod: ad_ap1ams1

GET
H/1.1

200
OK

2000891.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame BB91
Redirect Chain

https://sync.serverbid.com/ss/2000891.html
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html

0
0

383ms
29ms

Document
text/html

205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html

Requested by

Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Response headers

Date: Fri, 10 Apr 2020 07:22:54 GMT
Connection: Keep-Alive
Accept-Ranges: bytes
Cache-Control: max-age=48124
Content-Length: 4947
Content-Type: text/html
Last-Modified: Wed, 20 Nov 2019 20:29:05 GMT
ETag: "1b0ebac83fe30af80513039edbdf566f"
x-amz-request-id: tx000000000000037be7815-005e8f894a-340a38f-nyc3a
Strict-Transport-Security: max-age=15552000; includeSubDomains; preload
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1586503374.dop027.pa1.t,1586503374.cds030.pa1.shn,1586503374.cds030.pa1.c

Redirect headers

status: 302
content-length: 0
location: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000891.html
cache-control: no-cache

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55946/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_sc&_origin=0
https://pixel.advertising.com/ups/55946/sync?uid=CAESEOAuTjLUiS59bAeyC01nmlk&_origin=0&google_cver=1
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEOAuTjLUiS59bAeyC01nmlk&_origin=0&google_cver=1&apid=1A1515e30c-7afc-11ea-8401-1222202f268e

0
999 B

21ms
21ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEOAuTjLUiS59bAeyC01nmlk&_origin=0&google_cver=1&apid=1A1515e30c-7afc-11ea-8401-1222202f268e

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 07:22:52 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 10 Apr 2020 07:22:52 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEOAuTjLUiS59bAeyC01nmlk&_origin=0&google_cver=1&apid=1A1515e30c-7afc-11ea-8401-1222202f268e
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
264 B 43ms
42ms Image
image/gif 54.77.139.233
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=aoladtech&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.139.233 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-139-233.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:22:52 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

GET
H2 204 current
aol-match.dotomi.com/match/bounce/ 0
104 B 104ms
71ms Image
text/plain 2a02:fa8:8806:16::1400
VCLK-EU-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aol-match.dotomi.com/match/bounce/current?networkId=60&version=1&nuid=1A1513d7d8-7afc-11ea-b492-12569b584e72&gdpr=0&gdpr_consent=&rurl=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55853%2Fsync%3Fuid%3D%24UID%26_origin%3D0%26gdpr%3D0%26gdpr_consent%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:16::1400 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Fri, 10 Apr 2020 07:22:52 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55950/
Redirect Chain

https://acuityplatform.com/Adserver/atds?getuserid=https://pixel.advertising.com/ups/55950/sync?uid=$UID&_origin=0
https://pixel.advertising.com/ups/55950/sync?uid=501865447012
https://ups.analytics.yahoo.com/ups/55950/sync?uid=501865447012&apid=1A1515e30c-7afc-11ea-8401-1222202f268e

0
1 KB

24ms
23ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55950/sync?uid=501865447012&apid=1A1515e30c-7afc-11ea-8401-1222202f268e

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 07:22:54 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 10 Apr 2020 07:22:54 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/55950/sync?uid=501865447012&apid=1A1515e30c-7afc-11ea-8401-1222202f268e
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/56465/
Redirect Chain

https://pixel.advertising.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/56465/sync?_origin=0&redir=true&gdpr=0&gdpr_consent=&apid=1A1515e30c-7afc-11ea-8401-1222202f268e
https://pr-bh.ybp.yahoo.com/sync/adtech/1A1515e30c-7afc-11ea-8401-1222202f268e?gdpr=0&gdpr_consent=
https://pixel.advertising.com/ups/56465/sync?uid=y-XVBGzpF1lxnFKn9XEwBfSVlVujL0Cp7csO9M&_origin=0&nsync=0
https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-XVBGzpF1lxnFKn9XEwBfSVlVujL0Cp7csO9M&_origin=0&nsync=0&apid=1A1515e30c-7afc-11ea-8401-1222202f268e

0
1 KB

24ms
24ms

Image
text/plain

18.156.0.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-XVBGzpF1lxnFKn9XEwBfSVlVujL0Cp7csO9M&_origin=0&nsync=0&apid=1A1515e30c-7afc-11ea-8401-1222202f268e

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

18.156.0.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.106 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://threatpost.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 07:22:52 GMT
Server: ATS/7.1.2.106
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status: 302
date: Fri, 10 Apr 2020 07:22:52 GMT
strict-transport-security: max-age=31536000
content-length: 0
location: https://ups.analytics.yahoo.com/ups/56465/sync?uid=y-XVBGzpF1lxnFKn9XEwBfSVlVujL0Cp7csO9M&_origin=0&nsync=0&apid=1A1515e30c-7afc-11ea-8401-1222202f268e
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 3E0A 0
379 B 33ms
33ms Image
text/html 63.250.56.119
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1586503369&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&csuuid=5e901ec90c4d4&contentFileId=0&mediaPlayListId=0&dur=500&cbuster=1586503374921&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.250.56.119 , United States, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:54 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.16
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK w_640_006.ts Show response
video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/ Frame 09CC 438 KB
438 KB 415ms
58ms XHR
video/mp2t 185.127.16.51
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/w_640_006.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: f69757c93185b3683e6a15d78035ceac9ebbc24f8585fcdfe5db8aaf8fe696b5

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 07:22:05 GMT
Last-Modified: Tue, 31 Mar 2020 14:48:04 GMT
Server: Tengine
ETag: "5e835824-6d77c"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 17 Apr 2020 07:22:05 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 448380
X-Proxy-Cache: HIT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 3E0A 0
379 B 34ms
33ms Image
text/html 63.250.56.119
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=25&serverTime=1586503369&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&csuuid=5e901ec90c4d4&contentFileId=0&mediaPlayListId=0&dur=1000&cbuster=1586503379562&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.250.56.119 , United States, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:59 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.16
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 3E0A 0
379 B 34ms
33ms Image
text/html 63.250.56.119
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1586503369&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&csuuid=5e901ec90c4d4&contentFileId=0&mediaPlayListId=0&dur=500&cbuster=1586503379921&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.250.56.119 , United States, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:22:59 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.16
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK w_640_007.ts Show response
video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/ Frame 09CC 382 KB
382 KB 1833ms
1832ms XHR
video/mp2t 185.127.16.51
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/w_640_007.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: c662a01ce2c5d874595e715348e41d38899b4bef490ef5c4833e8918ee5e95bf

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 07:22:13 GMT
Last-Modified: Tue, 31 Mar 2020 14:48:05 GMT
Server: Tengine
ETag: "5e835825-5f608"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 17 Apr 2020 07:22:13 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 390664
X-Proxy-Cache: HIT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 3E0A 0
379 B 33ms
33ms Image
text/html 63.250.56.119
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1586503369&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&csuuid=5e901ec90c4d4&contentFileId=0&mediaPlayListId=0&dur=500&cbuster=1586503384921&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.250.56.119 , United States, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:23:04 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.16
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 09CC 143 B
838 B 30ms
29ms XHR
application/json 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

d05cd90b53a4348207f2359c88df7370b60e62e5c7aad6918ae1815268103e7e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:23:07 GMT
X-Proxy-Origin: 195.242.213.148; 195.242.213.148; 538.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.44:80
AN-X-Request-Uuid: fbd6ac7c-0fcc-4440-8d99-9ce44aec8fcc
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 143
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ Frame 09CC 0
215 B 126ms
69ms XHR
application/json 18.185.23.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.185.23.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-185-23-43.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://threatpost.com
Access-Control-Allow-Credentials: true
Server: adaptv/1.0
Connection: keep-alive
Content-Length: 0
Content-Type: application/json

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ Frame 09CC 141 B
362 B 316ms
31ms XHR
application/json 52.29.59.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.29.59.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-29-59-145.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 2a7a06ec23d89057ee5e3127711b57b45a83e6705d3f68bb276d1aeaef991ad3

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:23:05 GMT
content-encoding: gzip
status: 200
content-type: application/json
access-control-allow-origin: https://threatpost.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 149
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 09CC 0
115 B 325ms
28ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Fri, 10 Apr 2020 07:23:05 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://threatpost.com

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 09CC 25 B
988 B 1150ms
78ms XHR
application/json 23.213.165.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=435870&v=8.1&r=%7B%22id%22%3A%222732ac80f1eed45%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2228d63f5e4d8baf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22435870%22%2C%22sid%22%3A%22320x180%22%7D%2C%22bidfloor%22%3A0.86%2C%22bidfloorcur%22%3A%22USD%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22api%22%3A%5B1%2C2%5D%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22w%22%3A320%2C%22h%22%3A180%2C%22placement%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1&nf=1&
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.213.165.44 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-165-44.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 635d76c0e48cca9eff651b94571c6ee380ab6d7c8eb8986e6548d02aa7062020

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:23:06 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://threatpost.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Fri, 10 Apr 2020 07:23:06 GMT

GET
H2 200 avjp Show response
teachingaids-d.openx.net/v/1.0/ Frame 09CC 92 B
351 B 67ms
36ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://teachingaids-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=dfac7eda-b03d-4054-ae61-c9248819d35d&nocache=1586503385002&gdpr_consent=&gdpr=1&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&skip=1&auid=540882779&vwd=320&vht=180&
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash: 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:23:05 GMT
via: 1.1 google
server: OXGW/16.183.0
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 92
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 3E0A 43 B
463 B 33ms
33ms Image
image/gif 63.250.56.119
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=6&serverTime=1586503369&s=58057&sta=12381400&x=320&y=180&msta=12348808&vid_vastType=3&vid_viewabilityState=1&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&playbackMethod=auto&isApp=0&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&csuuid=5e901ec90c4d4&rvn=${VP_RVN_MACRO}&attemptMultiplier=10&contentFileId=0&mediaPlayListId=0&playerVer=3.0.0&cbuster=1586503384995&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.250.56.119 , United States, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:23:04 GMT
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.16
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000
Content-Disposition: inline; filename="pixel.gif"
Content-Type: image/gif
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 avjp Show response
primis-d.openx.net/v/1.0/ Frame 09CC 92 B
292 B 58ms
56ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.1&dddid=4fd992cb-11c7-4e53-9b25-16eba66d7304&nocache=1586503386155&gdpr_consent=&gdpr=1&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C!primis.tech%2C19668%2C1%2C%2C%2C&skip=1&auid=540392761&vwd=320&vht=180&
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.2.44.3_2.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.183.0 /
Resource Hash: 004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Apr 2020 07:23:06 GMT
via: 1.1 google
server: OXGW/16.183.0
status: 200
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://threatpost.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 92
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK w_640_008.ts Show response
video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/ Frame 09CC 445 KB
445 KB 60ms
60ms XHR
video/mp2t 185.127.16.51
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/w_640_008.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 91249434f1fc3497fcc3806c8c5bc8d31f901492b761e7bdf9b734b7fb539509

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 07:22:17 GMT
Last-Modified: Tue, 31 Mar 2020 14:48:07 GMT
Server: Tengine
ETag: "5e835827-6f364"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 17 Apr 2020 07:22:17 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 455524
X-Proxy-Cache: HIT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 3E0A 0
379 B 35ms
35ms Image
text/html 63.250.56.119
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=25&serverTime=1586503369&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&csuuid=5e901ec90c4d4&contentFileId=0&mediaPlayListId=0&dur=1000&cbuster=1586503389560&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.250.56.119 , United States, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:23:09 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.16
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 3E0A 0
379 B 33ms
32ms Image
text/html 63.250.56.119
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1586503369&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&csuuid=5e901ec90c4d4&contentFileId=0&mediaPlayListId=0&dur=500&cbuster=1586503389922&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.250.56.119 , United States, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:23:09 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.16
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK w_640_009.ts Show response
video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/ Frame 09CC 382 KB
382 KB 60ms
59ms XHR
video/mp2t 185.127.16.51
CLOUDWEBMANAGE-UK-1

General

Check archive.org

Show headers Download Go to

Full URL: https://video.sekindo.com/uploads/cn11/video/users/hls/28530/video_5d5baf9fe4c32389620327/vid5e832537d83c4485940751.mp4/w_640_009.ts
Requested by: Host: live.sekindo.com
URL: https://live.sekindo.com/content/video/hls/hls.0.12.4_1.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.127.16.51 London, United Kingdom, ASN210329 (CLOUDWEBMANAGE-UK-1, GB),
Reverse DNS
Software: Tengine /
Resource Hash: 26875f590616876bc87bde8ad54ad13a7d23deafc353e43591be3d2993cc41a7

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
Origin: https://threatpost.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 10 Apr 2020 07:22:23 GMT
Last-Modified: Tue, 31 Mar 2020 14:48:08 GMT
Server: Tengine
ETag: "5e835828-5f608"
Content-Type: video/mp2t
Access-Control-Allow-Origin: *
Expires: Fri, 17 Apr 2020 07:22:23 GMT
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=25
Content-Length: 390664
X-Proxy-Cache: HIT

GET
H/1.1 200
OK liveView.php
live.sekindo.com/live/ Frame 3E0A 0
379 B 34ms
33ms Image
text/html 63.250.56.119
CLOUDWEBMANAGE-EU

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=42&serverTime=1586503369&s=101281&sta=0&x=300&y=250&vid_passDomain=threatpost.com&subId=threatpost.com&debugInformation=&isApp=0&userIpAddr=195.242.213.148&userUA=Mozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F74.0.3729.169%20Safari%2F537.36&csuuid=5e901ec90c4d4&contentFileId=0&mediaPlayListId=0&dur=500&cbuster=1586503394921&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.250.56.119 , United States, ASN41436 (CLOUDWEBMANAGE-EU, GB),
Reverse DNS
Software: nginx / PHP/7.3.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://threatpost.com/cisco-critical-update-phishing-webex/154585/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Pragma: no-cache
Date: Fri, 10 Apr 2020 07:23:14 GMT
Content-Encoding: gzip
Server: nginx
Age: 0
X-Powered-By: PHP/7.3.16
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Cache-Control: no-store
Content-Type: text/html; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg

Domain: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg

Domain: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png

Domain: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2

Domain: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2

Domain: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2

Domain: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-light.svg

Domain: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/twitter-blue.svg

Domain: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg

Domain: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png

Domain: threatpost.com
URL: https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/photo-newsletter.jpg

Domain: ads.adaptv.advertising.com
URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=TeachingAidsLLC

Domain: pixel.quantserve.com
URL: https://pixel.quantserve.com/pixel;r=837234175;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fcisco-critical-update-phishing-webex%2F154585%2F;fpan=1;fpa=P0-1484324915-1586503370037;ns=0;ce=1;qjs=1;qv=5a08e0c-20200407111623;cm=;gdpr=0;ref=;je=0;sr=1600x1200x24;enc=n;dst=1;et=1586503370037;tzo=-120;ogl=image.https%3A%2F%2Fmedia%252Ethreatpost%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F103%2F2020%2F04%2F08155232%2Fcisco%2Ctype.article%2Ctitle.Cisco%20%E2%80%98Critical%20Update%E2%80%99%20Phishing%20Attack%20Steals%20Webex%20Credentials%2Cdescription.Emails%20purporting%20to%20be%20a%20Cisco%20%22critical%20security%20advisory%22%20are%20actually%20part%20o%2Curl.https%3A%2F%2Fthreatpost%252Ecom%2Fcisco-critical-update-phishing-webex%2F154585%2F

Domain: t.co
URL: https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=ntt0j&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Domain: sync.adap.tv
URL: https://sync.adap.tv/sync?type=gif&key=tubemogul&uid=XpAe0wAAAJyV-w9x&_test=XpAe0wAAAJyV-w9x

Verdicts & Comments Add Verdict or Comment

263 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 02:12:55	Name: IDE Value: AHWqTUnyN87qbPxuyEhHC5_GEcb8LHstEQAz0EonVFKxL59wIqtw8aSGBw-V6au7
.threatpost.com/	1970-01-19 08:41:43	Name: _gat_UA-35676203-21 Value: 1
.threatpost.com/	1970-01-20 02:12:55	Name: __gads Value: ID=a76a17a25aa18e83:T=1586503369:S=ALNI_MYkxL29AWtHN9wCs2EdlF2gxvqLzw
.threatpost.com/	1970-01-19 08:43:09	Name: _gid Value: GA1.2.1196071620.1586503369
.threatpost.com/	1970-01-20 02:12:55	Name: _ga Value: GA1.2.320803153.1586503369

25 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 315) Message: gBrowserWidth =1600
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 340) Message: OpenX Slot defined for /21707124336/ThreatPost-970x250-ATF div-gpt-ad-6794670-2
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 340) Message: OpenX Slot defined for /21707124336/ThreatPost-300x250-ATF div-gpt-ad-6794670-3
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 340) Message: OpenX Slot defined for /21707124336/ThreatPost-300x600-ATF div-gpt-ad-6794670-5
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/ros-layout.js(Line 340) Message: OpenX Slot defined for /21707124336/ThreatPost-2x2-Skin div-gpt-ad-6794670-1
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 3) Message: CMP: Locale=en-us gdpr= false
console-api	log	URL: https://qd.admetricspro.com/js/threatpost/cmp.js(Line 3) Message: GDPR is not applicable, skipping initialization of CMP
console-api	log	(Line 3) Message: Not calling apstag.init() typeof(kAmazonPublisherID)=undefined
console-api	log	(Line 3) Message: ENGINE: gSChainNodes found, prebid configured with 1 supply chain object(s)
console-api	log	(Line 3) Message: Initial Ad Load
console-api	log	(Line 3) Message: sendBidRequests() gPBJSTimeoutTimer=null pbjs.adserverRequestSent=undefined
console-api	log	(Line 3) Message: pbjs bids returned
console-api	log	(Line 3) Message: gPBJSTimeoutTimer cleared
console-api	log	(Line 3) Message: sendAdserverRequest(): pbjsBidsBack
console-api	log	(Line 3) Message: sendAdserverRequest()
console-api	log	(Line 3) Message: Not calling apstag.setDisplayBids() gAmazonBidsBack=false
console-api	log	(Line 3) Message: pbjs.getAdserverTargeting: >> Prebid
console-api	log	(Line 3) Message: [object Object]
console-api	log	(Line 3) Message: pbjs.getBidResponses:
console-api	log	(Line 3) Message: [object Object]
console-api	log	(Line 3) Message: gThisRefreshSlots=
console-api	log	(Line 3) Message: [object Object],[object Object],[object Object],[object Object]
console-api	log	(Line 3) Message: sendAdserverRequest(): ---> Calling googletag.pubads().refresh()
console-api	log	(Line 3) Message: console.groupEnd
console-api	info	URL: https://cdn.ampproject.org/rtv/012003262059300/amp4ads-v0.js(Line 407) Message: Powered by AMP ⚡ HTML – Version 2003262059300 https://threatpost.com/cisco-critical-update-phishing-webex/154585/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
acuityplatform.com
ads.adaptv.advertising.com
ads.pubmatic.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
analytics.twitter.com
aol-match.dotomi.com
ap.lijit.com
as-sec.casalemedia.com
assets.threatpost.com
c.amazon-adsystem.com
cdn.ampproject.org
cm.g.doubleclick.net
e.serverbid.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
hbopenbid.pubmatic.com
ib.adnxs.com
kasperskycontenthub.com
live.sekindo.com
match.adsrvr.org
media.threatpost.com
pagead2.googlesyndication.com
pixel.advertising.com
pixel.quantserve.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
primis-d.openx.net
qd.admetricspro.com
rules.quantcount.com
secure.quantserve.com
securepubads.g.doubleclick.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
static.ads-twitter.com
stats.g.doubleclick.net
sync.adap.tv
sync.serverbid.com
t.co
tagan.adlightning.com
teachingaids-d.openx.net
threatpost.com
tpc.googlesyndication.com
u.openx.net
ups.analytics.yahoo.com
video.sekindo.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.reddit.com
ads.adaptv.advertising.com
pixel.quantserve.com
sync.adap.tv
t.co
threatpost.com
104.109.78.125
104.244.42.67
13.225.73.24
13.225.86.250
134.209.129.254
134.209.131.220
151.101.112.157
151.101.113.108
152.199.22.24
154.59.122.74
172.217.22.98
18.156.0.31
18.185.23.43
185.127.16.51
185.167.96.40
185.220.205.220
185.33.223.206
185.64.189.112
199.232.53.140
205.185.216.10
216.52.2.19
216.58.208.34
23.213.164.238
23.213.165.44
2600:9000:2156:2a00:2:9275:3d40:93a1
2600:9000:2156:c00:6:44e3:f8c0:93a1
2600:9000:21f3:c400:0:5c46:4f40:93a1
2606:4700:3036::681b:86bc
2a00:1288:110:c305::8000
2a00:1450:4001:800::2003
2a00:1450:4001:806::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::200a
2a00:1450:4001:816::2001
2a00:1450:4001:818::2002
2a00:1450:4001:81a::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:81c::200e
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::2008
2a00:1450:4001:820::2004
2a00:1450:4001:821::2003
2a00:1450:4001:825::2002
2a00:1450:400c:c00::9d
2a02:fa8:8806:16::1400
2a03:2880:f02d:e:face:b00c:0:2
2a05:f500:10:101::b93f:9101
34.95.120.147
35.158.17.58
35.173.160.135
37.252.172.250
52.29.59.145
54.77.139.233
63.250.56.119
69.173.144.141
72.251.249.14
91.228.74.218
004e5faf0bf890f61697daeede9f21826affd1137fb2cb58eaf4719937a04a14
00d4fbacbadc6ecbd73be323ec77febf3d856ce00dc5334d06462a315c7da8e7
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7
0d44327d4c43582dd7875d7fec06e63878f33f9e1b02822ee4a69fd058e01354
0eeb4ba88863b588948f115b2c80169ebaa2cb6c466229da9c0fd13efbe6ed4a
0f04fbf70635f11eefedf0749971d89ace6c0c7cbe432a2abba2351a439063b6
10ba4b86c6c7566ff87535ac9d33ebdb537bb3c12cd393e7b75e974d7e01a449
13da351bcba23848443b31a1fdc424b9a64889dd6e7679f371d78f9699a8b3bb
172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
1c557ef7cd593fc1fbf78af8ad08bc15e6537018c88d132c5f2f502edf29e26e
1d076f33deb9aa7e65ec01acbeaf7a4d8381d0c18c9a0cd2eda54fe85f2a9859
1d36800d5a9c72e02424db4f2ee2d3e3391388e8b7e863533f73c788df14ab5e
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1ebaa68ae735bb43768fc0a6d50ad75cbf2e30bbd58fe55d828c71cad167c7b0
2619b3a198327e7dc324c1e4bb2f8efa64179945926069fde3f93b00343caf79
26875f590616876bc87bde8ad54ad13a7d23deafc353e43591be3d2993cc41a7
29f9503a89e2b1f106a8c929b2e1b9acaf8d829bb6b1ba8a8755d64e433ffda1
2a7a06ec23d89057ee5e3127711b57b45a83e6705d3f68bb276d1aeaef991ad3
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2aedde3f7c3180f50d654c8e1f9c29402516066a10d9f4f1b5fe1366519cd3b2
2ee5b7690b25ec1fc9c677ff8be58a101a96b0a3ca0711ddc86ba778e52a7bc1
2fbc4f9d9a2ef67033fbcc310d9e200a2c20049f24baaa95605ad62a8c404366
3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
325d09d9da6b89ba888417f624bb827b288358fd14cafe3d25cae424c648b5be
3369ba8c1759eac291cbdccf3f156cf193c0c4ac33c4ef72455bb38631dd2581
39c06ae3cf3326dbd42a923c718d88d990131a0576c5cc40ab3b65c53f176941
3d8d4b063dc9f756791c9516cd107424f7f72dbb65f4185bfa9b24ffe9dcc776
3fb953f86407b3087aaadfde33ac054efcc6f459f71388f3bfb901768d0bebfb
4275d3aff575b716ea38a91c516d8c591c9897d54fb5f88f139a9a2396634c21
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7
476bf675bdd42df21a5d2db3c947c1f3fc0ae6eb940b6185ebff8dc48167fbb6
487214b4019bdcde555ab419d3074f75aae877d58c0b328b0e82fb5993aeb46e
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d30ac22ab046870c2859ae90b8598967936e693bf0773ef5e41dae33a04f0a5
4e16c98707c96cfd08772a34827f5c3650b6c03d049ed6d622fb276f969f73ff
4ee36d77a67f176a8468c3fafd5c230a2b8584293b81221b004619e700f84106
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70
543d1cf5b948127201bb68b70cd8b6cd02a71489e37a929c856d39ee8052c610
558625955df0fb55b481180feaba87793b0775fda00bb17b5f83e9c85c4340ed
561fde11244d78e18a8b2b74c65cf0c79998caf8babc358272c552d27a9fe2a6
568a733005e0074eecbb5845f42f2937f3f08026e451517675686ccec40d1a90
5783720bbd3350ffb6d544a2982c620f8f0da3747e8e31c09a3d25968c06e1d4
58f54960d8174f03664ac6c99001deac6f2ae705ed075609011e77984bda1a65
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b1b3e1dbec0a6b898bf6b8f17caa692c112ba2d215a1300b1c014c75f9f5ad8
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5e00db38c7c200422a1b2604eccaee91db1aa7dd5aead5383f62b85cead19068
612d76be55c90a8f0dbac4326ef715bcdb017d469ee00dd8d3265e19336c5029
635d76c0e48cca9eff651b94571c6ee380ab6d7c8eb8986e6548d02aa7062020
645db1049f2ffb2e226745ed4273aedb5d7ae501dcb6abb1296dbf8e94101c28
6474ee05294dc02ecb3149b02d443d02e3dc3da0929ee6f5fb99a4e889184d4b
68757f9755dfa27a25d377837030ba568d225fac72639f44bb5706c9d966824a
6aa7805210217646c3d658860971b320dd622fe4b694ec4a482573e20107e645
6cdc57f82f4b0d09e5b4e584ca4736cd3871f20563d4ce25120b057d8ffb4eb2
6ce8e9e137ee6f76fc6b9d1be5e70fdc9b354a976607081d0987c4ff05243369
6d11ed4f44f125cb56f0f2e897d63091dfb4e57c4b0c5d356cf3bf59bdd14e15
740078cb1778d885689a3108d2ca696b01fd80cb73437528af4ed0dd6e7466b7
76102878c1198de858725194952ba1c6b35bdee0f870cc6a124e93d17385e64e
76ba07e059d9e2113f9c940f1a31efc95bd9d5badd68bbc3637177e892a08099
7901a338459c22c0342032a67f88fcff22553652e5b09beb907c79bd5e309f6c
7b39de55a44cfca0e37dd405f6316bd6421c6f1fb41e525fc182e10afe8bf3a8
7d01362edd2f0fd6c801bb3edc24980e3738646e96732b9073a51a81355678db
7d0492c66125b1c2bdc419641e41542857e7d90e323d355ee0b8bb268da121fb
7d9944f6f4e2d0330ca2a9d758a404fdca5937f4a0ddf939247ca3505f9f0bbc
7db771dfd78d610efe6a458f8a61ca337822daec22794b11fd8d2e1e484fe94e
7ffa5a5714cf8e17ea3c8e6be9540cfbeb30a3dded2a918fa129f0b67d778cae
81e759191d47efe43cd633d6eef12bf1a750be76490f71c636700b7c2eb06888
85d57eabdb95d5f5376132df0225191f15b8a3954a94c6675b8f9e1f3481307e
88fac77b8933dac7b84ea3814ff0a10d2daeb8543644c0e2be63a627ff7e6aac
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9060fb01746d2d2767d8bbc547fe3b8c5dc9ac671f777fede7c11a7fc3802316
91249434f1fc3497fcc3806c8c5bc8d31f901492b761e7bdf9b734b7fb539509
92236ba12e109fff1e82ecabec1eda229af59c8374c54374a38a46dc01f53559
92d0171289868d45a2099f1e0507824921169d4e8048aaecdf52802adae3c939
93e3c665b7b56aa7afb03e4d4b30b38b9e4b248962612150f2f06fa7e9a1dc4e
952fc0e277367f525e3b2e0039a99edc460efab47f3939d5199a76534efe1030
97e3ee10484ae3b41f67b3233dc9c27df8110105ef4ddd86c2072fc2dbbd9ee5
97e52bbd68ce963ade1b31e922a2f61d11d099714706554695303bda4d36c920
993ebc45d9927d420801f05819222e8cc1aa523187e4c0b290df02b23ce18093
9b42bbd5450ab8a8b966866f452365736dd4c548b930cf6f612f47df65352ee7
9b6e3acc81d4b6dc56378433258b1acf5df943737aeb6ccb2bacab4e2f348f58
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9d9b846e55f01d2f7e09f99ed502d61f7c673ce3cd259c1bb9d4d24b310e705c
9f40f7297122393e1425eec62e78a75c3211f7ad3f6b09a356aa317fcedc2cf3
a2e2059610101cb4718d6d9cf8d6e44243838304968710f35ed7f44188a9c279
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a3fc9dd3347cdc4876e13d4b40188863e521dc77284fbc0b01107192f1cb7755
a47f17d6ebbf4621d8fe87ab790d8d8fb5c3086629194d9ff2d64faaa6e46ab6
a58db5adf9958450ff7368808e322df972146f6c86546e471b0608af84e93bb3
a968b405c5b4dcd85f76e5400c41930968710351102d83a80cf114ad7549b5d0
a9ccdefe0a821df80b8292afc4991c8f61a16a5d1b6507bc0409a50d7cd805d1
aa64fa30a3263fa3105736228a6feaaa4f7d32d8ef96b12e56f6fb95511b66a7
aaf45a172ec90c76bcecd61c68d998c2256fe9b1700371e80011d1161c5ab629
ace61d80f3fe90bbb02ab328d9705b57a9c8a95d3a0bf6b4cd510d4dacd033df
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be
ae7714d4eb8acee0b6fadfbc955be9c3be8d0eb7789caa7bb104fb47ec40678d
afbb3f85073bf0b7c98647a860091228baa81d5763773c2aa4f80b23254e8fcd
b546be5b42d65b5d2eb3ef247886a1d692512462946bac11547df2a0a5ed02a2
b8a79df726a07ee5e793ddb65ef0f88f736ab5c66ea4d5fd6ff25adb2c69df15
ba0c265ab3075d53058c5bf389da28a977c6a6629d084472fea1a79f2a72354f
ba0e3f27ba7e49eb87630a4f390a4f595eda0aadd9828ac1b6bd00c6c7b0ff72
bcf391dd0b006a87698ac0894d71039d610480913d24fcdaa1f2fdeeeda943e3
c19c199501ff93ffd360da87cda5a21fb2ade9d9138b64fd9334d7ef90de2d2f
c3068d1a44489c7e5d45702c988a70e4a4a9c53869b9e323c2d190b4c9620f28
c662a01ce2c5d874595e715348e41d38899b4bef490ef5c4833e8918ee5e95bf
c9c35c6377a52093f4c4f766b5c528106835a654c31b3bba5015d79826633441
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce37e7f8c6a4c89cfdcf052dddb45e423295c90d0db72c430630ae8ce9b7c424
d05cd90b53a4348207f2359c88df7370b60e62e5c7aad6918ae1815268103e7e
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
da8c4bacc841dac6fd247e95d34e81f9896c52f1c9560e1dc300b628c37330d1
db160b08d95a086db788d5b5e805234e9f72ef95a2298ec1e634476ee4388ed1
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e115986479f27b4d9eea43d5711ab4bf0efa822af0608dc60132a94c17e099eb
e15f6c29e9985d9a9fc5ae3daccd4bf0b754793fb2c8d1e130d02ab9f6b2a267
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e3744c0470adc84e06268061a600d99189879a31d03d15e9b35caf192135f877
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e05b274c76d548e39c6633af671d715bd1be28a929ab47a5ae8d29ff120df7
e4be5b94ae5d44559ee0e809b87774c6f6e3df1c523e6ab24e31977e965e76a8
e69b4aedd4ba4df00f7340e4a299dacca0abd06295d6c871f6816ea07db2507c
e935e13f2755e12f66b4f00277f45a7270654303725e204ed3418767ea247230
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ebfb9f1779b5e8f9d0c34a73a15fa49a24faaa26384eab3ab664bef0feb03603
ed9c7989265558a3160e24120c85791ed57c53a5ba859b91dcee35f6832c647e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f19e7ee6cdf20bd478c037707c447b7cd469051de4dadeac32a795efb463c2e2
f69757c93185b3683e6a15d78035ceac9ebbc24f8585fcdfe5db8aaf8fe696b5
f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6
f878657d8c4e55f567bf2c95eeaeba148274132d5b6ff6d9068f0e0cb73392ab
f9ff7a42683a015d70a495d75eb1df28a339cf7cf093b683728f5d61e2bcc8d2
fa5ae4eac062cd4bfb55a379661314e88d8814e570b09be42aa29598dd58092b
fb30d19bfdc58c092bdabad889657613116021c0d07e936fdb3e9e5dbd669872
fc31235164285506e9bfbff1e3b514810a5908a36c2d6f254d580bc77778fe75
fc3e9a47af4edfea54db13c18dd0e82534c32784aba18faf54600222e169209a
fc779ed4b68ce5dd06e03975290beea0d406ced77103fae7d1a65ad015d358fb
fd920468078f9ce3bd928870d328f15f530bd07ef49098cc310acee65e9e9284

threatpost.com Open in urlscan Pro 35.173.160.135 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

246 Requests

93 %HTTPS

40 %IPv6

38 Domains

60 Subdomains

53 IPs

8 Countries

8051 kBTransfer

12261 kBSize

5 Cookies

19 Outgoing links

Redirected requests

246 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

threatpost.com Open in urlscan Pro
35.173.160.135 Public Scan

Screenshot
Live screenshot

Full Image

246
Requests

93 %
HTTPS

40 %
IPv6

38
Domains

60
Subdomains

53
IPs

8
Countries

8051 kB
Transfer

12261 kB
Size

5
Cookies

246 HTTP transactions
6 data transactions