arstechnica.com Open in urlscan Pro
18.188.231.255 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-t...
Submission: On January 19 via manual (January 19th 2023, 11:35:32 am UTC) from US — Scanned from DE

Summary HTTP 139 Redirects Links 66 Behaviour Indicators

Summary

This website contacted 38 IPs in 5 countries across 27 domains to perform 139 HTTP transactions. The main IP is 18.188.231.255, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is arstechnica.com. The Cisco Umbrella rank of the primary domain is 27797.
TLS certificate: Issued by Amazon on October 29th 2022. Valid for: a year.

This is the only time arstechnica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	18.188.231.255 18.188.231.255	16509 (AMAZON-02) (AMAZON-02)
25	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
9	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
2	18.66.23.213 18.66.23.213	16509 (AMAZON-02) (AMAZON-02)
1	172.64.151.162 172.64.151.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6813:da83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.139.128.10 151.139.128.10	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:400d:802::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:1b55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.224.52.77 3.224.52.77	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.66.35 65.9.66.35	16509 (AMAZON-02) (AMAZON-02)
3	13.32.27.22 13.32.27.22	16509 (AMAZON-02) (AMAZON-02)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
2	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4032	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	54.195.68.237 54.195.68.237	16509 (AMAZON-02) (AMAZON-02)
1	143.204.208.5 143.204.208.5	16509 (AMAZON-02) (AMAZON-02)
1	151.101.192.239 151.101.192.239	54113 (FASTLY) (FASTLY)
1	52.54.240.100 52.54.240.100	14618 (AMAZON-AES) (AMAZON-AES)
2	72.21.195.65 72.21.195.65	16509 (AMAZON-02) (AMAZON-02)
2	34.225.22.62 34.225.22.62	14618 (AMAZON-AES) (AMAZON-AES)
42	99.86.247.171 99.86.247.171	16509 (AMAZON-02) (AMAZON-02)
1	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
3	143.204.214.81 143.204.214.81	16509 (AMAZON-02) (AMAZON-02)
1	199.232.18.132 199.232.18.132	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400d:80e::2006	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	52.20.148.9 52.20.148.9	14618 (AMAZON-AES) (AMAZON-AES)
5	18.66.15.129 18.66.15.129	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.95 70.42.32.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	104.111.217.162 104.111.217.162	16625 (AKAMAI-AS) (AKAMAI-AS)
139	38

1 18.188.231.255 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-188-231-255.us-east-2.compute.amazonaws.com

arstechnica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.arstechnica.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.23.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-213.vie50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:da83 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.mediavoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
plugin.mediavoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1b55 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.224.52.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-52-77.compute-1.amazonaws.com

api.cnevids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-35.fra56.r.cloudfront.net

cdn.memo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.27.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-22.fra56.r.cloudfront.net

player.cnevids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4032 (United States)

ASN13335 (CLOUDFLARENET, US)

polarcdn-terrax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.195.68.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-195-68-237.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.208.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-208-5.fra53.r.cloudfront.net

z-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.239 (United States)

ASN54113 (FASTLY, US)

api.condenast.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.54.240.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-240-100.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.195.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

assoc-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.225.22.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-22-62.compute-1.amazonaws.com

elsa.memoinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 99.86.247.171 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-247-171.vie50.r.cloudfront.net

dwgyu36up6iuz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.214.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-81.fra53.r.cloudfront.net

d2c8v52ll5s99u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.18.132 (Vienna, Austria)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.20.148.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-148-9.compute-1.amazonaws.com

capture.condenastdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.15.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-129.vie50.r.cloudfront.net

dp8hsntg6do36.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.162 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-162.deploy.static.akamaitechnologies.com

images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	cloudfront.net dwgyu36up6iuz.cloudfront.net d2c8v52ll5s99u.cloudfront.net dp8hsntg6do36.cloudfront.net	2 MB
25	arstechnica.net cdn.arstechnica.net — Cisco Umbrella Rank: 45656	1004 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 381	220 KB
7	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1273 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3118 odb.outbrain.com — Cisco Umbrella Rank: 1473 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5618	116 KB
6	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 3398 r.skimresources.com — Cisco Umbrella Rank: 3261 t.skimresources.com — Cisco Umbrella Rank: 3404 p.skimresources.com — Cisco Umbrella Rank: 4428	15 KB
5	cnevids.com api.cnevids.com — Cisco Umbrella Rank: 90178 player.cnevids.com — Cisco Umbrella Rank: 17882	74 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 427	376 KB
3	associates-amazon.com z-na.associates-amazon.com — Cisco Umbrella Rank: 7599 assoc-na.associates-amazon.com — Cisco Umbrella Rank: 3429	4 KB
3	moatads.com z.moatads.com — Cisco Umbrella Rank: 446 mb.moatads.com — Cisco Umbrella Rank: 720 px.moatads.com — Cisco Umbrella Rank: 531	78 KB
2	outbrainimg.com images.outbrainimg.com — Cisco Umbrella Rank: 2131	366 KB
2	memoinsights.com elsa.memoinsights.com — Cisco Umbrella Rank: 27088	1 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190	130 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 619	530 B
2	mediavoice.com cdn.mediavoice.com — Cisco Umbrella Rank: 40047 plugin.mediavoice.com — Cisco Umbrella Rank: 37700	140 KB
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 293	48 KB
1	condenastdigital.com capture.condenastdigital.com — Cisco Umbrella Rank: 15955	48 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 153	28 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	17 KB
1	casalemedia.com as-sec.casalemedia.com — Cisco Umbrella Rank: 1460	500 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 4435	166 B
1	condenast.io api.condenast.io — Cisco Umbrella Rank: 25089	6 KB
1	polarcdn-terrax.com polarcdn-terrax.com — Cisco Umbrella Rank: 6952	438 B
1	memo.co cdn.memo.co — Cisco Umbrella Rank: 32685	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	128 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 605	15 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	28 KB
1	arstechnica.com arstechnica.com — Cisco Umbrella Rank: 27797	17 KB
139	27

	Domain	Requested by
42	dwgyu36up6iuz.cloudfront.net	arstechnica.com d2c8v52ll5s99u.cloudfront.net
25	cdn.arstechnica.net	arstechnica.com cdn.arstechnica.net
9	cdn.cookielaw.org	arstechnica.com cdn.cookielaw.org
5	dp8hsntg6do36.cloudfront.net	arstechnica.com d2c8v52ll5s99u.cloudfront.net
4	widgets.outbrain.com	arstechnica.com widgets.outbrain.com
3	d2c8v52ll5s99u.cloudfront.net	player.cnevids.com d2c8v52ll5s99u.cloudfront.net
3	imasdk.googleapis.com	player.cnevids.com imasdk.googleapis.com
3	player.cnevids.com	arstechnica.com cdn.arstechnica.net player.cnevids.com
2	images.outbrainimg.com	arstechnica.com
2	elsa.memoinsights.com	cdn.memo.co
2	assoc-na.associates-amazon.com	z-na.associates-amazon.com
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	p.skimresources.com	arstechnica.com
2	t.skimresources.com	arstechnica.com s.skimresources.com
2	api.cnevids.com	cdn.arstechnica.net
2	geolocation.onetrust.com	cdn.cookielaw.org
2	c.amazon-adsystem.com	arstechnica.com c.amazon-adsystem.com
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	capture.condenastdigital.com	arstechnica.com
1	connect.facebook.net	d2c8v52ll5s99u.cloudfront.net
1	s0.2mdn.net	imasdk.googleapis.com
1	odb.outbrain.com	widgets.outbrain.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	px.moatads.com	arstechnica.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	api.condenast.io	player.cnevids.com
1	z-na.associates-amazon.com	www.googletagmanager.com
1	mb.moatads.com	z.moatads.com
1	polarcdn-terrax.com	cdn.mediavoice.com
1	plugin.mediavoice.com	cdn.mediavoice.com
1	widget-pixels.outbrain.com	arstechnica.com
1	r.skimresources.com	s.skimresources.com
1	cdn.memo.co	arstechnica.com
1	www.googletagmanager.com	arstechnica.com
1	s.skimresources.com	arstechnica.com
1	cdn.mediavoice.com	arstechnica.com
1	z.moatads.com	arstechnica.com
1	js-sec.indexww.com	arstechnica.com
1	www.googletagservices.com	arstechnica.com
1	arstechnica.com
139	40

This site contains links to these domains. Also see Links.

Domain
video.arstechnica.com
www.condenast.com
cdn.arstechnica.net
www.facebook.com
twitter.com
www.reddit.com
www.prnewswire.com
en.wikipedia.org
conference.hitb.org
www.arstechnica.com
metric-placcular.com
campaigns.velasca.com
partnerswsj.com
www.clicktraceclick.com
4013.kewozbho.com
lookingforanswer.net
www.outbrain.com
condenast.com

Subject Issuer	Validity	Valid
*.arstechnica.com Amazon	`2022-10-29` - `2023-11-26`	a year	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2022-11-01` - `2023-12-03`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-06` - `2023-10-05`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-18`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.skimresources.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-25` - `2023-11-08`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
cnevideos.com Amazon	`2022-12-01` - `2023-12-29`	a year	crt.sh
memo.co Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
*.cnevids.com Amazon	`2022-09-03` - `2023-10-01`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
assoc-na.associates-amazon.com Amazon	`2022-06-18` - `2023-06-17`	a year	crt.sh
condenast.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-02` - `2023-10-04`	a year	crt.sh
securedvisit.com Amazon	`2022-10-29` - `2023-11-26`	a year	crt.sh
memoinsights.com Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-12-12` - `2023-03-06`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-28` - `2023-01-26`	3 months	crt.sh
conde.io Amazon	`2022-07-06` - `2023-08-03`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Frame ID: C14FA190856E3888CCCA86EB5AD0D475
Requests: 128 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.33894088379012577
Frame ID: 074337EB6696B06B803E85DD0A73BA48
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: AA9C789C2401E61FA3E93BD63EADB2BF
Requests: 19 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html
Frame ID: BAE0F549982C6FDF9635A632E0C50B3E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Organizations are spending billions on malware defense that’s easy to bypass | Ars Technica

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Page Statistics

139
Requests

97 %
HTTPS

27 %
IPv6

27
Domains

40
Subdomains

38
IPs

5
Countries

4590 kB
Transfer

10613 kB
Size

11
Cookies

66 Outgoing links

These are links going to different origins than the main page.

URL: http://video.arstechnica.com/
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.condenast.com/brands/ars-technica
Title: Advertise with Ars

Search URL Search Domain Scan URL

URL: https://cdn.arstechnica.net/wp-content/uploads/2022/08/malware-detection-bypass.jpg
Title: Enlarge

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D1876978
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Organizations+are+spending+billions+on+malware+defense+that%E2%80%99s+easy+to+bypass&url=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D1876978
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D1876978&title=Organizations+are+spending+billions+on+malware+defense+that%E2%80%99s+easy+to+bypass
Title: Share on Reddit

Search URL Search Domain Scan URL

URL: https://www.prnewswire.com/news-releases/endpoint-detection-and-response-market--to-garner-18-3-bn-globally-by-2031-at-25-3-cagr-allied-market-research-301588990.html#:~:text=As%20per%20the%20report%2C%20the,25.3%25%20from%202022%20to%202031.
Title: $18 billion by 2031

Search URL Search Domain Scan URL

URL: https://cdn.arstechnica.net/wp-content/uploads/2022/08/behavioral-analysis.jpg

Search URL Search Domain Scan URL

URL: https://cdn.arstechnica.net/wp-content/uploads/2022/08/direct-sys-call.jpg

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Dynamic-link_library
Title: dynamic link library

Search URL Search Domain Scan URL

URL: https://cdn.arstechnica.net/wp-content/uploads/2022/08/indirect-sys-call.jpg

Search URL Search Domain Scan URL

URL: https://cdn.arstechnica.net/wp-content/uploads/2022/08/edr-evasion-results.jpg

Search URL Search Domain Scan URL

URL: https://conference.hitb.org/hitbsecconf2022sin/session/edr-evasion-primer-for-red-teamers/
Title: presented their findings

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario
Title: Unsolved Mysteries Of Quantum Leap With Donald P. Bellisario

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-unsolved-mysteries-of-warhammer-40k-with-author-dan-abnett
Title: Unsolved Mysteries Of Warhammer 40K With Author Dan Abnett

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/sitrep-f-16-replacement-search-a-signal-of-f-35-fail
Title: SITREP: F-16 replacement search a signal of F-35 fail?

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/sitrep-boeing-707
Title: Sitrep: Boeing 707

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/personal-history-steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube
Title: Steve Burke of GamersNexus Reacts To Their Top 1000 Comments On YouTube

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube
Title: Modern Vintage Gamer Reacts To His Top 1000 Comments On YouTube

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-the-nes-conquered-a-skeptical-america-in-1985
Title: How The NES Conquered A Skeptical America In 1985

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/scott-manley-reacts-to-his-top-1000-youtube-comments
Title: Scott Manley Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/how-immersive-stories-deepen-the-horror-of-games-like-soma-and-amnesiac-rebirth
Title: How Horror Works in Amnesia: Rebirth, Soma and Amnesia: The Dark Descent

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/lgrs-clint-basinger-reacts-to-his-top-1000-youtube-comments
Title: LGR's Clint Basinger Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/the-f-35-s-next-tech-upgrade
Title: The F-35's next tech upgrade

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-one-gameplay-decision-changed-diablo-forever
Title: How One Gameplay Decision Changed Diablo Forever

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-unsolved-mysteries-mortal-kombat
Title: Unsolved Mortal Kombat Mysteries With Dominic Cianciolo From NetherRealm Studios

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/us-navy-gets-an-italian-accent
Title: US Navy Gets an Italian Accent

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-amazons-undone-brought-dreams-to-life-through-rotoscope-and-oil-paints
Title: How Amazon’s “Undone” Animates Dreams With Rotoscoping And Oil Paints

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit
Title: Fighter Pilot Breaks Down Every Button in an F-15 Cockpit

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-nba-jam-became-a-billion-dollar-slam-dunk
Title: How NBA JAM Became A Billion-Dollar Slam Dunk

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/linus-tech-tips-reacts-to-his-top-1000-youtube-comments
Title: Linus "Tech Tips" Sebastian Reacts to His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-alan-wake-was-rebuilt-3-years-into-development
Title: How Alan Wake Was Rebuilt 3 Years Into Development

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-prince-of-persia-defeated-apple-ii-s-memory-limitations
Title: How Prince of Persia Defeated Apple II's Memory Limitations

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-crash-bandicoot-hacked-the-playstation-to-run
Title: How Crash Bandicoot Hacked The Original Playstation

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-myst
Title: Myst: The challenges of CD-ROM | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/markiplier-reacts-to-his-top-1000-youtube-comments
Title: Markiplier Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-the-evolution-of-oddworld-and-what-comes-next
Title: How Mind Control Saved Oddworld: Abe's Oddysee

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe
Title: Bioware answers unsolved mysteries of the Mass Effect universe

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-civilization
Title: Civilization: It's good to take turns | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/sitrep-dod-resets-ballistic-missile-interceptor-program
Title: SITREP: DOD Resets Ballistic Missile Interceptor program

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/warframe-s-rebecca-ford-reviews-your-characters
Title: Warframe's Rebecca Ford reviews your characters

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-subnautica
Title: Subnautica: A world without guns | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-slay-the-spire-war-stories
Title: How Slay the Spire’s Original Interface Almost Killed the Game | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-amnesia-the-dark-descent-the-horror-facade
Title: Amnesia: The Dark Descent - The horror facade | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-c-and-c-tiberian-sun
Title: Command & Conquer: Tiberian Sun | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-blade-runner-skinjobs-voxels-and-future-noir
Title: Blade Runner: Skinjobs, voxels, and future noir | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-dead-space-the-drag-tentacle
Title: Dead Space: The Drag Tentacle | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/teach-the-controversy-flat-earthers
Title: Teach the Controversy: Flat Earthers

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-gets-a-crucial-green-light
Title: Delta V: The Burgeoning World of Small Rockets, Paul Allen's Huge Plane, and SpaceX Gets a Crucial Green-light

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/chris-hadfield-explains-his-space-oddity-video
Title: Chris Hadfield explains his 'Space Oddity' video

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/apollo-the-greatest-leap-episode-1-risk
Title: The Greatest Leap, Episode 1: Risk

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-ultima-online-the-virtual-ecology
Title: Ultima Online: The Virtual Ecology | War Stories

Search URL Search Domain Scan URL

URL: https://video.arstechnica.com/
Title: More videos

Search URL Search Domain Scan URL

URL: https://metric-placcular.com/9b3254fa-697a-4387-9d70-4b5e9947123d?campaign_id=000c74ed5f9b2a6c31a57df261d969efc8&publisher_id=$publisher_id$&publisher_name=$publisher_name$&ad_id=001328b835642a0d1033e36fadde395c8a&ad_title=Wall+St.+Legend+Warns%3A+%22Huge+Market+Change+is+Coming%22&section_id=$section_id$&section_name=$section_name$&req_id=$req_id$&promoted_link_id=001328b835642a0d1033e36fadde395c8a&time_stamp=$time_stamp$&ob_click_id=$ob_click_id$&obOrigUrl=true
Title: Wall St. Legend Warns: "Huge Market Change is Coming" Visionary Profit

Search URL Search Domain Scan URL

URL: https://campaigns.velasca.com/redirect/?utm_source=Outbrain&utm_medium=prospecting&utm_campaign=Abroad_Outbrain_Prospecting_Desktop_Click_EU_DK-DE-GR-CH_June&utm_term=$section_name$&obOrigUrl=true
Title: We love things that are beautiful, well made. Velasca

Search URL Search Domain Scan URL

URL: https://partnerswsj.com/nec-connecting-the-dots/p/1?utm_source=outbrainpremium&utm_medium=syndication&utm_campaign=nec_133128&utm_content=a1&utm_term=$publisher_name$_$section_name$&obOrigUrl=true
Title: Miami Airport is shaking up air travel with new behind-the-scenes technology WSJ Custom Studios

Search URL Search Domain Scan URL

URL: https://www.clicktraceclick.com/68187655-3b6a-4666-9d4d-ddb587c2a73d?sectionid=$section_id$&sectionname=$section_name$&publisherid=$publisher_id$&publishername=$publisher_name$&adtitle=Dieser+einfache+Trick+macht+Ihren+PC+wie+neu+%28Jetzt+ausprobieren%29&OutbrainClickId=$ob_click_id$&obOrigUrl=true
Title: Dieser einfache Trick macht Ihren PC wie neu (Jetzt ausprobieren) Sicherheitstechnische Tipps

Search URL Search Domain Scan URL

URL: https://4013.kewozbho.com/click?trvid=10046&ob_click_id=$ob_click_id$&cost=$cpc$&campaign_id=0023dba5e66f6dcad9839e8fada8816fd1&ad_id=00b9132e56ba97da84809d799f1df9080c&ad_title=Bone+on+Bone+Knee+Pain%3F+Try+This%2C+Says+Top+Doc%21&doc_title=LP+For+Review&publisher_id=$publisher_id$&publisher_name=$publisher_name$&section_name=$section_name$&time_stamp=$time_stamp$&obOrigUrl=true
Title: Learn More Bone on Bone Knee Pain? Try This, Says Top Doc! getmrjoint.com

Search URL Search Domain Scan URL

URL: https://lookingforanswer.net/promo.php?q=ferienhaus+d%C3%A4nemark+nordsee&hl=de&oclid=$ob_click_id$&source=outbrain&tpl=americano&utm_source=$publisher_name$_$publisher_id$_$section_name$_$section_id$&utm_campaign=%5BARB%5D%5BLO%5D%5BDE%5D%5BTravel+%26+Transportation%5D%5BHotels+%26+Accommodations%5D%5BDESK%5D+_009371ad616a7f0c92ea077d11895529ef&utm_medium=Outbrain&obOrigUrl=true
Title: Ferienhäuser in Dänemark am See mit Motorboot Ferienhaus | Suchanzeigen

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: http://condenast.com/

Search URL Search Domain Scan URL

URL: https://www.condenast.com/user-agreement/
Title: User Agreement

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy/
Title: Privacy Policy and Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy/#california
Title: Your California Privacy Rights

Search URL Search Domain Scan URL

URL: https://www.condenast.com/online-behavioral-advertising-oba-and-how-to-opt-out-of-oba/#clickheretoreadmoreaboutonlinebehavioraladvertising(oba)
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy
Title: More information about your privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

139 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/ 55 KB
17 KB 513ms
301ms Document
text/html 18.188.231.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.188.231.255 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-188-231-255.us-east-2.compute.amazonaws.com

Software

nginx/1.23.2 / PHP/8.1.13

Resource Hash

24d85b4c31f34e75f04696fbb390c9ce21baf479e35283f7783508ec204fd857

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 19 Jan 2023 11:35:26 GMT
link: <https://arstechnica.com/wp-json/>; rel="https://api.w.org/" <https://arstechnica.com/wp-json/wp/v2/posts/1876978>; rel="alternate"; type="application/json"
server: nginx/1.23.2
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.1.13
x-xss-protection: 1; mode=block

GET
H2 200 main-c1868550f6.css
cdn.arstechnica.net/wp-content/themes/ars/assets/css/ 336 KB
71 KB 49ms
7ms Stylesheet
text/css 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: ef2ef4f0e453b0c430da6aca75ff768e3f95e45939c6668677e0b79ba15fee41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1670967135
content-encoding: gzip
x-cf3: M
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 1a0f6eebb9506ec86a13e32fce5047c9
content-length: 71877
x-cf2: H
last-modified: Tue, 13 Dec 2022 21:12:16 GMT
server: CFS 0215
x-cff: B
etag: W/"6398eab0-53ed1"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 24 KB
8 KB 37ms
19ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d277a90920d78efa3d6e473d67240beb26100591c7b02a34bd444aa78ee5d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Jan 2023 11:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WdCEPqU1pnnoNr/cT9hHyQ==
age: 43946
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8053
x-ms-lease-status: unlocked
last-modified: Tue, 17 Jan 2023 03:30:41 GMT
server: cloudflare
etag: 0x8DAF83B35FDC216
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 433f0463-a01e-017d-61d1-2a027b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 78bf44563bb99b25-FRA

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 43ms
24ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Jan 2023 11:35:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 43930
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5c711e05-101e-016f-5f44-283667000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 78bf44563bbb9b25-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 81 KB
28 KB 123ms
57ms Script
text/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5a6b359905671eb3a695b95d3ae5d9b63584c5a923ac0ba020fccbf2355920b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27795
x-xss-protection: 0
server: sffe
etag: "1456 / 795 of 1000 / last-modified: 1674121463"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 19 Jan 2023 11:35:26 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 179 KB
45 KB 55ms
19ms Script
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 10:52:07 GMT
content-encoding: gzip
via: 1.1 9ef1b108656dc6d0707b168b862883dc.cloudfront.net (CloudFront), 1.1 2037bc3d80050c91043b9acac67831a2.cloudfront.net (CloudFront)
last-modified: Tue, 17 Jan 2023 22:31:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, VIE50-P1
age: 2600
x-amz-server-side-encryption: AES256
etag: W/"09722bdf068e1f62e3d9a9e39a8dde87"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 9OdliBqqPbRqtxIBPn75-qdnsS-yw1N1RvqMJjWQu9RwYRRX1RBbsQ==

GET
H2 200 prebid.min.js Show response
cdn.arstechnica.net/cns/ 297 KB
95 KB 63ms
22ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1674127918
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 6f74204730db3b573745df85297ddfab4c34974f46406d1bb8691035c1687cef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 19 Jan 2023 11:35:26 GMT
x-amz-version-id: RnPzwQ6WaaoO6Nj5enyT4qz6kmzAVgIv
content-encoding: gzip
x-cf-tsc: 1674127924
x-cf3: H
x-amz-request-id: DRCMFXJGVD1K3DSZ
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 96c30feae2389c161af3ff93a7a6e4ab
content-length: 96313
x-amz-id-2: UzQ6yLbuZDXxRj0CSuRZoGW5sUR4REOEgZoLlwd4341Q9ymcaWfsqfUiE13x8hHclkFtTFVxTIY=
x-served-by: cache-cmh1290026-CMH
x-cf2: H
last-modified: Mon, 12 Dec 2022 16:28:49 GMT
server: CFS 0215
x-timer: S1674127920.701014,VS0,VE137
x-cff: B
etag: "c59f9831da8987be4cb2693255bb80cf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=120
cf4age: 4
accept-ranges: bytes
expires: Thu, 19 Jan 2023 11:37:26 GMT

GET
H2 200 183973-93942139695505.js Show response
js-sec.indexww.com/ht/p/ 43 KB
15 KB 57ms
23ms Script
text/javascript 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 19 Jan 2023 11:21:33 GMT
server: cloudflare
age: 654
etag: W/"da2aa0-ada8-5f29c22a7498c"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 78bf44571ec36997-FRA
expires: Thu, 19 Jan 2023 15:35:26 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/condenastprebidheader987326845656/ 219 KB
77 KB 67ms
8ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ecbf3318537730104a1dde511c60cb9e364cec24c7f2e5207f8775ae7832c0f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
content-encoding: gzip
last-modified: Tue, 29 Nov 2022 16:45:55 GMT
server: AmazonS3
x-amz-request-id: Z7BVK82PE6K5APY9
etag: "e7655f59b5072c044da00a280b42812a"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=26433
accept-ranges: bytes
content-length: 78788
x-amz-id-2: ATsNrmYIL3YslSxMx+X35UonmxRDkZCf1ZD4v/HioiKYVg1QEZoRApCgVBu/XoFYHYZmv0Ge3xA=

GET
H2 200 ars-technica.min.js Show response
cdn.arstechnica.net/cns/ 119 KB
39 KB 57ms
16ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1674127918
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c3e3b5ce22832a7ab4d1d54f39bd42cc17c0b14b76474e7f6647d8790c3c4a49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits: 0
date: Thu, 19 Jan 2023 11:35:26 GMT
x-amz-version-id: VqpmGXZUtFBDjXq3ws3A45Z3GjPCdLGk
content-encoding: gzip
x-cf-tsc: 1674127922
x-cf3: H
x-amz-request-id: DRCY2W316EMF7VVW
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: b6484f0cd2389a54cee7e271869dd13e
content-length: 39233
x-amz-id-2: wiAX/i4tizwnZMlLpjUNx4j9Oq3NE32YuNQHr7xTFQ8bXxo/fzfKUtBv6mPaljB/uAt1/GiKxVA=
x-served-by: cache-cmh1290036-CMH
x-cf2: H
last-modified: Tue, 17 Jan 2023 18:39:57 GMT
server: CFS 0215
x-timer: S1674127920.514014,VS0,VE163
x-cff: B
etag: "0b386567e8f11f0704b54d7558db55aa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=120
cf4age: 2
accept-ranges: bytes
expires: Thu, 19 Jan 2023 11:37:26 GMT

GET
H2 200 ars-84a4ab0802.ads.us.js Show response
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 3 KB
1 KB 56ms
15ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/ars-84a4ab0802.ads.us.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 16708dda2536b4b3782313db4a6ec8456cd84da7ae0f56d7d2455e68fc9bc4f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1668280769
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: da27961bb9b2581f973d53ba0fda1109
content-length: 1143
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: W/"636e9b18-bc0"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 46360
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 style.min.css
cdn.arstechnica.net/wp/wp-includes/css/dist/block-library/ 93 KB
15 KB 57ms
16ms Stylesheet
text/css 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp/wp-includes/css/dist/block-library/style.min.css?ver=6.0.3
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1669024230
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 1c12024ecce7d82624c77da51e25e67a
content-length: 15480
x-cf2: H
last-modified: Tue, 15 Nov 2022 19:11:58 GMT
server: CFS 0215
x-cff: B
etag: W/"6373e47e-172a9"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 47193
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 comments.css
cdn.arstechnica.net/wp-content/plugins/article-forum-connect/public/css/ 4 KB
1 KB 56ms
15ms Stylesheet
text/css 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/plugins/article-forum-connect/public/css/comments.css?ver=1.1.6.2
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 2b966386db7e5598dc99aae1c9e22fc86b37017d7b99c4a8f0eb5b636bf52d5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1669154097
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 114e9bd95caaf770e1fb79662b05ea3f
content-length: 1087
x-cf2: H
last-modified: Tue, 22 Nov 2022 21:38:48 GMT
server: CFS 0215
x-cff: B
etag: W/"637d4168-10b7"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 malware-detection-bypass-800x450.jpg
cdn.arstechnica.net/wp-content/uploads/2022/08/ 103 KB
103 KB 180ms
178ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2022/08/malware-detection-bypass-800x450.jpg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 2d7456f110e6a3fedf37ac480726889258b776fc03e1e4a6b51120fc3160cd57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-amz-version-id: thkTSmvPtzyBU2z6P8KrXNWfW9onAHr1
x-cf-tsc: 1674128127
x-cf3: M
x-amz-request-id: QZGMDX8HK2R53YSQ
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:M
x-cf-reqid: fb8b882e75712eb77ce4bc6d9f4b5952
x-amz-replication-status: COMPLETED
content-length: 105317
x-amz-id-2: ipVR19P8aLdDk9rzDkBPTJtq+cDeMW7dUykrDwyZDOyDPSg+EYuV3nDvHIgfLkwoRZGW/Cm4skI=
x-cf2: M
last-modified: Tue, 30 Aug 2022 19:00:50 GMT
server: CFS 0215
x-cff: B
etag: "d64c2cac6c816ece217c10b9bec2c22e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 behavioral-analysis-640x359.jpg
cdn.arstechnica.net/wp-content/uploads/2022/08/ 39 KB
40 KB 127ms
124ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2022/08/behavioral-analysis-640x359.jpg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: d45862d0913737fe82645070bbb15fb4f00b51ba669fd90425eb602aaea4f618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-amz-version-id: DG4UwlDHC56GPJlbgUzMSsBkcm7lOrA5
x-cf-tsc: 1674128127
x-cf3: M
x-amz-request-id: JK24DN34SGEMT7WV
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:M
x-cf-reqid: 9c6012594158fb85ad634a507ae66ee8
x-amz-replication-status: COMPLETED
content-length: 39998
x-amz-id-2: /txJd5X130/y8JgYWanawN0Sf+7RzCcOHiYNQX1geC1s/I0rM0qgs2OJjY09Qdh1fn4OEuhnC90=
x-cf2: M
last-modified: Tue, 30 Aug 2022 17:40:28 GMT
server: CFS 0215
x-cff: B
etag: "78fac3de703819f590051dddb0c93734"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 77344
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 direct-sys-call-640x362.jpg
cdn.arstechnica.net/wp-content/uploads/2022/08/ 44 KB
44 KB 142ms
140ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2022/08/direct-sys-call-640x362.jpg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 466109f9f85c8156ec2668e799be4b9cfad5747748343e26da4d10abac9797c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-amz-version-id: Y.1L50tOG13TaoOIoRdt5Jx8ATx2kT6D
x-cf-tsc: 1674128127
x-cf3: M
x-amz-request-id: 95T51HAD5PD7FVTR
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:M
x-cf-reqid: f55e348e8f1e3902c5f256006f7d56ad
x-amz-replication-status: COMPLETED
content-length: 44742
x-amz-id-2: l0cpdwhVQWC58wi3BPqpymoRBjTrALElJRJ1MwIeEF6/W6IF3P6EsaXfKS31KwBagbLltGLdnFE=
x-cf2: M
last-modified: Tue, 30 Aug 2022 17:41:25 GMT
server: CFS 0215
x-cff: B
etag: "377b9ef53eddca1bbd2bb69368c07272"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 77342
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 indirect-sys-call-640x359.jpg
cdn.arstechnica.net/wp-content/uploads/2022/08/ 36 KB
37 KB 127ms
125ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2022/08/indirect-sys-call-640x359.jpg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: f91f71a79e80bc2c29f7e8ef8155f1fcd387db6ee107ae93f16108cbe61705a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-amz-version-id: bZ3NGf0KiorklGfmxnyiLpBrarWV0z97
x-cf-tsc: 1674128127
x-cf3: M
x-amz-request-id: KASFBEW82HTZ42CP
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:M
x-cf-reqid: cbc934b19ae123240d5511f7bdc474b2
x-amz-replication-status: COMPLETED
content-length: 36817
x-amz-id-2: hVbjhatGO6k8Fm/wNxbZZ6E5msqkbVw2lYIJk0IRV4psOjcjVQM2cyYYbnOCPNDWkuJh1nVOTuk=
x-cf2: M
last-modified: Tue, 30 Aug 2022 17:44:04 GMT
server: CFS 0215
x-cff: B
etag: "efa73e6c065e503ac0944a8bab09dbd0"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 77341
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 edr-evasion-results-640x360.jpg
cdn.arstechnica.net/wp-content/uploads/2022/08/ 52 KB
53 KB 129ms
128ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2022/08/edr-evasion-results-640x360.jpg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: dbbb02be63184a360aa16f720d54120e312b9a0f2b2fd7eedc9e4c1402bcd3d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-amz-version-id: 5zEZvySuBk80H4Ho7HhzRT3avCsGqWvL
x-cf-tsc: 1674128127
x-cf3: M
x-amz-request-id: CQ8MHVDR73PYM4D1
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:M
x-cf-reqid: 6800713cc170818804aa621b2623b422
x-amz-replication-status: COMPLETED
content-length: 53519
x-amz-id-2: hB22mBuVcqBc3n9b04ZUOoFxncUn56+Wl9X1q8hCRVy6YOZDnJ5hGRCzRlnkjx+nu2xWwnis8wM=
x-cf2: M
last-modified: Tue, 30 Aug 2022 17:44:42 GMT
server: CFS 0215
x-cff: B
etag: "4cb2722c37eea33c9fc0786e736e6446"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 77340
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 215 KB
74 KB 39ms
11ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 582693cca63e552573ff51d9a704a8ba4d27e6bb774139ab68c8026df1d25b32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 13:02:53 GMT
etag: "16-vTxPhgcFRE53NE2wTXEE2Rd8fhY"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14400, stale-while-revalidate=86400
access-control-allow-credentials: false
x-traceid: f7ca8b4b9ade1c8491ea073ea43af417
timing-allow-origin: *, *
content-length: 75680

GET
H2 200 main-218403ea71.js Show response
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 626 KB
204 KB 9ms
9ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-218403ea71.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 15ac550babcd12bf0cd1c7362e4aadc9fd32800edd7f3082a2c3bbad7240a2eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1668571160
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: bb5e6534de3abbf8eecc90130b23211d
content-length: 208328
x-cf2: H
last-modified: Wed, 16 Nov 2022 03:48:39 GMT
server: CFS 0215
x-cff: B
etag: W/"63745d97-9c79d"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 6
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 conde-asa-polar-master.js Show response
cdn.mediavoice.com/nativeads/script/condenastcorporate/ 5 KB
2 KB 60ms
30ms Script
text/javascript 2606:4700::6813:da83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:da83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 13379
content-length: 2018
last-modified: Thu, 19 Jan 2023 05:34:06 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/javascript
x-country: DE
x-varnish: 2164997543 2164928497
cache-control: max-age=21600
cf-ipcountry: DE
accept-ranges: bytes
cf-ray: 78bf44570ef09a0f-FRA

GET
H2 200 100098X1555750.skimlinks.js Show response
s.skimresources.com/js/ 36 KB
14 KB 61ms
11ms Script
application/octet-stream 151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: AmazonS3 /
Resource Hash: a3a1045bdd4556d83b740335475f60da908d6b0420b78c7688e03943ead2d988

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
content-encoding: gzip
x-sp-metadata: HS256.CI7ypJ4GEoUBCiQ0MmJjMDhjNi05MTZmLTQzM2EtOGVhYS02NmY3MmQxNWNlNTAQsNrb5pK18AIaBgj+1aSeBiIKODEuOTUuNS40MCiojwIwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDdmNDMwYjdiLWZhZGYtNGRjYi1hYTNiLWJlYzNhMWFhZDU5MxjpayIYCAISFGNkczEyNy5mcjguaHdjZG4ubmV0.dAlmd21ZX5XoBthfRmeWFI0yXfsU04gE2a9OMARMHWA=
last-modified: Tue, 30 Aug 2022 08:58:37 GMT
server: AmazonS3
x-amz-request-id: 2KS1PP29KSDCT91N
etag: "f913970f8dda10842aff8a06a8dfa0cd"
x-hw: 1674128126.cds009.fr8.hn,1674128126.cds127.fr8.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13801
x-amz-id-2: XizRBl31TZOOgwSE1J3+kEMHyITjs/nwe3qecrRJT3XLVUNzzYyn2tqL5riB0ox3VWiD40fOAPk=

GET
H2 200 iframeResizer.min.js Show response
cdn.arstechnica.net/wp-content/plugins/article-forum-connect/public/js/ 14 KB
6 KB 10ms
7ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/plugins/article-forum-connect/public/js/iframeResizer.min.js?ver=1.1.6.2
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 4bc7f443f57d55c7eba98816a3d1054bdcee0cc74f4c1302f82056d118f141bb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1669154097
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 06e5435a2425edba53e8a8b9e4832c61
content-length: 5969
x-cf2: H
last-modified: Tue, 22 Nov 2022 21:38:48 GMT
server: CFS 0215
x-cff: B
etag: W/"637d4168-3734"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 iframe.js Show response
cdn.arstechnica.net/wp-content/plugins/article-forum-connect/public/js/ 7 KB
2 KB 11ms
8ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/plugins/article-forum-connect/public/js/iframe.js?ver=1.1.6.2
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 760577261d75b1724a53825766138cc52ea09676703fdb4046cbf2ecb2508b74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1669154097
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 2adecbfaac23429f4088080e6341d0f1
content-length: 1692
x-cf2: H
last-modified: Tue, 22 Nov 2022 21:38:48 GMT
server: CFS 0215
x-cff: B
etag: W/"637d4168-1c5e"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 475 KB
128 KB 160ms
95ms Script
application/javascript 2a00:1450:400d:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56af20a275831d6d9a720b4b6c20ca446ddc97abaed5c461ca59d3b5c0d0a530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130615
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 19 Jan 2023 11:35:26 GMT

GET
H2 200 b10882a1-8446-4e7d-bfb2-ce2c770ad910.json Show response
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/ 5 KB
2 KB 71ms
53ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/b10882a1-8446-4e7d-bfb2-ce2c770ad910.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

129d9d61199f04b6d1fa1f935343bf9d2e59917e9a8d84bc7dba1307b6db56b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Jan 2023 11:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: qv4swkul+oed1UbCH6v7vQ==
age: 69468
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1824
x-ms-lease-status: unlocked
last-modified: Tue, 17 Jan 2023 16:16:09 GMT
server: cloudflare
etag: 0x8DAF8A625243A0D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4dc928bf-501e-0089-2d8f-2a61c2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 78bf4456a94b90bb-FRA
expires: Fri, 20 Jan 2023 11:35:26 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 68 B
235 B 67ms
46ms Script
text/javascript 2606:4700::6812:1b55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 78bf44570aa790c1-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 357 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 economica-bold-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 25 KB
25 KB 24ms
8ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-bold-otf-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 7425122385e38b945a55a3c771ca8309
content-length: 25592
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-63f8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 72528
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 economica-regular-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 24 KB
24 KB 25ms
9ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-regular-otf-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 988fe1d492ed9a906ab6d72f28f2688d
content-length: 24264
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-5ec8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 72528
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
DATA 200
OK truncated
/ 279 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 bitter-italic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 24 KB
24 KB 10ms
10ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-italic-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 50adc06e9b90dc23ba0f3bbb1fa037d9
content-length: 24212
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-5e94"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 72528
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 bitter-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 22 KB
23 KB 8ms
8ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-regular-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 97eb5c46106a364cafa4f93d8aa09f44
content-length: 22872
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-5958"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 72528
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 opensans-semibold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 19 KB
19 KB 9ms
8ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 2d6e402fae668878e450cdd623a16233
content-length: 18972
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-4a1c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 72400
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 opensans-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 18 KB
19 KB 11ms
11ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-regular-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 652c89e960041a25b31856aee354157b
content-length: 18824
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-4988"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 72528
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
295 B 56ms
39ms XHR
application/json 2606:4700::6812:1b55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1b55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 78bf4457480e9060-FRA
access-control-allow-headers: Content-Type

GET
DATA 200
OK truncated
/ 400 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 700 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 opensans-semibolditalic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 20 KB
21 KB 8ms
8ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibolditalic-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: d2e1b573be3f735ea47886f0b46af9f4
content-length: 20872
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-5188"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 62731
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H/1.1 200
OK video_groups Show response
api.cnevids.com/v1/ 4 KB
1 KB 400ms
94ms XHR
application/json 3.224.52.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cnevids.com/v1/video_groups?filters={%22channel_key%22:%22arstechnica%22}&pagesize=20&endpoint=oo.arstechnica

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-218403ea71.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.52.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-52-77.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

cb52c9b5c6b4f30eb9580d4414ecd97d408ffb0579fc9792f379da7e9e43221c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/*
Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 11:35:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Status: 200 OK
Connection: keep-alive
Content-Length: 658
X-XSS-Protection: 1; mode=block
X-Request-Id: 333c1d68-4d56-4bdf-afb1-107f1a377660
X-Runtime: 0.002085
X-Backend-Node: 10.110.75.172
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"fcef482d08e54b796ca511fd70f31184"
X-Download-Options: noopen
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate
Vary: Accept-Encoding, Origin
X-Frame-Options: SAMEORIGIN

GET
H2 200 memo.js Show response
cdn.memo.co/js/ 21 KB
7 KB 469ms
415ms Script
application/javascript 65.9.66.35
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.memo.co/js/memo.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-35.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d7b91ed4a7804e22b94e4873af273def73469e80b740bd9787e287003058868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: dIwRVCKiXrZkA8Vq0TRLD0Yyqjiw5iXT
content-encoding: gzip
via: 1.1 910fc18161f0602555cc5b6397ca26f2.cloudfront.net (CloudFront)
date: Thu, 19 Jan 2023 11:35:28 GMT
last-modified: Wed, 04 May 2022 18:49:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
etag: W/"09a117df3977ec5a869191fcea2ac408"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-amz-cf-id: bCgYE4QP8ciHnM90eVjS_TrWj91lJ_fJ0AlR1vx6CCfog9fuwhskAg==

GET
H/1.1 200
OK arstechnica.js Show response
player.cnevids.com/interlude/ 112 KB
28 KB 181ms
118ms Script
text/javascript 13.32.27.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/interlude/arstechnica.js?isRightRail=true

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-22.fra56.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

8261aabd72b0748f420d7c688de90a530a77afacf654765e0b2ed1b010913237

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 11:35:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 27666
X-XSS-Protection: 1; mode=block
X-Request-Id: e266acd1-dc04-4f86-bfb1-5794c3bd75df
X-Runtime: 0.010705
X-Backend-Node: 10.110.123.191
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"ae044cb3e5ddddbe4fd3bb3f832cd91c"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Id: JewUTNLglD9qR0NkjuYkYdhyjCqpMuu99u3izSDQPqfYdoi7CuzBrQ==

GET
DATA 200
OK truncated
/ 841 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Dang.jpg
cdn.arstechnica.net/wp-content/uploads/2018/10/ 90 KB
91 KB 8ms
8ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2018/10/Dang.jpg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-amz-version-id: null
x-cf-tsc: 1673915403
x-cf3: H
x-amz-request-id: RMWD6MN2JGN084AP
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 560519750abcde886948879c51c0561a
content-length: 92486
x-amz-id-2: LwnzZ5YSePbm4A9BvCKBd6AboZGHnlY2ECn/csNCp+qgmzUZjYemq+OaPgZ9uKRZLHDq7GtWAuc=
x-cf2: H
last-modified: Sat, 21 Dec 2019 01:48:48 GMT
server: CFS 0215
x-cff: B
etag: "03e5fec9e7ca5f8064d945bd791bd4c3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 10224787
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 channel-ars-be7bb52ba9.png
cdn.arstechnica.net/wp-content/themes/ars/assets/img/ 5 KB
5 KB 10ms
10ms Image
image/png 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/channel-ars-be7bb52ba9.png
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 85c5b2b54e0075f0e6f2eaeb41a61948
content-length: 4809
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-12c9"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 79954
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 bitter-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 22 KB
22 KB 10ms
9ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-bold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 90c76d690f8d88e3cc4e03ca350de4fc
content-length: 22104
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-5658"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 63692
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

GET
H2 200 opensans-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 19 KB
19 KB 10ms
10ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-bold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c1868550f6.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
x-cf-tsc: 1668280770
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fE.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 36c0e49347d6520e8ed7382733cd8145
content-length: 19516
x-cf2: H
last-modified: Fri, 11 Nov 2022 18:57:28 GMT
server: CFS 0215
x-cff: B
etag: "636e9b18-4c3c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 69897
accept-ranges: bytes
expires: Thu, 16 Mar 2023 11:35:26 GMT

POST
H2 200 / Show response
r.skimresources.com/api/ 149 B
372 B 68ms
18ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.19.9.1 /

Resource Hash

8356998195d485ab5e1ad650349508b8289962209a500e6702c08f90964f2e3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: gzip
server: openresty/1.19.9.1
via: 1.1 google
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 0743 0
134 B 74ms
21ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.33894088379012577
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.10 aiohttp/3.8.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
via: 1.1 google
server: Python/3.10 aiohttp/3.8.3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
276 B 47ms
15ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=5.63276811076223
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Thu, 19 Jan 2023 11:35:26 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 47ms
16ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=5.63276811076223
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date: Thu, 19 Jan 2023 11:35:26 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/ 383 KB
92 KB 18ms
18ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Jan 2023 11:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uPFqyxtrxGqJsyAvB7RnSg==
age: 59214
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 93482
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:45 GMT
server: cloudflare
etag: 0x8DADC66BDFA5EC7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 06a578fc-e01e-0057-5706-22316b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 78bf4457fedf9b25-FRA

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 10ms
9ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Sat, 18 Feb 2023 11:35:26 GMT

GET
H2 200 plugin.js Show response
plugin.mediavoice.com/ 368 KB
137 KB 58ms
43ms Script
application/javascript 2606:4700::6813:da83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.mediavoice.com/plugin.js
Requested by: Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:da83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2fffd9fce9c89815f9283c61cd0eb0e9563df67815c7e3065b69198e7390cd49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
content-encoding: gzip
via: 1.1 varnish
cf-cache-status: HIT
age: 15044
content-length: 140198
last-modified: Tue, 10 Jan 2023 19:16:48 GMT
server: cloudflare
etag: W/"63bdb9a0-5c1a9"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-varnish: 2415459742 2415181980
cache-control: max-age=43200
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cf-ray: 78bf445869959a0f-FRA
expires: Thu, 19 Jan 2023 08:23:21 GMT

GET
H2 200 condenastcorporate Show response
polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/ 208 B
438 B 65ms
28ms XHR
application/json 2606:4700::6811:4032
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/condenastcorporate
Requested by: Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4032 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc40a5096530714279199bd98ffbe44f3108bf9dd183ec74d85f69705d86e25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
content-encoding: gzip
server: cloudflare
etag: W/"f3cb63b5151ee861d177a2136e7d9989"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-country: DE
access-control-expose-headers: X-Country, CF-Ray
cache-control: max-age=3600
timing-allow-origin: *
cf-ray: 78bf44588cac9134-FRA

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 40ms
13ms XHR
application/javascript 18.66.23.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.23.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-23-213.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 c172ad3d6658cab7ff64a4a64dca4822.cloudfront.net (CloudFront)
date: Thu, 19 Jan 2023 08:52:59 GMT
x-amz-cf-pop: VIE50-P1
age: 9751
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: Eu9vIhHPDl4yauVE8Crfn2l4YvnnbPzP9wJLLx2hMD_we-6L4jsqlw==

GET
H2 200 pubads_impl_2023011702.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
130 KB 82ms
21ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011702.js?cb=31071694

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f10feb856e1174b96257f0bd820f67e0c2c738e5abbfe70799a457b791e11562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 23:19:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132153
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 21:40:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 17 Jan 2024 23:19:31 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 192 B
738 B 114ms
53ms XHR
application/json 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=arstechnica.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77dce0667b5d38b6e4ed4d244cc7abca21881f572ffb00a7efa6d9e6112adbb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103
x-xss-protection: 0
expires: Thu, 19 Jan 2023 11:35:26 GMT

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 474 B
648 B 170ms
55ms Script
text/html 54.195.68.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CY%24%3D!!taxWi~GGfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-TNUxai45ex1YkaWe08ceLJHXkgPshLKyuz%2F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz&rs=1-HlB%2FRG4580cdYQ%3D%3D&sc=1&os=1-xg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%3By%40YhN*F%40Q&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F08%2Fnewfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass%2F&pcode=condenastprebidheader987326845656&rx=674893558207&callback=MoatNadoAllJsonpRequest_49476283
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.68.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-195-68-237.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 6456df946a0c6fb0315ae58b5cca4e5b23f25484cec9e432be08b684838d1b3a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:27 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "0ac76fb7072db2e7fcf7f42f8886492175b97e1e"
content-length: 474
content-type: text/html; charset=UTF-8

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/5342550a-9204-4116-a032-c5a05162683e/ 225 KB
38 KB 20ms
20ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/5342550a-9204-4116-a032-c5a05162683e/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eab16bed0ee56de0a1e3a308e02cb8a889a9ef504e0f0b4adb6f256c86c8b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Jan 2023 11:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: FRQ/zPNzOwxzj7xtxhCogA==
age: 69467
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 38429
x-ms-lease-status: unlocked
last-modified: Tue, 17 Jan 2023 16:16:28 GMT
server: cloudflare
etag: 0x8DAF8A6303956C6
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 85282be7-a01e-00be-2d8f-2acd6d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 78bf44592c1f90bb-FRA
expires: Fri, 20 Jan 2023 11:35:26 GMT

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 366 KB
53 KB 22ms
22ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd93ea2fbdf700c4f9f898bfddef2838f9d1b48cca50e4c10a77c408280826a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Jan 2023 11:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zMTdYsdeJ5MEETc+8SSUmA==
age: 41217
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 53567
x-ms-lease-status: unlocked
last-modified: Wed, 18 Jan 2023 02:08:19 GMT
server: cloudflare
etag: 0x8DAF8F8DE4F253F
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ae2b0cb5-001e-00f7-3de4-2afe0d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 78bf44592c2190bb-FRA

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/ 68 KB
15 KB 20ms
20ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Jan 2023 11:35:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: jNSx0jAViofB7ggqqp6FUQ==
age: 79508
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 15011
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:44 GMT
server: cloudflare
etag: 0x8DADC66BD0C2AD7
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bdd5c82e-101e-00ca-44ea-0e4b2b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 78bf445929159b25-FRA

GET
H2 200 v2 Show response
z-na.associates-amazon.com/onetag/ 11 KB
4 KB 203ms
8ms Script
text/javascript 143.204.208.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.208.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-208-5.fra53.r.cloudfront.net

Software

Server /

Resource Hash

7475f5c70d3b6020b6f4621b2e69fba3360bea00a913e60b085af165b93842ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 05:36:14 GMT
content-encoding: gzip
accept-charset: UTF-8
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA53-C1
x-amz-rid: XD23VNBPBSDNC53M0CRS
age: 21553
vary: accept-encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
x-amz-cf-id: eCH1fksOMWc5z07vLpwF11QaAa0o7p_5_n0lDBZ3dO-ue_EcivJsaA==

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
339 B 22ms
21ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.10 aiohttp/3.8.3 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 11:35:26 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.10 aiohttp/3.8.3
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://arstechnica.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
content-length: 22
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK recommendations Show response
api.condenast.io/v1/ 23 KB
6 KB 875ms
637ms Fetch
application/json 151.101.192.239
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.condenast.io/v1/recommendations?applicationID=cne-interlude-arstechnica&brand=arstechnica&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F08%2Fnewfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass%2F&filter%5Bstrategy%5D=POPULAR&filter%5BcontentType%5D=CNEVIDEO&filter%5Blanguage%5D=en-US&page%5Bsize%5D=5
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/interlude/arstechnica.js?isRightRail=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 1efa0168cc510cc900d2602b6a5d24829f7143462001b629a3ad6de215aa3a58

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 11:35:27 GMT
content-encoding: gzip
Via: 1.1 varnish
X-Backend: 2SrKDXXFWNz87LdtRpzPzK--F_api_eu_central_1_condenast_io
transfer-encoding: chunked
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-yyz4567-YYZ
Server: nginx/1.15.8
X-Timer: S1674128127.258162,VS0,VE536
Vary: origin,accept-encoding, Accept-Encoding, Origin
Content-Type: application/json;charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: private, max-age=0
access-control-allow-credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
166 B 311ms
113ms XHR
application/json 52.54.240.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=CONDENAST&sv_domain=arstechnica.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.54.240.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-54-240-100.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://arstechnica.com
date: Thu, 19 Jan 2023 11:35:27 GMT
access-control-allow-credentials: true
server: nginx/1.22.0
content-length: 2
vary: Origin
content-type: application/json

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 9 KB
3 KB 28ms
27ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4f86e9ccc5e942b4003bd9fed721d599fdeb7bcc1a2db63a95cba24de5f828

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Jan 2023 11:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 7dHn1A0MGZqShU38V/JIug==
age: 72433
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2639
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:36 GMT
server: cloudflare
etag: 0x8DADC66B8273D07
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 6b56f14d-a01e-0154-4197-107439000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 78bf445a8dd790bb-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202211.2.0/assets/ 21 KB
4 KB 28ms
28ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202211.2.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202211.2.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Thu, 19 Jan 2023 11:35:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: XcxlleAcPGO2n5kTZrHH2Q==
age: 72707
x-ms-lease-status: unlocked
last-modified: Mon, 12 Dec 2022 17:31:50 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 3f4ef08a-c01e-0129-4197-10e8f1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 78bf445a8dd890bb-FRA

GET
H/1.1 200
OK 5b27ee7e8c1abc4e7900000f Show response
api.cnevids.com/v1/video_groups/ 104 KB
17 KB 187ms
187ms XHR
application/json 3.224.52.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cnevids.com/v1/video_groups/5b27ee7e8c1abc4e7900000f?endpoint=oo.arstechnica

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-218403ea71.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.224.52.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-224-52-77.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

e67089d28ed8be968a13320f7ae05dd0c2f1fff18a5d8b2c78a91b41f8651f70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/*
Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 11:35:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Status: 200 OK
Connection: keep-alive
Content-Length: 17064
X-XSS-Protection: 1; mode=block
X-Request-Id: 5ed868cc-c13b-4559-b4c8-cac02ba48857
X-Runtime: 0.004798
X-Backend-Node: 10.110.29.223
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"851a60618ca92e3464dff65488c7d244"
X-Download-Options: noopen
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate
Vary: Accept-Encoding, Origin
X-Frame-Options: SAMEORIGIN

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
274 B 16ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=24&d=data%3Adata%3Adata%3Adata&i=CONDENAST_PREBID_HEADER1&k=SyntaxError%20in%20closure%20%28cb%29%3A%20Failed%20to%20execute%20%27measure%27%20on%20%27Performance%27%3A%20The%20mark%20%27ATP-Init%27%20does%20not%20exist.%2C%20stack%3DError%3A%20Failed%20to%20execute%20%27measure%27%20on%20%27Performance%27%3A%20The%20mark%20%27ATP-Init%27%20does%20not%20exist.%0A%20%20%20%20at%20Object.setMoatLoad%20%5Bas%20moatLoad%5D%20%28https%3A//cdn.arstechnica.net/cns/ars-technica.min.js%3Fv%3D1674127918%3A1%3A30064%29%0A%20%20%20%20at%20emitBoomPixel%20%28https%3A//cdn.arstechnica.net/cns/ars-technica.min.js%3Fv%3D1674127918%3A1%3A32013%29%0A%20%20%20%20at%20handleMoatYieldIntelligenceReady%20%28https%3A//cdn.arstechnica.net/cns/ars-technica.min.js%3Fv%3D1674127918%3A1%3A94711%29%0A%20%20%20%20at%20window.moatYieldReady%20%28https%3A//cdn.arstechnica.net/cns/ars-technica.min.js%3Fv%3D1674127918%3A1%3A94969%29%0A%20%20%20%20at%20https%3A//z.moatads.com/condenastprebidheader987326845656/moatheader.js%3A60%3A282%0A%20%20%20%20at%20k%20%28https%3A//z.moatads.com/condenastprebidheader987326845656/moatheader.js%3A390%3A346%29%0A%20%20%20%20at%20https%3A//z.moatads.com/condenastprebidheader987326845656/moatheader.js%3A403%3A457%0A%20%20%20%20at%20a.xa.sode.a.xa.sode.zaxs%20%28https%3A//z.moatads.com/condenastprebidheader987326845656/moatheader.js%3A109%3A476%29%0A%20%20%20%20at%20n.%3Ccomputed%3E%20%28https%3A//z.moatads.com/condenastprebidheader987326845656/moatheader.js%3A328%3A10%29%0A%20%20%20%20at%20https%3A//mb.moatads.com/yi/v2%3Fol%3D0%26qn%3D%25604%257BZEYwoqI%2524%255BK%252BdLLU%29%252CMm%7EtM%2190vv9L%2524%252FoDb%252Fz%28lKm3GFlNUU%252Cu%255Bh_GcS%2525%255BHvLU%255B4%28K%252B%257BgeFWl_%253DNqUXR%253A%253D%252BAxMn%253Ch%252CyenA8p%252FHm%2524%2560%25233P%28ry5*ZRocMp1tq%255BN%257Bq%2560RP%253CG.ceFW%257CoG%2522mxT%253Bwv%2540V374BKm55%253D%25261fp%255BoU5t%28Kc%252CY%2524%253D%21%21taxWi%7EGGfxECSR23_hFAkD%253Dv%253CN%255B.%2522%2524b_o%253FtVD%255D%255BpN%257CQF%2540Sy7%257B%252CNr1U*%2526ujMUU9%253C%2524kBjqI%26tf%3D1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-%26vi%3D111111%26rc%3D1%252C1%252C0%252C3%252C3326192205%252C1%252C4%252C0%252Cprobably%252Cprobably%26rb%3D1-TNUxai45ex1YkaWe08ceLJHXkgPshLKyuz%252F4uhjkxPYPVB8OEV7WXRwEOC0dEk1CVCWz%26rs%3D1-HlB%252FRG4580cdYQ%253D%253D%26sc%3D1%26os%3D1-xg%253D%253D%26qp%3D10000%26is%3DBBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB%26iv%3D8%26qt%3D0%26gz%3D0%26hh%3D0%26hn%3D0%26tw%3D%253By%2540YhN*F%2540Q%26qc%3D0%26qd%3D0%26qf%3D1600%26qe%3D1200%26qh%3D1600%26qg%3D1200%26qm%3D0%26qa%3D1600%26qb%3D1200%26qi%3D1600%26qj%3D1200%26to%3D000%26po%3D1-0020002000002120%26vy%3Dot%2524b%255Bh%2540%2522oD%7ET_Gr1%253E%253AB%2540NVt7%253BY%253EhyMmxNXJZPV8t6%253D%253Dh_GW3r4Aj%21L%253E%252BbK0pH%2523H%26qr%3D0%26url%3Dhttps%253A%252F%252Farstechnica.com%252Finformation-technology%252F2022%252F08%252Fnewfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass%252F%26pcode%3Dcondenastprebidheader987326845656%26rx%3D674893558207%26callback%3DMoatNadoAllJsonpRequest_49476283%3A1%3A1%2C%20%0Acb%3D%28%29%3D%3E%7BhandleMoatYieldIntelligenceReady%28e%29%7D%0A&ar=67fa5e2a4e8-clean&iw=63673aa&bq=11&j=&cs=1674128127135
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

unused62: 8096267
pragma: no-cache
date: Thu, 19 Jan 2023 11:35:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Thu, 19 Jan 2023 11:35:27 GMT

GET
H/1.1 200
OK andoncord Show response
assoc-na.associates-amazon.com/onetag/ 16 B
411 B 521ms
98ms XHR
application/json 72.21.195.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assoc-na.associates-amazon.com/onetag/andoncord

Requested by

Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

s3-1.amazonaws.com

Software

Server /

Resource Hash

c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 11:35:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: JVK2JD332MK4DK8XRZQQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 16

GET
H/1.1 200
OK n Show response
elsa.memoinsights.com/ 386 B
959 B 400ms
92ms Script
application/javascript 34.225.22.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://elsa.memoinsights.com/n?pid=62012a7a19351c07620394e0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F08%2Fnewfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass%2F&author%5B%5D=Dan%20Goodin&title=Organizations%20are%20spending%20billions%20on%20malware%20defense%20that%E2%80%99s%20easy%20to%20bypass&date=2022-08-30T19%3A04%3A28Z&referrer=&ref_url=&page_url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F08%2Fnewfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass%2F&cb=MEMO.API.callbacks.cbosylbcsf&v=v3.0.6
Requested by: Host: cdn.memo.co
URL: https://cdn.memo.co/js/memo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.22.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-22-62.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 5e09a576d5e823ddcbad6e4c4020ab1b55112e05527ce649854747b9f9ba7f42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:27 GMT
content-encoding: gzip
server: istio-envoy
content-type: application/javascript
x-envoy-upstream-service-time: 0
Connection: keep-alive
Content-Length: 261
x-request-id: 130955f7a50e3e885203dd7aaf5c20e3

GET
H/1.1 200
OK 60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady37330710 Show response
player.cnevids.com/script/video/ 69 KB
23 KB 110ms
110ms Script
text/javascript 13.32.27.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady37330710

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-218403ea71.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-22.fra56.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

13f590aedf195578255e3362cd25fbc0e6e4c615b988bfc10bf32ea6f56b31f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 11:35:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA56-C2
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 22323
X-XSS-Protection: 1; mode=block
X-Request-Id: 62b9ea2d-4b06-4695-80b4-fd2945ffb885
X-Runtime: 0.005483
X-Backend-Node: 10.110.10.22
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"7299114ebc1f2a9cff9da388b13f06f9"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Id: mW_HR4MnBrq-nEU8t1MAnmiwlwg2adDu78pOVcvOH2b341tiCab3Bw==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1621877260/ 11 KB
12 KB 62ms
15ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

0396be2ab58ec30babd0838d7e37d6407475d4361be85ee7451dbac9186add57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 103
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11625
Last-Modified: Thu, 20 Jan 2022 21:51:37 GMT
Server: Cloudinary
ETag: "0b80752552abdab1277829e7a4b2824a"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: F_EZbXyK0UQ2ct6xVkjqVKBjfSQ6imM3Lmt5DoKHqOwo-qAmHFEguQ==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-the-warhammer-40k-universe-answered-by-author-dan-abnett.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1620135390/ 14 KB
15 KB 63ms
16ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1620135390/arstechnica_unsolved-mysteries-unsolved-mysteries-of-the-warhammer-40k-universe-answered-by-author-dan-abnett.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

a2bd43c80adc73ae26472a90ec3bd9df44a5b7d2dafb133b8660efd800c719b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 103
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14620
Last-Modified: Thu, 20 Jan 2022 21:51:38 GMT
Server: Cloudinary
ETag: "7996e22c04be37a8677bb680607e6d12"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: aM2XkEnprtlSxrWOjMXrhaynJRylcT-nyi0_n6ebY3ImlQoYzw8L2Q==

GET
H/1.1 200
OK arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1619531614/ 5 KB
6 KB 61ms
14ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1619531614/arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

85c33811c2b04e4e02babe2fd6bd7ac0035f93e95827116429bbda2cf9c6c95d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:32:12 GMT
X-Content-Type-Options: nosniff
Via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 260
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 5242
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "cfdeb1a825aca3ca1bf9ab3727325d27"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: SqpLyrDe12oR1i9b2B3M2rrX7udXQdw2NK1cIAw5qVMSw9vhxtbcUg==

GET
H/1.1 200
OK arstechnica_sitrep-boeing-707.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1615574323/ 12 KB
12 KB 60ms
14ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1615574323/arstechnica_sitrep-boeing-707.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

571479d52cd675db5573fe46973c62cba6d8224a76136fcefeb90f7dc42a6391

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Mon, 02 Jan 2023 06:23:07 GMT
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
Via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 1487540
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11899
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "49fd6cf75b5acbe4ea95126496406585"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: PnMYqLKe6yCYaVPoV4v8tou873fbAUN9GohuNkEed7JzTs2g-xw0OQ==

GET
H/1.1 200
OK arstechnica_steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1611089409/ 16 KB
17 KB 83ms
36ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1611089409/arstechnica_steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

06b33c040105224101afcdaacd82b6dfb3ea1bf9ef3d7478cf5fa163a0ad65e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:35:27 GMT
X-Content-Type-Options: nosniff
Via: 1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 16317
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "4796345150de82db7572da4e13d5fbc1"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: iwUsuZxOj4Pq9FJ8adUIwS66ZSrHBLq2IiSemVw0IcOuEYTTdEkcUw==

GET
H/1.1 200
OK arstechnica_modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1607984287/ 14 KB
15 KB 64ms
18ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1607984287/arstechnica_modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

de5e37739b5797e8ba9dba4a2dcb65f37c36a65fe839cb306162e21c74ba166e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 3a65445020a52e9a185051db037167ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 213
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14171
Last-Modified: Thu, 20 Jan 2022 21:51:37 GMT
Server: Cloudinary
ETag: "7f2bf661d68cedfcf91542c6e1dab7c6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: cVvhSv9TjnStbfEjQNTuVv9178E008ZoTJw7FLAtkrZQmxFSdvJxBg==

GET
H/1.1 200
OK arstechnica_war-stories-gail-tilden.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603899385/ 15 KB
15 KB 16ms
15ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603899385/arstechnica_war-stories-gail-tilden.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

7d91c04c657709af03f6dad61d375c3208d18ab5ff7851c2472007dc05201342

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 103
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15071
Last-Modified: Thu, 20 Jan 2022 21:51:38 GMT
Server: Cloudinary
ETag: "1f4aa6187c59e6ed79d0c3a2a0bc19d9"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: byI8V02cMoGQCyMTMrhiM7DrxQWYUt8gUh3Ma1aM56ZBMNPNt1kdvw==

GET
H/1.1 200
OK arstechnica_personal-history-scott-manley.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603123470/ 14 KB
15 KB 15ms
14ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603123470/arstechnica_personal-history-scott-manley.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1f466b08649eef5ad16c20f6d7207bf8818cb107b6241950dbc568cdffc03d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:31:48 GMT
X-Content-Type-Options: nosniff
Via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 278
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14113
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "963bf0b22c745f95a06f32ee1317b872"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: Hiw4VxszbiIVypd0I1EVm9XXZnPevwbrFQRsctO8X7d-dE78f6NWjg==

GET
H/1.1 200
OK arstechnica_scare-tactics-thomas-grip.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1602524702/ 15 KB
15 KB 16ms
16ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1602524702/arstechnica_scare-tactics-thomas-grip.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

617e0f9fee7ef0ca891735246b4b5a61caa3622db4a4256685b061c9f43bd053

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 170
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15079
Last-Modified: Thu, 20 Jan 2022 21:51:38 GMT
Server: Cloudinary
ETag: "d57f99149a48173e30de572cfa48ed93"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: T1DXEMap3rBVV3mML0yn-hXhcB2i-fad3Vi7dO3UFYbQXLzsIKwqKg==

GET
H/1.1 200
OK arstechnica_personal-history-lgr.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1600711530/ 14 KB
15 KB 15ms
15ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1600711530/arstechnica_personal-history-lgr.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

29637e0647104ccc5d5583e652db29ce99e947c858c3d9502960e7ea7f1aea19

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 113
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14772
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "4049b10cd3281951b01beb4f36134234"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: Kw-jyxvpCh09iM939h7ofWvD6kdOl9-bPD21Qyr5FAzOt_JGCsGuDg==

GET
H/1.1 200
OK arstechnica_the-f-35-s-next-tech-upgrade.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1598890591/ 3 KB
4 KB 15ms
14ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1598890591/arstechnica_the-f-35-s-next-tech-upgrade.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3b0209841325362235c221628e471145726897e4e1c9b210b6e6b2217fdf2ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 27 Dec 2022 22:54:41 GMT
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
Via: 1.1 3a65445020a52e9a185051db037167ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 1946446
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 3374
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "3f16924a1fdff64e971a0491115fc147"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: lQNQTjsbLVb3CicRd_BwtIarjmKRM-V71OXhVoIzVckiWGmfWqJeVQ==

GET
H/1.1 200
OK arstechnica_war-stories-diablo.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1597686086/ 14 KB
15 KB 15ms
14ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1597686086/arstechnica_war-stories-diablo.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

aa3b9513abbbf65a2c8483122648fce1b39b1afa2a69bdf863242f1411baba58

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 3a65445020a52e9a185051db037167ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 170
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14667
Last-Modified: Thu, 20 Jan 2022 21:51:39 GMT
Server: Cloudinary
ETag: "d4de63ae8b9ef5b77ad58eaae97d7d02"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: SU3CJwfPUlOtsJcNQRpvyqvmc-9lf1KUzEHMi5Z2lKqPIBNTTWJPYw==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-mortal-kombat.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1596476950/ 11 KB
12 KB 15ms
14ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1596476950/arstechnica_unsolved-mysteries-unsolved-mysteries-mortal-kombat.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

0b5c6a8d4a856db56da956eced8af9a5eb6e0a89dc67de5ffc4c83513472a3cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 170
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11486
Last-Modified: Thu, 20 Jan 2022 21:51:38 GMT
Server: Cloudinary
ETag: "7a8a596aae95c9a900261808554523e6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: XA9mMHX3eA6166t567O1eqre8IQS_npliejT-uR59pwTmwnP0i8_cA==

GET
H/1.1 200
OK arstechnica_us-navy-gets-an-italian-accent.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1595427354/ 6 KB
7 KB 13ms
13ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1595427354/arstechnica_us-navy-gets-an-italian-accent.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

85db95dbe15c810a710ca6d9094a2a29f2eeea05791cc7aaab7af8939684b978

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Wed, 18 Jan 2023 07:25:58 GMT
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
Via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 101369
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 6124
Last-Modified: Thu, 20 Jan 2022 21:51:46 GMT
Server: Cloudinary
ETag: "51113bf4443c0cf453d0e8bf60489ac7"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: uvpiV9FoGSU9UGEi3bMjn8h6jWQDkCXpX2hH-QgDxkygo_fBO7I7nw==

GET
H/1.1 200
OK arstechnica_war-stories-war-stories-undone-w-slash-hisko-hulsing.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1594656439/ 10 KB
11 KB 16ms
15ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1594656439/arstechnica_war-stories-war-stories-undone-w-slash-hisko-hulsing.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e74b9cb9d8871d300d2a1d36ce2cd00dfbfe0c5d8066d1d415c4ce620a919d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:50 GMT
X-Content-Type-Options: nosniff
Via: 1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 257
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10345
Last-Modified: Thu, 20 Jan 2022 21:52:15 GMT
Server: Cloudinary
ETag: "60622b64688dbb49917234d4091856fb"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 0uFAhgUYI0ojEk1MPyv3dEoE9iVb-Us0C6ECdOg7R8MoJ0M9viiHwA==

GET
H/1.1 200
OK arstechnica_fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1593453234/ 15 KB
16 KB 15ms
15ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1593453234/arstechnica_fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

9431bc6d1a6d036a70c92dfc9000d7965f939671a59705bdd01c3e652048ed9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 01 Jan 2023 03:18:05 GMT
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
Via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 1585042
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15307
Last-Modified: Thu, 20 Jan 2022 21:49:07 GMT
Server: Cloudinary
ETag: "324e15e8b7d3edd23ffbf5df0a1a9e77"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: G3kgohJaTYRh-PLzvbiLCmIyX8h9VRQYpZg-k07MN84GsdWv2D7kOQ==

GET
H/1.1 200
OK arstechnica_war-stories-war-stories-nba-jam.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1592315288/ 14 KB
15 KB 15ms
15ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1592315288/arstechnica_war-stories-war-stories-nba-jam.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

5be5b0170ad4bbd2be91182d137933e7de9c7e86b09ec855a4bac015ebfd746f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 160
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14149
Last-Modified: Thu, 20 Jan 2022 21:51:39 GMT
Server: Cloudinary
ETag: "bd63326fa81d10df9e2da1245d3c122c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: Xvi4tOEBIy8t_x6KmGKmI5dRReWsHx2FN83Ny8EfxNDZCivqStJ9Sg==

GET
H/1.1 200
OK arstechnica_linus-tech-tips-reacts-to-his-top-1000-youtube-comments.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1591804041/ 9 KB
10 KB 19ms
16ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1591804041/arstechnica_linus-tech-tips-reacts-to-his-top-1000-youtube-comments.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e8830a414dfeb4c0e0f519d3419f69849df9226f329357c938333dbf2c956f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:38 GMT
X-Content-Type-Options: nosniff
Via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 66
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 9054
Last-Modified: Thu, 20 Jan 2022 21:49:07 GMT
Server: Cloudinary
ETag: "b17d3aab70cb56fbf2df892c8415ab16"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: YTPqS5HQXzOdzRQL2QtLh5ntzUpjjwvycyZsAVPuyk964nc1E4FiyA==

GET
H/1.1 200
OK arstechnica_war-stories-how-alan-wake-was-rebuilt-3-years-into-development.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1589408118/ 11 KB
11 KB 17ms
16ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1589408118/arstechnica_war-stories-how-alan-wake-was-rebuilt-3-years-into-development.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3f2cf5f857c617761a251ceef8f6ed452a7690e21f16eff0a70dddf9beea8633

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 140
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10817
Last-Modified: Thu, 20 Jan 2022 21:51:39 GMT
Server: Cloudinary
ETag: "9417ada34c9b6b07ccd41a463b717969"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: QuoR3w7Gkm_QQEBSLJNUTp6EkJJCmt6Kz-E0z2U7JujdJ1-8AI3Ofw==

GET
H/1.1 200
OK arstechnica_war-stories-prince-of-persia.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1584454477/ 15 KB
16 KB 17ms
17ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1584454477/arstechnica_war-stories-prince-of-persia.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

56f8838a24cb0cc47dc34a19d6b84d6ce8bf8086b1682bbb990abc13b1e2da65

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 134
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15682
Last-Modified: Thu, 20 Jan 2022 21:51:39 GMT
Server: Cloudinary
ETag: "e9cccef2a4a4cf217be0ba162f6b4296"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: saV-ipK0DQsJYO8oM1nDY4zTwDwwi6LpH9bmfz9a0LeSsi5FiGn00w==

GET
H/1.1 200
OK arstechnica_war-stories-how-crash-bandicoot-hacked-the-playstation-to-run.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582755533/ 17 KB
18 KB 18ms
17ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582755533/arstechnica_war-stories-how-crash-bandicoot-hacked-the-playstation-to-run.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

46a9ddb1f206a46900872e0a832750ae06925528f81883a3d3517fdb42aefb6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 139
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 17475
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "7588b83c6eb2a1165344abad7e12e715"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 3V_oCx-N94_OMo041giTAYLTaYpftKUxFN--il8mQX8NSyrM2GoEyg==

GET
H/1.1 200
OK arstechnica_war-stories-myst.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1580223113/ 13 KB
14 KB 15ms
15ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1580223113/arstechnica_war-stories-myst.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1bf55bc00dbf13180884211c3d301729e67b81f3456225c1fbf97d271d636509

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:50 GMT
X-Content-Type-Options: nosniff
Via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 43
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 13522
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "ed8c6a9aa19e7d5c7aa46a3aead23a87"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: zX9h0fy928MFt2dE0OkLS9do5Lmse5LvdW4dYokElUFfpCQtejSS8g==

GET
H/1.1 200
OK arstechnica_markiplier-reacts-to-his-top-1000-youtube-comments.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1579194313/ 9 KB
9 KB 16ms
15ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1579194313/arstechnica_markiplier-reacts-to-his-top-1000-youtube-comments.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e336ff50623cff960c2396944be4392139f63dcc032e5f3428d81489fdfe697a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:31:48 GMT
X-Content-Type-Options: nosniff
Via: 1.1 3a65445020a52e9a185051db037167ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 239
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 8832
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "2bad386c14ac040d530ceb2ae89c8bbb"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: T8b-DXczqcHnyUU23QsCQqIt9BHTbyPWXb1NoWX4SGldl_gCV5JNuQ==

GET
H/1.1 200
OK arstechnica_war-stories-war-stories-oddworld.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582815531/ 12 KB
13 KB 15ms
14ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582815531/arstechnica_war-stories-war-stories-oddworld.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1097abb6f0992cccc79428374463e7f23b99dae5eb85d7317b20bd57c96031bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:31:48 GMT
X-Content-Type-Options: nosniff
Via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 239
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 12614
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "4a7903cbe66890b5688d843661943ccd"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: mfkxTOepsT4OrlBJN-UNvVxj5otacJePV8O5UOIAmDnMaSk7vXttgA==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1573140819/ 11 KB
12 KB 71ms
71ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1573140819/arstechnica_unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

de24551bd4396fc8579b2d87ce01944553dd48fb52775d14373725a50efa0c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:35:27 GMT
X-Content-Type-Options: nosniff
Via: 1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 13
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11417
Last-Modified: Thu, 20 Jan 2022 21:52:15 GMT
Server: Cloudinary
ETag: "3e8509d06c6610d54babcac0d91e5d93"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: uzE7wkdGZZk4J4BEZkNwvO5Az1ey7KW7z3CTbk62S8i5H1dqxYEoQw==

GET
H/1.1 200
OK arstechnica_war-stories-civilization.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1569003425/ 16 KB
17 KB 30ms
29ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1569003425/arstechnica_war-stories-civilization.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1c7dcc8216c6f82da2998ceeac2523632c7f9bffe510824b6d082621201f2012

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:35:27 GMT
X-Content-Type-Options: nosniff
Via: 1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 23
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 16236
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "72002610618f7bf8bf0e52c760e39897"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: wSPotyWGfWBiP4Obc8P1qRiS7KVMwRxiBeSWFhRDWYb58LfdSqZEPA==

GET
H/1.1 200
OK arstechnica_sitrep-dod-resets-ballistic-missile-interceptor-program.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1568662260/ 11 KB
11 KB 14ms
14ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1568662260/arstechnica_sitrep-dod-resets-ballistic-missile-interceptor-program.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

7fc88c65d46e83b3f3e9f098f05fd639480332fc3718cd714725e2e4633af4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 02:18:22 GMT
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
Via: 1.1 3a65445020a52e9a185051db037167ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 983825
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10793
Last-Modified: Thu, 20 Jan 2022 21:51:46 GMT
Server: Cloudinary
ETag: "0e1ff58ccf6d97759de3d774a7ff835a"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: SJqTRIQO9ghAk2XjzIytPEVFxJjBoZEFrYTEtcLTKkLCNkkwbeBsAw==

GET
H/1.1 200
OK arstechnica_warframe-reviews.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1561556730/ 14 KB
15 KB 15ms
15ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1561556730/arstechnica_warframe-reviews.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

83a366075eb2387c6d9f848f42b08df0546027333eccf5813edf95ba45709be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 170
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14837
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "1d90d6aef7585f963e1270a1a02a4dd4"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 9DD_HW-eQUd_zmZXCMzR4f62ru3AISO548gVBaK2HAQ1lfqsmjkO4w==

GET
H/1.1 200
OK arstechnica_war-stories-subnautica.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559747425/ 15 KB
16 KB 17ms
16ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559747425/arstechnica_war-stories-subnautica.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

20660a9ef7ec454c15b2dc62b3db084e0cc9f74c5bb6de71a96fb1a54aef00f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:50 GMT
X-Content-Type-Options: nosniff
Via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 57
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15222
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "8c45b6c645caba59f4b14d3fbdc09062"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: WFYfQwpIb3ujcfOhwpuxEKrrlV_DlOZJ8nGF81OUDXBODJuTJC3Xqw==

GET
H/1.1 200
OK arstechnica_war-stories-slay-the-spire-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556741487/ 15 KB
16 KB 15ms
15ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556741487/arstechnica_war-stories-slay-the-spire-war-stories.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

f9d9e96c4439beeca49a1a10f9dffe6f5cd0b604d13aa13af170d0bc62d8ca1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 139
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15634
Last-Modified: Thu, 20 Jan 2022 21:51:41 GMT
Server: Cloudinary
ETag: "abee90e53f29ba0127fca9442ab50902"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: HakEK5IxnMrKz196Pb8Azs83wWXMQH4kUsHwWgqEgo9_eWTWbvXhHA==

GET
H/1.1 200
OK arstechnica_war-stories-amnesia-the-dark-descent-the-horror-facade.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1555359865/ 15 KB
16 KB 16ms
16ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1555359865/arstechnica_war-stories-amnesia-the-dark-descent-the-horror-facade.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1defb6bc54a7ee9c066136908360e8455c23ee9ad0dec9924e7255d7948cd4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 91
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15251
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "3e7cdc13e718680bf5e1efa64468b560"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: O7GP55zw6_RntL4NCiN3Vv6IHm5Lq67j0xGhAuMY57vs05HMaVfVKA==

GET
H/1.1 200
OK arstechnica_war-stories-c-and-c-tiberian-sun.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/ 19 KB
19 KB 18ms
17ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/arstechnica_war-stories-c-and-c-tiberian-sun.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:50 GMT
X-Content-Type-Options: nosniff
Via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 37
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 19022
Last-Modified: Thu, 20 Jan 2022 21:51:41 GMT
Server: Cloudinary
ETag: "fe52b9acd391d8bee8de15a0f429b377"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: vbjiO65D60o7USbSCRHIq5UVc4lz9B3wekdEQF61nNOIRYcBk1BIiw==

GET
H/1.1 200
OK arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/ 18 KB
18 KB 16ms
16ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:34:02 GMT
X-Content-Type-Options: nosniff
Via: 1.1 3a65445020a52e9a185051db037167ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 139
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 18172
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "32f1b8954559c8d598e9861f5b8360b9"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: fI3p7jybftEuOOSroV2kXpKu8B2HrRzf2ZtI1si5RU64hO_FwPdtZA==

GET
H/1.1 200
OK arstechnica_war-stories-dead-space-the-drag-tentacle.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/ 7 KB
8 KB 14ms
13ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/arstechnica_war-stories-dead-space-the-drag-tentacle.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 05 Jan 2023 07:07:03 GMT
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
Via: 1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 1225704
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 7393
Last-Modified: Thu, 20 Jan 2022 21:51:41 GMT
Server: Cloudinary
ETag: "17a6e4b5eb75eb12f5d8c89eb3d0ace8"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 4VcG7Ocf9sxRx9bYGKw1J3laKgC9xLJ3pOUbiYKoLkGaNL78g702Ow==

GET
H/1.1 200
OK arstechnica_teach-the-controversy-flat-earthers.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/ 10 KB
11 KB 15ms
14ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/arstechnica_teach-the-controversy-flat-earthers.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:32:37 GMT
X-Content-Type-Options: nosniff
Via: 1.1 40e8cff7eb9a18d9e3d7f191f1493514.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 299
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 10595
Last-Modified: Thu, 20 Jan 2022 21:52:14 GMT
Server: Cloudinary
ETag: "6c0c4f8a9d61ed2b5863a8058c624a37"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 9kdSJSYKvIiJLFsFV0kbwCLJ8pYFzF15yoANK2vKfKZ0TRwZviFIXg==

GET
H/1.1 200
OK arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/ 12 KB
13 KB 15ms
15ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:33:29 GMT
X-Content-Type-Options: nosniff
Via: 1.1 3a65445020a52e9a185051db037167ba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 154
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 12509
Last-Modified: Thu, 20 Jan 2022 21:52:14 GMT
Server: Cloudinary
ETag: "b9c502ffc902b60d0eb13698b37a945d"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: A3_qMKu7DNJToQIP4cBWAbd4g5DvT-BoSjSgUnjfHVUR9yQ_d57FnQ==

GET
H/1.1 200
OK arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/ 7 KB
8 KB 14ms
14ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 03 Jan 2023 07:07:47 GMT
Strict-Transport-Security: max-age=604800
X-Content-Type-Options: nosniff
Via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 1398460
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 7181
Last-Modified: Thu, 20 Jan 2022 21:52:14 GMT
Server: Cloudinary
ETag: "0549828edcecd339d8d10ebe6119de70"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: fxJgwqutfY7WAGiilCft1HVO-SVI7ceXfhAz_SXrba_Fg6qFutI2Gw==

GET
H/1.1 200
OK arstechnica_apollo-mission-episode-1.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/ 14 KB
14 KB 31ms
31ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/arstechnica_apollo-mission-episode-1.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:35:27 GMT
X-Content-Type-Options: nosniff
Via: 1.1 d88e262cb7d055ed4daf7466b2147af0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 13
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 14040
Last-Modified: Thu, 20 Jan 2022 21:52:14 GMT
Server: Cloudinary
ETag: "ecc047c6eed3dc571a78eab647201220"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: IioCHBG6o-QKxZ1_ICoIf913nTripSND_QHX73R06pL3PKeszGd-1A==

GET
H/1.1 200
OK arstechnica_richard-garriot-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/ 14 KB
14 KB 15ms
15ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/arstechnica_richard-garriot-war-stories.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:31:48 GMT
X-Content-Type-Options: nosniff
Via: 1.1 3dca71b0fde541bcd2caf3756ffbc27a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 236
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 13885
Last-Modified: Thu, 20 Jan 2022 21:51:41 GMT
Server: Cloudinary
ETag: "13d45a1733ad4d2f3ae707584d6a8a32"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: MMz0PQqgiGNxB7EbZyqRp4GQKWpKmX2avbuGLwL3-6uofx7CbtV4LQ==

GET
DATA 200
OK truncated
/ 408 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
500 B 72ms
29ms XHR
text/plain 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=383250&u=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F08%2Fnewfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 19 Jan 2023 11:35:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7b4Ffm4YP6UbuIok1O97DoiZ1IAA7i5hywKDfDohEKvJWwHrNfNKxRgeEZlsN897yR5FV09pSdD4EV8T9sfXfg0KKWB%2F81QR%2F2OoSsfeD0KUmhDoHhPta8Lt5%2FI72qoJX0jXCW1%2Fauo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 78bf445cac602bb9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200
OK embed-api.json Show response
player.cnevids.com/ 11 KB
5 KB 30ms
13ms Fetch
application/json 13.32.27.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/embed-api.json?videoId=60abade4dc31e5375248cba6&embedLocation=arstechnica

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady37330710

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.27.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-27-22.fra56.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

6570d5aeddcdc8896db45d20ceaa165df3c35eb002a1984f84ba995bbcfb1f46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 11:32:48 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Via: 1.1 747e99d9d8c5e29fdc713cf866bc3f82.cloudfront.net (CloudFront)
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA56-C2
Age: 159
X-Cache: Hit from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 3755
X-XSS-Protection: 1; mode=block
X-Request-Id: 937d59b8-c125-4e49-9c9c-01013a4f7254
X-Runtime: 0.010308
X-Backend-Node: 10.110.77.24
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"7c5f7735a231641b44ab584c93367137"
X-Download-Options: noopen
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=300, public
Vary: Origin,Accept-Encoding
X-Amz-Cf-Id: rKzYlUuUzwReKt4I2sgfOvXTFEkCth1ASz2t-tQ3syBsQ88fCquCsA==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame AA9C 369 KB
123 KB 163ms
89ms Script
text/javascript 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady37330710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341cac54e2233a3ea849713a87fce48e95ed8f3c8317c4d3bdcf0610da762e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125890
x-xss-protection: 0
expires: Thu, 19 Jan 2023 11:35:27 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 81 KB
30 KB 92ms
21ms Script
text/javascript 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady37330710

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b6ae62856ea9147e6404cec0998a76ea2c3ecc7d1d0770766c49c04b67037a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:27:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29678
x-xss-protection: 0
last-modified: Wed, 18 Jan 2023 17:48:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Thu, 19 Jan 2023 11:42:08 GMT

GET
H/1.1 200
OK player-style-ad5233f92eb6f9be19d0.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame AA9C 90 KB
13 KB 60ms
9ms Stylesheet
text/css 143.204.214.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-ad5233f92eb6f9be19d0.css
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady37330710
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-81.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1412791fc3e8ede20785df7b4856ac7452464af2e797beb0859adb07771fdc84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 08 Jan 2023 04:22:33 GMT
Content-Encoding: gzip
Via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-version-id: 2cg9.WiNIDIrJGZmK_WaO3At3S9.Q45s
X-Amz-Cf-Pop: FRA53-C1
Age: 976374
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 12947
Last-Modified: Fri, 02 Sep 2022 18:44:44 GMT
Server: AmazonS3
ETag: "ea430c2406991ae5498deee90d363e49"
Content-Type: text/css; charset=utf-8
Cache-Control: max-age=63072000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: LLSwwB5lqoWCSc_f_M4zhY9zcbDdearqRyKcZ_RNAqPkmhQtpE0_9Q==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK main-71a56a201b348fe616bc.js Show response
d2c8v52ll5s99u.cloudfront.net/player/ Frame AA9C 960 KB
251 KB 59ms
8ms Script
application/javascript 143.204.214.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-71a56a201b348fe616bc.js
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady37330710
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-81.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cd3351dc69753f565581887b2020aa802ee2a5be1679c85957c3ca33bfe49360

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Fri, 13 Jan 2023 00:50:49 GMT
Content-Encoding: gzip
Via: 1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
x-amz-version-id: iAF9YwX7Ti_uah4NCg1JRvC7H73CuEFA
X-Amz-Cf-Pop: FRA53-C1
Age: 557079
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 256374
Last-Modified: Wed, 11 Jan 2023 21:23:06 GMT
Server: AmazonS3
ETag: "2f540a94c301d5f28e17d96b39f41d04"
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=63072000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: m8-6Q7b_ilklcxf403ys5FsUb0pJxOlx7Kl3MbWOLfbSsKXncQPI9g==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 82 KB
36 KB 301ms
252ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F08%2Fnewfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass%2F&srcUrl=http%3A%2F%2Ffeeds.arstechnica.com%2Farstechnica%2Findex&idx=0&rand=39015&key=NANOWDGT01&widgetJSId=AR_14&va=true&et=true&format=html&adblck=false&abwl=false&px=190&py=6623&vpd=5423&cw=1220&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=201077&sig=DGNTFST5&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPl1VAAPl1VAAAcABBENCzCgAAAAAAAAAChQAAAAAAJBAHoAAgADQAOAA8AC4AHwAWgA-ACMAEkAKAAWwAxAB_AEWAJEAXwA1ABtADiAHIAOcAdQA-QCBgEHAJEAT8AoYBSwDCAHVAPQAhsBD4CLwEegJCAStAmwCbQFNgKvAWEAuIBdAC6gF2gLyAYFAw8DEAGLAMhAZQA0IBowDSgGpgNdAbQA24BugDggkEUABAAC4AKAAqABkADgAHgAQAAwABlADQANQAeQBDAEQAJgAT4AqgCsAFgAN4AcwA9ACEgEMARIAjoBLAEuAJoAUoAtwBhgDIAGWANkAd8A9gD4gH2AfsA_wEAgIuAjEBGgEcAJSAUEAp4BVwC5gGKANYAbSA3ADeAHyAQ6AkQBMoCdgFDgKRAU0AsUBaAC2AFyALvAXmAwYBhIDDYGRAZIAycBlwDOQGfANIgawBrIYBIAAYABYADgALgBGACSAE-AKgAqgBbADEAG8ARYApABpQDUANUAcQBLQClgGyAOoAhsBF4CQgEtAJsAUOApsBYgC4gGBAMPAYsAyMBoQDXQG6BoDwAVgAuACGAGQAMsAbIA7AB-AEAAIKARgAp4BV4C0ALSAawA3gB1QD5AIdARUAkQBOwCkQFyAMJAYwAycBnIDPAGfCAEQABgAFgAOAAuADUAIwASQAngBVAC2AGIAN4AiwBSADUAHEAPkAkQBLQClwG4AbwBDYCLwEhAJaATYAocBcQDAgGHgMWAaEA10BugiAuAFYAQwAyABlgDZAHYAPwAgABGACngFXANYAdUA-QCHQEiAJ2AUiAuQBhIDJwGcgM-FQFAAKABDACYAFwARwAywB2AEcAKvAWgBaQDeAJBAWwAuQBeYDIgGcgM8AZ8A3IUAVADEAJkAUgAyoBqAGqANoAcQA5AB4AEFAJaAUsA6oCPQE2ALEAYEAw8BmgDQoGuga8MALgA1ADEAJkAUgAygBqADaAHEAOQAeABLQClgFiAOqAj0BJwCbAFiALyAYEAw8BoQDXRkBAAIYATABHADLAHYARwAq4BWwDeALRAWwAvMBkQDOQGeAM-HAZQABAAGAARAA4ADwALgAfABaADmAH4AggBGACgAFsALoAXwAyABoAD-AIQARwAkQBOgCkgFkAWYAvgBlgDSgGoAaoA2gBxADkAHOAOoAdgA7gB8wEAAQWAg4CEAERAJEASoAloBNoCfAJ-AUsAqABWQC9QGAAYEAwgBmQDWAGvAN4AccA6QB1QDyAHoAPkAhABDcCHwIgAREAj0BIQCVgExAJlgTYBNoChQFIAKTAUwApsBUwCqgFXwK2ArsBZQC0AFpALUAXFAugC6gF7AL6AYFAw8DEAGLAMhAZQAy8BoUDRQNGAaUA00BqcDXQNeAbQA2wBtw6CsAAuACgAKgAZAA4ACAAF0AMAAygBoAGoAPAAfQBDAEQAJgAT4AqgCsAFgALgAYgAzABvADmAHqAQwBEwCWAJgATQAowBSgCxAFvAMIAw4BkAGUANEAbIA3wB3gD2gH2AfoA_4CLAIwARwAlIBQQCngFXALFAWgBaQC5gF5AMUAbQA3ABzoDpgOoAh0BFQCLwEggJEASoAnYBQ4CmgFWALFAWwAuABcgC7QF3gLzAYMAwkBhoDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNYAbGQAbgAIACCAF8ANAAfwBIgCkAFkALcAXwAy4BqAGqANoAcQA5ABzgDsAHgAQUAnwBQwClgFZALEAYAAwgBmQDeAHVAO2AegBD4CPQEhAJOgTYBNoChQFIAKTAVsAtoBdAC8gF7AMCAYeAxIBmgDQgGigNKAamA10BtgDbiEDMABYAFAAMgAuABiAEMAJgAVQAuABiADMAG8APQAjgBYgDCAGUAN8Ad4A-wB_gEcAJSAUEAp4BV4C0ALSAXMAxQBtADnAHUASCAkQBKgCmgFigLRAWwAuABcgC7QGRAMnAZyAzwBnwDRAGkgNLAcASAWgACAAMAA4AC4AOQAqABfADIAG8AQgAkQBSACygFyAXwAywBpADUAG0AO4AgABBwCEgEtAJ8AVAArIBrwDeAHVAPsAlYBLUCbAJtAUmAqkBZQC0gF7AMPAYiAxYBoQDSgGugNyJQMAAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADNAIYAiQBHACjAFKALcAYQAygBsgDvAH4ARwAp4BV4C0ALSAYoA3AB1AD5AIdARUAi8BIgCxQFsALtAXmAyIBk4DLAGcgM8AZ8A0gBrADgCgEwAAQABgALgAfABaADkAH4ARgAqABWAC-AGSAN4A5ACEAEcAJEATIAnQBSACygFyAXwAywBpADUAG0AOIAc4A6gB3ADwAHyAQAAg4BCQCKgEiAJaATaAnwCfgFDAKWAVkAsQBdQDAQGEAYoA14BvADqgHbAPIAegA-QB_wEegJiATLAmwCbQFIAKYAU2AqYBWwCuwFoALyAX0AwIBh4DFgGhANEAaVA1IDU4Guga8A4IpA-AAXABQAFQAMgAcABBADAAMoAaABqADyAIYAiABMACeAFIAKoAWAAxABmADnAIYAiQBRgClAFiALcAYQAygBogDZAHfAPsA_QCLAEYAI4ASkAoIBVwCtgFzALyAbQA3ACHQEXgJEATsAocBYoC2AFwALkAXaAvMBhoDGAGRAMkAZOAy4BnIDPAGfQNIA0mBrAGsgNjAA.YAAAAAAAAAAA&cmpStat=1&ccpaStat=1&chs=1&ogn=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F08%2Fnewfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fd142c726ca2be56f53a58e681401245e6c91e3d9acbbcddae98a54aba7df393

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Thu, 19 Jan 2023 11:35:27 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, VIE, Europe1
x-timer: S1674128128.567930,VS0,VE237
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21966-LGA, cache-vie6364-VIE
x-traceid: c7223e6f3e5e36a8cc2e07d069a66caf
accept-ranges: bytes
content-length: 36647
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK a7866f99-d2eb-475a-a0b0-db45503886b0
https://arstechnica.com/ Frame AA9C 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/a7866f99-d2eb-475a-a0b0-db45503886b0
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1 200
OK onetag Show response
assoc-na.associates-amazon.com/ 64 B
459 B 99ms
99ms XHR
application/json 72.21.195.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22arstech20-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F08%2Fnewfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass%2F%22%7D&u=https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Requested by

Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

s3-1.amazonaws.com

Software

Server /

Resource Hash

08d199a1f9b23969198785f4a8c384036bdc3b05b40d655c51bd7413c028ec3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 11:35:27 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 37JV3CJXA5BMNBHWV9CW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 64

GET
H/1.1 200
OK sf-ui-display-medium-webfont.woff2
d2c8v52ll5s99u.cloudfront.net/assets/fonts/ Frame AA9C 29 KB
30 KB 408ms
389ms Font
application/font-woff2 143.204.214.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-ad5233f92eb6f9be19d0.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.214.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-214-81.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

Referer: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-ad5233f92eb6f9be19d0.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Via: 1.1 fc7091924e65025d5bfb92361ec3e660.cloudfront.net (CloudFront)
Date: Thu, 19 Jan 2023 11:35:29 GMT
X-Amz-Cf-Pop: FRA53-C1
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 29632
Last-Modified: Mon, 26 Jun 2017 15:24:42 GMT
Server: AmazonS3
ETag: "7d18db04f980971f2a9c5026bbc34bed"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Cache-Control: max-age=63072000, public
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Accept-Ranges: bytes
X-Amz-Cf-Id: u_-uz61KLMIhQ8-tlQmUdS1YjxcAzeOzQEt5sFY_-WG7XCuwr6iwBg==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 bridge3.552.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame BAE0 703 KB
224 KB 20ms
19ms Document
text/html 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aeb8b6e67c3c02f20a0c010763e30fdb3e684144e5b93e508dfca1c3f0985187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 144120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 228701
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 17 Jan 2023 19:33:27 GMT
expires: Wed, 17 Jan 2024 19:33:27 GMT
last-modified: Tue, 17 Jan 2023 19:28:53 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame AA9C 44 KB
17 KB 155ms
81ms Script
text/javascript 2a00:1450:400d:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 19 Jan 2023 11:35:27 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame AA9C 106 KB
28 KB 32ms
12ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-71a56a201b348fe616bc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 19 Jan 2023 11:35:27 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27815
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: oCy6TU/t5fEhtnHcCRprxwkKr9a0vQgf3/OgvVN5Fo9CqXcO0Fz9qVeWffjOnNwOiWbFDo09fEe32X2sWnIwsA==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame AA9C 48 B
48 B 400ms
91ms Image
image/gif 52.20.148.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2023-01-19T11%3A35%3A27.776Z&_c=&_t=Player%20Requested&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F08%2Fnewfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass%2F
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.20.148.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-20-148-9.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Jan 2023 11:35:28 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame AA9C 50 KB
51 KB 74ms
74ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:35:27 GMT
X-Content-Type-Options: nosniff
Via: 1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 22
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 51500
Last-Modified: Tue, 25 May 2021 15:04:45 GMT
Server: Cloudinary
ETag: "1631177d1131925333a3b2b652f3d8b2"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: JJ1Kl6MwPg_uw665gFDdwFhi9F-3lQ-TmXMpHI2W8lSrxPzA8wRqxQ==

GET
H/1.1 206
Partial Content 1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame AA9C 238 KB
0 71ms
16ms Media
video/mp4 18.66.15.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-129.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 19 Jan 2023 06:34:40 GMT
Via: 1.1 89a6fa6293c9b0bbce683ad0b9f7f538.cloudfront.net (CloudFront)
Last-Modified: Mon, 24 May 2021 13:51:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: VIE50-P1
Age: 35523
ETag: "580642a938142bddde48207109f78d2b"
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-2480938/2480939
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Id: xWL17TDnqMOH0jUnhduGGlNbjO3ggIrFJZKvp5pPUuTaJU-InvQsmg==
Content-Length: 2480939

GET
H/1.1 206
Partial Content 1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame AA9C 297 KB
0 68ms
14ms Media
video/mp4 18.66.15.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-129.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 19 Jan 2023 06:34:40 GMT
Via: 1.1 f0aabb4cf746d4b45640e8d63e2aaf1c.cloudfront.net (CloudFront)
Last-Modified: Mon, 24 May 2021 13:51:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: VIE50-P1
Age: 35523
ETag: "580642a938142bddde48207109f78d2b"
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-2480938/2480939
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Id: fweRAhHwfd2_Wl9g-KptFvp4clbMOcxpc946Y_vKVkq1D1RuAx1hlQ==
Content-Length: 2480939

GET
H/1.1 200
OK 1c5e052d-9221-44ad-9785-4ca784ceb60dmanifest-ios.m3u8 Show response
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame AA9C 918 B
1 KB 52ms
13ms XHR
application/x-mpegurl 18.66.15.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dmanifest-ios.m3u8?videoIndex=0&requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-71a56a201b348fe616bc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-129.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 005f315d6f7cf50f04161a51e17287b5040b513267560b083a3cf39d0b892ba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 06:55:23 GMT
Via: 1.1 0455d1ec539ef7b27f0e90c40cf5cc10.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-P1
Age: 21640
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 918
Last-Modified: Mon, 24 May 2021 13:49:14 GMT
Server: AmazonS3
ETag: "4300fd3b9bba40f219ea54c572764fe0"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Vary: Origin
Accept-Ranges: bytes
X-Amz-Cf-Id: xw3dWVioJbOnzZKKoAXqdMvraHJlFjBr_Y95I25uwDYEtpj0HtU_Eg==

GET
BLOB 200
OK dea8587d-2184-40a2-9400-bb4b18b4ac7b
https://arstechnica.com/ Frame AA9C 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/dea8587d-2184-40a2-9400-bb4b18b4ac7b
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c13013a43a53069eb70d8b9f04a77439a5276bac9ac6ebff214062183259407

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 4973
Content-Type: application/javascript

GET
BLOB 200
OK ee3c70ff-03cf-41f7-9b61-84552bf0dadf
https://arstechnica.com/ Frame AA9C 68 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/ee3c70ff-03cf-41f7-9b61-84552bf0dadf
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4a392b07d47424fe77fc4a24119ad08f8b3f9ee05061949350aa40f0e645af9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 70012
Content-Type: application/javascript

GET
BLOB 200
OK ced4a806-c509-4b9b-b8b0-c60c0e5f712a
https://arstechnica.com/ Frame AA9C 68 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/ced4a806-c509-4b9b-b8b0-c60c0e5f712a
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4a392b07d47424fe77fc4a24119ad08f8b3f9ee05061949350aa40f0e645af9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 70012
Content-Type: application/javascript

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 11ms
10ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:28 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1673369415.187551"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Sat, 18 Feb 2023 11:35:28 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 10ms
9ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:28 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
expires: Sat, 18 Feb 2023 11:35:28 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
330 B 419ms
97ms Fetch
text/plain 70.42.32.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=a581b011ca1b377eee752bad529b50f8_6817_1674128127732&tm=1291&eT=0&widgetWidth=1220&widgetHeight=235&widgetX=190&widgetY=6624&wRV=201077&pVis=1&lsd=-1&eIdx=&cnsntV2=CPl1VAAPl1VAAAcABBENCzCgAAAAAAAAAChQAAAAAAJBAHoAAgADQAOAA8AC4AHwAWgA-ACMAEkAKAAWwAxAB_AEWAJEAXwA1ABtADiAHIAOcAdQA-QCBgEHAJEAT8AoYBSwDCAHVAPQAhsBD4CLwEegJCAStAmwCbQFNgKvAWEAuIBdAC6gF2gLyAYFAw8DEAGLAMhAZQA0IBowDSgGpgNdAbQA24BugDggkEUABAAC4AKAAqABkADgAHgAQAAwABlADQANQAeQBDAEQAJgAT4AqgCsAFgAN4AcwA9ACEgEMARIAjoBLAEuAJoAUoAtwBhgDIAGWANkAd8A9gD4gH2AfsA_wEAgIuAjEBGgEcAJSAUEAp4BVwC5gGKANYAbSA3ADeAHyAQ6AkQBMoCdgFDgKRAU0AsUBaAC2AFyALvAXmAwYBhIDDYGRAZIAycBlwDOQGfANIgawBrIYBIAAYABYADgALgBGACSAE-AKgAqgBbADEAG8ARYApABpQDUANUAcQBLQClgGyAOoAhsBF4CQgEtAJsAUOApsBYgC4gGBAMPAYsAyMBoQDXQG6BoDwAVgAuACGAGQAMsAbIA7AB-AEAAIKARgAp4BV4C0ALSAawA3gB1QD5AIdARUAkQBOwCkQFyAMJAYwAycBnIDPAGfCAEQABgAFgAOAAuADUAIwASQAngBVAC2AGIAN4AiwBSADUAHEAPkAkQBLQClwG4AbwBDYCLwEhAJaATYAocBcQDAgGHgMWAaEA10BugiAuAFYAQwAyABlgDZAHYAPwAgABGACngFXANYAdUA-QCHQEiAJ2AUiAuQBhIDJwGcgM-FQFAAKABDACYAFwARwAywB2AEcAKvAWgBaQDeAJBAWwAuQBeYDIgGcgM8AZ8A3IUAVADEAJkAUgAyoBqAGqANoAcQA5AB4AEFAJaAUsA6oCPQE2ALEAYEAw8BmgDQoGuga8MALgA1ADEAJkAUgAygBqADaAHEAOQAeABLQClgFiAOqAj0BJwCbAFiALyAYEAw8BoQDXRkBAAIYATABHADLAHYARwAq4BWwDeALRAWwAvMBkQDOQGeAM-HAZQABAAGAARAA4ADwALgAfABaADmAH4AggBGACgAFsALoAXwAyABoAD-AIQARwAkQBOgCkgFkAWYAvgBlgDSgGoAaoA2gBxADkAHOAOoAdgA7gB8wEAAQWAg4CEAERAJEASoAloBNoCfAJ-AUsAqABWQC9QGAAYEAwgBmQDWAGvAN4AccA6QB1QDyAHoAPkAhABDcCHwIgAREAj0BIQCVgExAJlgTYBNoChQFIAKTAUwApsBUwCqgFXwK2ArsBZQC0AFpALUAXFAugC6gF7AL6AYFAw8DEAGLAMhAZQAy8BoUDRQNGAaUA00BqcDXQNeAbQA2wBtw6CsAAuACgAKgAZAA4ACAAF0AMAAygBoAGoAPAAfQBDAEQAJgAT4AqgCsAFgALgAYgAzABvADmAHqAQwBEwCWAJgATQAowBSgCxAFvAMIAw4BkAGUANEAbIA3wB3gD2gH2AfoA_4CLAIwARwAlIBQQCngFXALFAWgBaQC5gF5AMUAbQA3ABzoDpgOoAh0BFQCLwEggJEASoAnYBQ4CmgFWALFAWwAuABcgC7QF3gLzAYMAwkBhoDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNYAbGQAbgAIACCAF8ANAAfwBIgCkAFkALcAXwAy4BqAGqANoAcQA5ABzgDsAHgAQUAnwBQwClgFZALEAYAAwgBmQDeAHVAO2AegBD4CPQEhAJOgTYBNoChQFIAKTAVsAtoBdAC8gF7AMCAYeAxIBmgDQgGigNKAamA10BtgDbiEDMABYAFAAMgAuABiAEMAJgAVQAuABiADMAG8APQAjgBYgDCAGUAN8Ad4A-wB_gEcAJSAUEAp4BV4C0ALSAXMAxQBtADnAHUASCAkQBKgCmgFigLRAWwAuABcgC7QGRAMnAZyAzwBnwDRAGkgNLAcASAWgACAAMAA4AC4AOQAqABfADIAG8AQgAkQBSACygFyAXwAywBpADUAG0AO4AgABBwCEgEtAJ8AVAArIBrwDeAHVAPsAlYBLUCbAJtAUmAqkBZQC0gF7AMPAYiAxYBoQDSgGugNyJQMAAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADNAIYAiQBHACjAFKALcAYQAygBsgDvAH4ARwAp4BV4C0ALSAYoA3AB1AD5AIdARUAi8BIgCxQFsALtAXmAyIBk4DLAGcgM8AZ8A0gBrADgCgEwAAQABgALgAfABaADkAH4ARgAqABWAC-AGSAN4A5ACEAEcAJEATIAnQBSACygFyAXwAywBpADUAG0AOIAc4A6gB3ADwAHyAQAAg4BCQCKgEiAJaATaAnwCfgFDAKWAVkAsQBdQDAQGEAYoA14BvADqgHbAPIAegA-QB_wEegJiATLAmwCbQFIAKYAU2AqYBWwCuwFoALyAX0AwIBh4DFgGhANEAaVA1IDU4Guga8A4IpA-AAXABQAFQAMgAcABBADAAMoAaABqADyAIYAiABMACeAFIAKoAWAAxABmADnAIYAiQBRgClAFiALcAYQAygBogDZAHfAPsA_QCLAEYAI4ASkAoIBVwCtgFzALyAbQA3ACHQEXgJEATsAocBYoC2AFwALkAXaAvMBhoDGAGRAMkAZOAy4BnIDPAGfQNIA0mBrAGsgNjAA.YAAAAAAAAAAA&cheq=0&rtt=523&oo=true&lo=695&odbreq=1613&odbres=2135&cet=4g&to=1674128125897&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 19 Jan 2023 11:35:28 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: da40a4df4b419ecc02ff04266dee9b60
Content-Length: 2
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H2 200 clip.js Show response
widgets.outbrain.com/nanoWidget/201077/module/ 2 KB
1 KB 10ms
10ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/201077/module/clip.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 29bdc49d3be61a3405f479982bd2e1a14cd05c6e892dbf9b368f36abe002a0dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:28 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 13:01:09 GMT
server: AkamaiNetStorage
etag: "2e3fbd54f6e421d3575374e6885c8b4f:1674048677.814725"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 709
expires: Thu, 26 Jan 2023 11:35:28 GMT

GET
H2 200 eyJpdSI6IjU5ODUxZWQyZDc4YTUyNGI5MGYzYTgxMjA0YWRkZTJjZWQzZmQ2ZDM3M2U5M2FkMmNkY2E1ZWM1NjkyZTU2M2UiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 25 KB
25 KB 74ms
11ms Image
video/mp4 104.111.217.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU5ODUxZWQyZDc4YTUyNGI5MGYzYTgxMjA0YWRkZTJjZWQzZmQ2ZDM3M2U5M2FkMmNkY2E1ZWM1NjkyZTU2M2UiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:28 GMT
last-modified: Tue, 18 Oct 2022 09:06:13 GMT
access-control-allow-methods: GET,POST
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=1379544
access-control-allow-credentials: false
x-traceid: 54e05f78e2b201dc3d6ab83461fe7ed2
timing-allow-origin: *, *
content-length: 347761

GET
H/1.1 200
OK 1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768.m3u8 Show response
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame AA9C 11 KB
1 KB 12ms
12ms XHR
application/x-mpegurl 18.66.15.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768.m3u8
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-71a56a201b348fe616bc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-129.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fb846048afd0ee79141b669572402fc0a024d937c00977e124405d11cd319fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 06:55:54 GMT
Content-Encoding: gzip
Via: 1.1 0455d1ec539ef7b27f0e90c40cf5cc10.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-P1
Age: 28043
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 24 May 2021 13:54:58 GMT
Server: AmazonS3
ETag: W/"cc4f278863bddb064b3e70268d5f02f8"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Vary: Accept-Encoding,Origin
X-Amz-Cf-Id: ArFfwsRIHtHQCS4DQ8_aT8tHKhZqR4kT0RXnQjo7QGiyjoPnZ17nAw==

GET
H2 206 eyJpdSI6IjU5ODUxZWQyZDc4YTUyNGI5MGYzYTgxMjA0YWRkZTJjZWQzZmQ2ZDM3M2U5M2FkMmNkY2E1ZWM1NjkyZTU2M2UiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 340 KB
341 KB 31ms
9ms Media
video/mp4 104.111.217.162
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU5ODUxZWQyZDc4YTUyNGI5MGYzYTgxMjA0YWRkZTJjZWQzZmQ2ZDM3M2U5M2FkMmNkY2E1ZWM1NjkyZTU2M2UiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.217.162 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-162.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9d75dd7e40956967df77c3d2ae1ad5af8b4cee6448302720d0f6794f3ec6182b

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 19 Jan 2023 11:35:28 GMT
last-modified: Tue, 18 Oct 2022 09:06:13 GMT
access-control-allow-methods: GET,POST
content-type: video/mp4
access-control-allow-origin: *
Content-Range: bytes 0-347760/347761
cache-control: max-age=1379544
access-control-allow-credentials: false
x-traceid: 54e05f78e2b201dc3d6ab83461fe7ed2
timing-allow-origin: *, *
Content-Length: 347761

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame AA9C 50 KB
51 KB 44ms
16ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-71a56a201b348fe616bc.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:35:27 GMT
X-Content-Type-Options: nosniff
Via: 1.1 488e01d34d3fb7f21dfcaccec82f530e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 23
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 51500
Last-Modified: Tue, 25 May 2021 15:04:45 GMT
Server: Cloudinary
ETag: "1631177d1131925333a3b2b652f3d8b2"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: -7cky_TPM4s2L_VKvUy94YfhvlQN96iNiuVCGF6ivNqjqbDxW6-aPg==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame AA9C 50 KB
51 KB 14ms
14ms Image
image/jpeg 99.86.247.171
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/08/newfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.247.171 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-247-171.vie50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Date: Thu, 19 Jan 2023 11:35:27 GMT
X-Content-Type-Options: nosniff
Via: 1.1 bb014bef6518ccd6aad6b497f5e9c1d2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
Age: 23
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 51500
Last-Modified: Tue, 25 May 2021 15:04:45 GMT
Server: Cloudinary
ETag: "1631177d1131925333a3b2b652f3d8b2"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: HmKgtRyc1IKlzZaSD7DapZlxHjwdBzoS-TRcCtdJgaUoY81THp_p0w==

GET
H/1.1 200
OK 1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768-00001.ts Show response
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame AA9C 821 KB
805 KB 19ms
19ms XHR
application/x-mpegurl 18.66.15.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768-00001.ts
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-71a56a201b348fe616bc.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-129.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e944e6d1b0904bc0c1298fe828ec727bc6a9b46f0b4799e197a1a2acc46fb685

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Thu, 19 Jan 2023 06:55:54 GMT
Content-Encoding: gzip
Via: 1.1 0455d1ec539ef7b27f0e90c40cf5cc10.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-P1
Age: 35307
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Mon, 24 May 2021 13:54:44 GMT
Server: AmazonS3
ETag: W/"9c6e79c618e52ccae61fce8e62e8cd50"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
Vary: Accept-Encoding,Origin
X-Amz-Cf-Id: JqaLllH0wpFZhG_j7Olxy1QaRFkIV0bIxw6Us6QIqNOQFVUd2Q7GEQ==

GET
H/1.1 200
OK t Show response
elsa.memoinsights.com/ 106 B
348 B 93ms
93ms Script
application/javascript 34.225.22.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://elsa.memoinsights.com/t?pid=62012a7a19351c07620394e0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F08%2Fnewfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass%2F&author%5B%5D=Dan%20Goodin&title=Organizations%20are%20spending%20billions%20on%20malware%20defense%20that%E2%80%99s%20easy%20to%20bypass&date=2022-08-30T19%3A04%3A28Z&referrer=&ref_url=&page_url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F08%2Fnewfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass%2F&cb=MEMO.API.callbacks.cbpysakrgx&v=v3.0.6&t=5000&e=5000&s=0
Requested by: Host: cdn.memo.co
URL: https://cdn.memo.co/js/memo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.22.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-22-62.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: e0c8c8ca2f551da03a658bb0295d133c5fa8e1e232d45a01dd5f130520af8d30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 11:35:32 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 106
x-request-id: 9bf7bda53dae98536786be5b0e507806
content-type: application/javascript

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.arstechnica.com/	1970-01-20 11:11:44	Name: ars_user Value: 0%2CGuest
.arstechnica.com/	1970-01-20 09:02:08	Name: session_seen_posts Value: 0
.arstechnica.com/	1970-01-20 09:45:20	Name: seen_posts Value:
arstechnica.com/	1970-01-20 17:47:44	Name: usprivacy Value: 1---
arstechnica.com/	1970-01-20 09:20:09	Name: CN_visits_m Value: 1675209600929%26vn%3D1
arstechnica.com/	1970-01-20 09:02:09	Name: CN_in_visit_m Value: true
arstechnica.com/	1970-01-20 17:47:44	Name: OneTrustWPCCPAGoogleOptOut Value: true
arstechnica.com/	1970-01-20 17:47:44	Name: __srret Value: 1
.arstechnica.com/	1970-01-20 17:47:44	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Jan+19+2023+11%3A35%3A27+GMT%2B0000+(GMT)&version=202211.2.0&isIABGlobal=false&hosts=&consentId=88ebc82d-aec4-42bd-bd75-1d1b95225be5&interactionCount=0&landingPath=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F08%2Fnewfangled-edr-malware-detection-generates-billions-but-is-easy-to-bypass%2F&groups=C0001%3A1%2CC0003%3A0%2CC0004%3A0%2CC0002%3A0%2CSTACK42%3A0
arstechnica.com/	1970-01-20 17:47:44	Name: __srui Value: 5efc0f5d-97ed-11ed-9c43-eae8cde2604e
arstechnica.com/	1970-01-20 11:26:08	Name: cneplayercount Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.cnevids.com
api.condenast.io
arstechnica.com
as-sec.casalemedia.com
assoc-na.associates-amazon.com
c.amazon-adsystem.com
capture.condenastdigital.com
cdn.arstechnica.net
cdn.cookielaw.org
cdn.mediavoice.com
cdn.memo.co
connect.facebook.net
d2c8v52ll5s99u.cloudfront.net
dp8hsntg6do36.cloudfront.net
dwgyu36up6iuz.cloudfront.net
elsa.memoinsights.com
geolocation.onetrust.com
id.sv.rkdms.com
images.outbrainimg.com
imasdk.googleapis.com
js-sec.indexww.com
mb.moatads.com
mcdp-nydc1.outbrain.com
odb.outbrain.com
p.skimresources.com
player.cnevids.com
plugin.mediavoice.com
polarcdn-terrax.com
px.moatads.com
r.skimresources.com
s.skimresources.com
s0.2mdn.net
securepubads.g.doubleclick.net
t.skimresources.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.googletagmanager.com
www.googletagservices.com
z-na.associates-amazon.com
z.moatads.com
104.111.217.162
104.18.33.19
13.32.27.22
143.204.208.5
143.204.214.81
151.101.192.239
151.139.128.10
172.64.151.162
18.188.231.255
18.66.15.129
18.66.23.213
199.232.18.132
2.18.234.190
2.18.235.40
205.234.175.175
2606:4700::6810:9440
2606:4700::6811:4032
2606:4700::6812:1b55
2606:4700::6813:da83
2a00:1450:400d:802::2008
2a00:1450:400d:80c::2002
2a00:1450:400d:80e::2002
2a00:1450:400d:80e::2006
2a00:1450:400d:80e::200a
2a03:2880:f083:100:face:b00c:0:3
3.224.52.77
34.225.22.62
35.190.59.101
35.190.91.160
35.201.67.47
52.20.148.9
52.54.240.100
54.195.68.237
65.9.66.35
70.42.32.95
72.21.195.65
99.86.247.171
005f315d6f7cf50f04161a51e17287b5040b513267560b083a3cf39d0b892ba8
0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c
030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06
0396be2ab58ec30babd0838d7e37d6407475d4361be85ee7451dbac9186add57
039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15
06b33c040105224101afcdaacd82b6dfb3ea1bf9ef3d7478cf5fa163a0ad65e0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08d199a1f9b23969198785f4a8c384036bdc3b05b40d655c51bd7413c028ec3a
08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e
0af719f3a3c9eed767bcf7e1b8b179655c9b0c1fd6157618d704f11a1cdcdfc9
0b5c6a8d4a856db56da956eced8af9a5eb6e0a89dc67de5ffc4c83513472a3cc
1097abb6f0992cccc79428374463e7f23b99dae5eb85d7317b20bd57c96031bb
1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83
129d9d61199f04b6d1fa1f935343bf9d2e59917e9a8d84bc7dba1307b6db56b5
13f590aedf195578255e3362cd25fbc0e6e4c615b988bfc10bf32ea6f56b31f7
1412791fc3e8ede20785df7b4856ac7452464af2e797beb0859adb07771fdc84
15ac550babcd12bf0cd1c7362e4aadc9fd32800edd7f3082a2c3bbad7240a2eb
16708dda2536b4b3782313db4a6ec8456cd84da7ae0f56d7d2455e68fc9bc4f0
16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8
1bf55bc00dbf13180884211c3d301729e67b81f3456225c1fbf97d271d636509
1c7dcc8216c6f82da2998ceeac2523632c7f9bffe510824b6d082621201f2012
1defb6bc54a7ee9c066136908360e8455c23ee9ad0dec9924e7255d7948cd4be
1efa0168cc510cc900d2602b6a5d24829f7143462001b629a3ad6de215aa3a58
1f466b08649eef5ad16c20f6d7207bf8818cb107b6241950dbc568cdffc03d63
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378
20660a9ef7ec454c15b2dc62b3db084e0cc9f74c5bb6de71a96fb1a54aef00f8
2157361193375a79ade3559e960f982daa8d599cf7f4a92d36e3eef257738f16
24d85b4c31f34e75f04696fbb390c9ce21baf479e35283f7783508ec204fd857
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5
29637e0647104ccc5d5583e652db29ce99e947c858c3d9502960e7ea7f1aea19
29bdc49d3be61a3405f479982bd2e1a14cd05c6e892dbf9b368f36abe002a0dc
2b966386db7e5598dc99aae1c9e22fc86b37017d7b99c4a8f0eb5b636bf52d5f
2c13013a43a53069eb70d8b9f04a77439a5276bac9ac6ebff214062183259407
2d7456f110e6a3fedf37ac480726889258b776fc03e1e4a6b51120fc3160cd57
2fffd9fce9c89815f9283c61cd0eb0e9563df67815c7e3065b69198e7390cd49
341cac54e2233a3ea849713a87fce48e95ed8f3c8317c4d3bdcf0610da762e23
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
3b0209841325362235c221628e471145726897e4e1c9b210b6e6b2217fdf2ee8
3c4f86e9ccc5e942b4003bd9fed721d599fdeb7bcc1a2db63a95cba24de5f828
3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c
3d277a90920d78efa3d6e473d67240beb26100591c7b02a34bd444aa78ee5d5c
3f2cf5f857c617761a251ceef8f6ed452a7690e21f16eff0a70dddf9beea8633
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
466109f9f85c8156ec2668e799be4b9cfad5747748343e26da4d10abac9797c0
46a9ddb1f206a46900872e0a832750ae06925528f81883a3d3517fdb42aefb6d
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39
49582965b8ddcb8f728f5b4d33b2c73e138690f5c6815bd9918de94f62f4b80b
4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd
4bc7f443f57d55c7eba98816a3d1054bdcee0cc74f4c1302f82056d118f141bb
4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105
4d7b91ed4a7804e22b94e4873af273def73469e80b740bd9787e287003058868
4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8
4fb846048afd0ee79141b669572402fc0a024d937c00977e124405d11cd319fe
5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b
56af20a275831d6d9a720b4b6c20ca446ddc97abaed5c461ca59d3b5c0d0a530
56f8838a24cb0cc47dc34a19d6b84d6ce8bf8086b1682bbb990abc13b1e2da65
571479d52cd675db5573fe46973c62cba6d8224a76136fcefeb90f7dc42a6391
582693cca63e552573ff51d9a704a8ba4d27e6bb774139ab68c8026df1d25b32
59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282
5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c
5be5b0170ad4bbd2be91182d137933e7de9c7e86b09ec855a4bac015ebfd746f
5e09a576d5e823ddcbad6e4c4020ab1b55112e05527ce649854747b9f9ba7f42
5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba
617e0f9fee7ef0ca891735246b4b5a61caa3622db4a4256685b061c9f43bd053
62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235
6456df946a0c6fb0315ae58b5cca4e5b23f25484cec9e432be08b684838d1b3a
6570d5aeddcdc8896db45d20ceaa165df3c35eb002a1984f84ba995bbcfb1f46
6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a
6f74204730db3b573745df85297ddfab4c34974f46406d1bb8691035c1687cef
7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3
7475f5c70d3b6020b6f4621b2e69fba3360bea00a913e60b085af165b93842ec
760577261d75b1724a53825766138cc52ea09676703fdb4046cbf2ecb2508b74
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77dce0667b5d38b6e4ed4d244cc7abca21881f572ffb00a7efa6d9e6112adbb7
78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207
7d91c04c657709af03f6dad61d375c3208d18ab5ff7851c2472007dc05201342
7fc88c65d46e83b3f3e9f098f05fd639480332fc3718cd714725e2e4633af4e8
807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752
8261aabd72b0748f420d7c688de90a530a77afacf654765e0b2ed1b010913237
82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391
8356998195d485ab5e1ad650349508b8289962209a500e6702c08f90964f2e3e
83a366075eb2387c6d9f848f42b08df0546027333eccf5813edf95ba45709be2
85c33811c2b04e4e02babe2fd6bd7ac0035f93e95827116429bbda2cf9c6c95d
85db95dbe15c810a710ca6d9094a2a29f2eeea05791cc7aaab7af8939684b978
86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a
88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf
8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69
8dc40a5096530714279199bd98ffbe44f3108bf9dd183ec74d85f69705d86e25
930239150e702d9d4bf43c3881aa70f8ad5fd9068dcbecb7c8bcca654784f7f1
93eab16bed0ee56de0a1e3a308e02cb8a889a9ef504e0f0b4adb6f256c86c8b7
9431bc6d1a6d036a70c92dfc9000d7965f939671a59705bdd01c3e652048ed9a
9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9d75dd7e40956967df77c3d2ae1ad5af8b4cee6448302720d0f6794f3ec6182b
a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650
a2bd43c80adc73ae26472a90ec3bd9df44a5b7d2dafb133b8660efd800c719b1
a3a1045bdd4556d83b740335475f60da908d6b0420b78c7688e03943ead2d988
a4a392b07d47424fe77fc4a24119ad08f8b3f9ee05061949350aa40f0e645af9
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
aa3b9513abbbf65a2c8483122648fce1b39b1afa2a69bdf863242f1411baba58
aeb8b6e67c3c02f20a0c010763e30fdb3e684144e5b93e508dfca1c3f0985187
b6ae62856ea9147e6404cec0998a76ea2c3ecc7d1d0770766c49c04b67037a92
bd93ea2fbdf700c4f9f898bfddef2838f9d1b48cca50e4c10a77c408280826a2
c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34
c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c3e3b5ce22832a7ab4d1d54f39bd42cc17c0b14b76474e7f6647d8790c3c4a49
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a
cb52c9b5c6b4f30eb9580d4414ecd97d408ffb0579fc9792f379da7e9e43221c
cd3351dc69753f565581887b2020aa802ee2a5be1679c85957c3ca33bfe49360
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3
d45862d0913737fe82645070bbb15fb4f00b51ba669fd90425eb602aaea4f618
d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa
dbbb02be63184a360aa16f720d54120e312b9a0f2b2fd7eedc9e4c1402bcd3d8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de24551bd4396fc8579b2d87ce01944553dd48fb52775d14373725a50efa0c37
de5e37739b5797e8ba9dba4a2dcb65f37c36a65fe839cb306162e21c74ba166e
e0c8c8ca2f551da03a658bb0295d133c5fa8e1e232d45a01dd5f130520af8d30
e336ff50623cff960c2396944be4392139f63dcc032e5f3428d81489fdfe697a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67089d28ed8be968a13320f7ae05dd0c2f1fff18a5d8b2c78a91b41f8651f70
e74b9cb9d8871d300d2a1d36ce2cd00dfbfe0c5d8066d1d415c4ce620a919d47
e8830a414dfeb4c0e0f519d3419f69849df9226f329357c938333dbf2c956f63
e944e6d1b0904bc0c1298fe828ec727bc6a9b46f0b4799e197a1a2acc46fb685
ecbf3318537730104a1dde511c60cb9e364cec24c7f2e5207f8775ae7832c0f2
ef2ef4f0e453b0c430da6aca75ff768e3f95e45939c6668677e0b79ba15fee41
f10feb856e1174b96257f0bd820f67e0c2c738e5abbfe70799a457b791e11562
f5a6b359905671eb3a695b95d3ae5d9b63584c5a923ac0ba020fccbf2355920b
f91f71a79e80bc2c29f7e8ef8155f1fcd387db6ee107ae93f16108cbe61705a0
f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d
f9d9e96c4439beeca49a1a10f9dffe6f5cd0b604d13aa13af170d0bc62d8ca1b
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd142c726ca2be56f53a58e681401245e6c91e3d9acbbcddae98a54aba7df393

arstechnica.com Open in urlscan Pro 18.188.231.255 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

139 Requests

97 %HTTPS

27 %IPv6

27 Domains

40 Subdomains

38 IPs

5 Countries

4590 kBTransfer

10613 kBSize

11 Cookies

66 Outgoing links

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

arstechnica.com Open in urlscan Pro
18.188.231.255 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

97 %
HTTPS

27 %
IPv6

27
Domains

40
Subdomains

38
IPs

5
Countries

4590 kB
Transfer

10613 kB
Size

11
Cookies

139 HTTP transactions
10 data transactions