arstechnica.com Open in urlscan Pro
18.119.39.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://arstechnica.com/security/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Effective URL:
https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microso...
Submission Tags: falconsandbox
Submission: On August 13 via api (August 13th 2022, 11:28:45 am UTC) from US — Scanned from DE

Summary HTTP 187 Redirects Links 69 Behaviour Indicators

Summary

This website contacted 57 IPs in 7 countries across 36 domains to perform 187 HTTP transactions. The main IP is 18.119.39.54, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is arstechnica.com. The Cisco Umbrella rank of the primary domain is 5933.
TLS certificate: Issued by Amazon on November 29th 2021. Valid for: a year.

This is the only time arstechnica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	18.119.39.54 18.119.39.54	16509 (AMAZON-02) (AMAZON-02)
21	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
9	2606:4700::68... 2606:4700::6810:9440	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	52.222.209.55 52.222.209.55	16509 (AMAZON-02) (AMAZON-02)
3	184.51.9.98 184.51.9.98	16625 (AKAMAI-AS) (AKAMAI-AS)
1	184.51.10.56 184.51.10.56	16625 (AKAMAI-AS) (AKAMAI-AS)
5	184.51.9.223 184.51.9.223	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6813:da83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:929e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	63.32.0.187 63.32.0.187	16509 (AMAZON-02) (AMAZON-02)
2	3.89.165.156 3.89.165.156	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.121.43 13.32.121.43	16509 (AMAZON-02) (AMAZON-02)
5	99.86.240.20 99.86.240.20	16509 (AMAZON-02) (AMAZON-02)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
2	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:4132	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	3.9.57.182 3.9.57.182	16509 (AMAZON-02) (AMAZON-02)
1	108.138.23.218 108.138.23.218	16509 (AMAZON-02) (AMAZON-02)
3	23.202.54.36 23.202.54.36	16625 (AKAMAI-AS) (AKAMAI-AS)
1	143.204.89.32 143.204.89.32	16509 (AMAZON-02) (AMAZON-02)
1	151.101.64.239 151.101.64.239	54113 (FASTLY) (FASTLY)
2	50.17.85.17 50.17.85.17	14618 (AMAZON-AES) (AMAZON-AES)
1	3.219.23.242 3.219.23.242	14618 (AMAZON-AES) (AMAZON-AES)
4	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
5	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
1	13.32.99.122 13.32.99.122	16509 (AMAZON-02) (AMAZON-02)
2	72.21.195.65 72.21.195.65	16509 (AMAZON-02) (AMAZON-02)
1	199.232.18.132 199.232.18.132	54113 (FASTLY) (FASTLY)
42	52.85.6.122 52.85.6.122	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
5	13.32.11.75 13.32.11.75	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.127 64.202.112.127	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
4	35.168.71.80 35.168.71.80	14618 (AMAZON-AES) (AMAZON-AES)
5	99.86.240.59 99.86.240.59	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	99.86.240.82 99.86.240.82	16509 (AMAZON-02) (AMAZON-02)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.96.145.246 104.96.145.246	16625 (AKAMAI-AS) (AKAMAI-AS)
2	92.123.38.97 92.123.38.97	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 3	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:f03... 2a00:1288:f03d:1fa::2000	10310 (YAHOO-1) (YAHOO-1)
2 3	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
187	57

3 18.119.39.54 (Columbus, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-119-39-54.us-east-2.compute.amazonaws.com

arstechnica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 205.234.175.175 (Middleburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.arstechnica.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.51.9.98 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-98.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.10.56 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-10-56.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.51.9.223 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-223.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:da83 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.mediavoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
plugin.mediavoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.0.187 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-0-187.eu-west-1.compute.amazonaws.com

segment-data.zqtk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.89.165.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-165-156.compute-1.amazonaws.com

api.cnevids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-43.fra60.r.cloudfront.net

cdn.memo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.86.240.20 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-20.vie50.r.cloudfront.net

player.cnevids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4132 (United States)

ASN13335 (CLOUDFLARENET, US)

polarcdn-terrax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.9.57.182 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-9-57-182.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.23.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-23-218.fra56.r.cloudfront.net

z-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.202.54.36 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-202-54-36.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-32.fra50.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.64.239 (United States)

ASN54113 (FASTLY, US)

api.condenast.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.17.85.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-85-17.compute-1.amazonaws.com

elsa.memoinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.23.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-23-242.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

condenastus-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.195.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

assoc-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.18.132 (Vienna, Austria)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 52.85.6.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-6-122.sof50.r.cloudfront.net

dwgyu36up6iuz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.11.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-11-75.vie50.r.cloudfront.net

d2c8v52ll5s99u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.127 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.168.71.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-71-80.compute-1.amazonaws.com

capture.condenastdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.86.240.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-59.vie50.r.cloudfront.net

dp8hsntg6do36.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.240.82 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-82.vie50.r.cloudfront.net

check.analytics.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.96.145.246 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-145-246.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.125.22 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:f03d:1fa::2000 (United Kingdom)

ASN10310 (YAHOO-1, US)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	cloudfront.net dwgyu36up6iuz.cloudfront.net d2c8v52ll5s99u.cloudfront.net dp8hsntg6do36.cloudfront.net	2 MB
21	arstechnica.net cdn.arstechnica.net — Cisco Umbrella Rank: 45394	824 KB
12	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 528 eus.rubiconproject.com — Cisco Umbrella Rank: 588 pixel.rubiconproject.com — Cisco Umbrella Rank: 326 token.rubiconproject.com — Cisco Umbrella Rank: 707	17 KB
10	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 323 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1264 s.amazon-adsystem.com — Cisco Umbrella Rank: 288	48 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 434	208 KB
7	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 222 pubads.g.doubleclick.net — Cisco Umbrella Rank: 489 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	135 KB
7	cnevids.com api.cnevids.com — Cisco Umbrella Rank: 94062 player.cnevids.com — Cisco Umbrella Rank: 18547	96 KB
7	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1157 widget-pixels.outbrain.com — Cisco Umbrella Rank: 2679 odb.outbrain.com — Cisco Umbrella Rank: 1268 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 3675	113 KB
6	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 2603 r.skimresources.com — Cisco Umbrella Rank: 2491 t.skimresources.com — Cisco Umbrella Rank: 2585 p.skimresources.com — Cisco Umbrella Rank: 3492	15 KB
5	yahoo.com c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1033 ads.yahoo.com — Cisco Umbrella Rank: 2334	6 KB
5	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 560 as-sec.casalemedia.com — Cisco Umbrella Rank: 1330 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453	12 KB
5	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1366 check.analytics.rlcdn.com — Cisco Umbrella Rank: 3881 api.rlcdn.com — Cisco Umbrella Rank: 802 id.rlcdn.com — Cisco Umbrella Rank: 611	39 KB
4	condenastdigital.com capture.condenastdigital.com — Cisco Umbrella Rank: 16486	192 B
4	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 448	486 KB
4	media.net prebid.media.net — Cisco Umbrella Rank: 1356 contextual.media.net — Cisco Umbrella Rank: 526	18 KB
4	openx.net condenastus-d.openx.net — Cisco Umbrella Rank: 25924 u.openx.net — Cisco Umbrella Rank: 719	693 B
3	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 3755 images.outbrainimg.com — Cisco Umbrella Rank: 2033	146 KB
3	associates-amazon.com z-na.associates-amazon.com — Cisco Umbrella Rank: 6198 assoc-na.associates-amazon.com — Cisco Umbrella Rank: 3024	4 KB
3	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 592	18 KB
3	arstechnica.com 1 redirects arstechnica.com — Cisco Umbrella Rank: 5933	17 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 381	565 B
2	memoinsights.com elsa.memoinsights.com — Cisco Umbrella Rank: 28766	1 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 730	838 B
2	mediavoice.com cdn.mediavoice.com — Cisco Umbrella Rank: 52683 plugin.mediavoice.com — Cisco Umbrella Rank: 39038	139 KB
2	moatads.com z.moatads.com — Cisco Umbrella Rank: 442 mb.moatads.com — Cisco Umbrella Rank: 670	77 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124	540 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	27 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 289	17 KB
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1424	593 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 3921	166 B
1	condenast.io api.condenast.io — Cisco Umbrella Rank: 23781	6 KB
1	polarcdn-terrax.com polarcdn-terrax.com — Cisco Umbrella Rank: 8432	502 B
1	memo.co cdn.memo.co — Cisco Umbrella Rank: 35434	7 KB
1	zqtk.net segment-data.zqtk.net — Cisco Umbrella Rank: 8760	380 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	125 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	29 KB
187	36

	Domain	Requested by
42	dwgyu36up6iuz.cloudfront.net	arstechnica.com d2c8v52ll5s99u.cloudfront.net
21	cdn.arstechnica.net	arstechnica.com cdn.arstechnica.net
9	cdn.cookielaw.org	arstechnica.com cdn.cookielaw.org
5	dp8hsntg6do36.cloudfront.net	arstechnica.com d2c8v52ll5s99u.cloudfront.net
5	d2c8v52ll5s99u.cloudfront.net	player.cnevids.com d2c8v52ll5s99u.cloudfront.net
5	player.cnevids.com	arstechnica.com player.cnevids.com cdn.arstechnica.net
4	cm.g.doubleclick.net	2 redirects
4	capture.condenastdigital.com	arstechnica.com
4	imasdk.googleapis.com	player.cnevids.com imasdk.googleapis.com
4	c2shb.ssp.yahoo.com	cdn.arstechnica.net
4	fastlane.rubiconproject.com	cdn.arstechnica.net
4	widgets.outbrain.com	arstechnica.com widgets.outbrain.com
4	c.amazon-adsystem.com	arstechnica.com c.amazon-adsystem.com
3	s.amazon-adsystem.com	2 redirects
3	token.rubiconproject.com	3 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	pixel.rubiconproject.com	2 redirects
3	js-sec.indexww.com	arstechnica.com cdn.arstechnica.net
3	arstechnica.com	1 redirects cdn.arstechnica.net
2	ssum-sec.casalemedia.com	js-sec.indexww.com
2	contextual.media.net	cdn.arstechnica.net
2	eus.rubiconproject.com	cdn.arstechnica.net eus.rubiconproject.com
2	u.openx.net	cdn.arstechnica.net
2	match.adsrvr.org	cdn.arstechnica.net
2	check.analytics.rlcdn.com	cdn.arstechnica.net
2	images.outbrainimg.com	arstechnica.com
2	assoc-na.associates-amazon.com	z-na.associates-amazon.com
2	prebid.media.net	cdn.arstechnica.net
2	condenastus-d.openx.net	cdn.arstechnica.net
2	htlb.casalemedia.com	cdn.arstechnica.net
2	elsa.memoinsights.com	cdn.memo.co
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	p.skimresources.com	arstechnica.com
2	t.skimresources.com	arstechnica.com s.skimresources.com
2	api.cnevids.com	cdn.arstechnica.net
2	geolocation.onetrust.com	cdn.cookielaw.org
1	ads.yahoo.com
1	id.rlcdn.com
1	api.rlcdn.com	cdn.arstechnica.net
1	pagead2.googlesyndication.com	imasdk.googleapis.com
1	pubads.g.doubleclick.net	d2c8v52ll5s99u.cloudfront.net
1	connect.facebook.net	d2c8v52ll5s99u.cloudfront.net
1	s0.2mdn.net	imasdk.googleapis.com
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	odb.outbrain.com	widgets.outbrain.com
1	geo.privacymanager.io	ats.rlcdn.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	api.condenast.io	player.cnevids.com
1	ats.rlcdn.com	arstechnica.com
1	widget-pixels.outbrain.com	arstechnica.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	z-na.associates-amazon.com	www.googletagmanager.com
1	mb.moatads.com	z.moatads.com
1	polarcdn-terrax.com	cdn.mediavoice.com
1	plugin.mediavoice.com	cdn.mediavoice.com
1	r.skimresources.com	s.skimresources.com
1	cdn.memo.co	arstechnica.com
1	segment-data.zqtk.net	cdn.arstechnica.net
1	www.googletagmanager.com	arstechnica.com
1	s.skimresources.com	arstechnica.com
1	cdn.mediavoice.com	arstechnica.com
1	z.moatads.com	arstechnica.com
1	www.googletagservices.com	arstechnica.com
187	64

This site contains links to these domains. Also see Links.

Domain
video.arstechnica.com
www.condenast.com
www.flickr.com
www.facebook.com
twitter.com
www.reddit.com
www.fireeye.com
en.wikipedia.org
securingtomorrow.mcafee.com
cdn.arstechnica.net
www.blackhat.com
support.microsoft.com
www.twitter.com
www.arstechnica.com
www.history-a2z.com
deals.getairphysio.io
rfvtgb.housediver.com
trk.ajaska.de
www.outbrain.com
condenast.com

Subject Issuer	Validity	Valid
*.arstechnica.com Amazon	`2021-11-29` - `2022-12-27`	a year	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2021-10-18` - `2022-11-19`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-10-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.zqtk.net Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
cnevideos.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
memo.co Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
*.cnevids.com Amazon	`2021-09-18` - `2022-10-17`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
assoc-na.associates-amazon.com Amazon	`2022-06-18` - `2023-06-17`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
condenast.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-17` - `2023-07-19`	a year	crt.sh
memoinsights.com Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
securedvisit.com Amazon	`2021-11-30` - `2022-12-27`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-22` - `2022-08-20`	3 months	crt.sh
conde.io Amazon	`2022-07-06` - `2023-08-03`	a year	crt.sh
analytics.rlcdn.com Amazon	`2022-07-27` - `2023-08-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Frame ID: 3F62A49210679915C8DA4EA0BDA47FB2
Requests: 152 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4703096323112068
Frame ID: 3905124CCF2D27584131A59BA06EF439
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 4C1AF6D39FBC26694D6D21BABB70B820
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 372AAA8CDF636F764E0558E76F4C13B0
Requests: 20 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html
Frame ID: DB005B7C5B23362C446AAB29F85CDC11
Requests: 2 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---
Frame ID: AF70CAB9346BA88693E787917E177A63
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 542A9FED06FBDBE87C5CBA93BD935087
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 53732E3DA0A079B922440EDD46D5A2BC
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 29EC9580FC9396672F0AF1B26DE28E63
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---
Frame ID: 269747CF7AC6DB10FE727F0BA78AF4D6
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 876EFD28D2B5B6A348F440B1C6B11D2A
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 12DCF590FBB855E098B72311C266DA5C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPdpR8APdpR8AAcABBENCcCgAAAAAAAAAChQAAAAAAJggAIBGAgDkAAQABoAHAAeABcAD4ALQAfABGACSAFsAMQAfwBIgCuAF8ANQAbQA4gByADnAHUAPkAf4BAwCDgEiAJ-AUMApYBhADqgIbAQ-Ai8BHoCQgErAJtAWEAuIBdAC6gF2gLyAYFAw8DEAGLAMhAZQA0IBowDSgGpgNoAbcA3QBwQSCOAAgABcAFAAVAAyABwADwAIAAYAAygBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCQCGAIkAR0AlgCXAE0AKUAW4AwwBkADLAGyAO-AewB8QD7AP0AgEBFwEYgI0AjgBKQCggFPAKuAXMAxQBrADaQG4AbwA9AB8gEOgJEATEAmUBOwChwFIgKaAWKAtABbAC5AF3gLzAYMAwkBhsDIgMkAZOAy4BnIDPgGkQNYA1kMAeAAMAAsAC4ARgAkgBPgCoAKoAWwAxABvAFIANKAagBqgDiAJaAUsA2QB1AENgIvASEAocBYgC4gGBAMPAYsAyMBoQDdA0B4AKwAXABDADIAGWANkAdgA_ACAAEFAIwAU8Aq8BaAFpANYAbwA6oB8gEOgIqASIAnYBSIC5AGEgMYAZOAzkBngDPhAB0AAwACwALgA1ACMAEkAJ4AVQAtgBiADeAKQAagA4gB8gEiAJaAUuA3ADeAIbAReAkIBQ4C4gGBAMPAYsA0IBugiAuAFYAQwAyABlgDZAHYAPwAgABGACngFXANYAdUA-QCHQEiAJ2AUiAuQBhIDJwGcgM-FQFQAKABDACYAFwARwAywB2AEcAKvAWgBaQDeAJBATEAtgBcgC8wGRAM5AZ4Az4BuQoAoAGIATIApABlQDUANUAbQA4gByADwAIKAS0ApYB1QEegLEAYEAw8BmgDQgGvDACoANQAxACZAFIAMoAagA2gBxADkAHgAS0ApYBYgDqgI9AScAsQBeQDAgGHgNCGQEgAhgBMAEcAMsAdgA-wCOAFXAK2AbwBMQC0QFsALzAZEAzkBngDPhwF8AAQABgAEQAOAA8AC4AHwAWgA5gB-AIIARgAtgBdAC-AGQANAAfwBCACRAE6AKQAWYAvgBlgDSgGoAaoA2gBxADkAHOAOoAdgA7gB8wEAAQWAg4CEAERAJEAS0Am0BPgE_AKWAVAArIBbQC9QGAAYEAwgBmQDWAGvAN4AceA5wDpAHVAPIAfIBCACG4EPgRAAiIBHoCQoErASuAmIBMoCbQFCgKQAUmApgBUwCqoFbAV2AsoBaQC1AFxQLoAuoBewC-gGBQMPAxABiwDIQGUAMvAaFA0UDRgGlANNAamA14BtADbAG3DoKwAC4AKAAqABkADgAIAAXQAwADKAGgAagA8AB9AEMARAAmABPgCqAKwAWAAuABiADMAG8AOYAeoBDAETAJYAmABNACjAFKALEAW8AwgDDgGQAZQA0QBsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWmAuYC6gF5AMUAbQA3EB0wHUAPQAh0BFQCLwEggJEASoAnYBQ4CmgFWALFAWwAuABcgC7QF3gLzAYMAwkBhoDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNYAbGQAagAIACCAF8ANAAfwBIgCkAFuAL4AZcA1ADVAG0AOIAcgA5wB2ADwAIKAT4ApYBWQCxAGAAMIAZkA3gBzgDqgHbAQ-Aj0BIQCTgErgJiATaAoUBSACkwFbALaAXQAvIBewDAgGHgM0AaEA0UBpQDUwG2ANuIQMwAFgAUAAyAC4AGIAQwAmABVAC4AGIAMwAbwA9ACOAFiAMIAZQA3wB3gD7AH-ARwAlIBQQCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAKaAWKAtEBbAC4AFyALtAZEAycBnIDPAGfANEAaSA0sBwBIBOAAIAAwADgALgA5ACoAGQAN4AhABIgCkgFyAXwAywBpADUAG0AO4AgABBwCEgEtAJ8AVAArIBrwDeAHVAPsAlYBNoCkwFlALSAXsAw8BiIDFgGlANyJQMgAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADNAIYAiQBHACjAFKALcAYQAygBsgDvAH4ARwAk4BTwCrwFoAWkAuoBigDcAHUAPkAh0BFQCLwEiALFAWwAu0BeYDIgGTgMsAZyAzwBnwDSAGsAOAKASgABAAGAAuAB8AFoAOQAfgBGACoAFYAL4AZAA2wBvAHIAQgAjgBIgCZAE6AKSAXIBfADLAGkANQAa4A2gBxADnAHUAO4AeAA-QCAAEHAISARUAkQBJwCWgE2gJ8An4BSwCsgFiALqAYCAwgDFAGvAN4AdUA7YB5AD5AH_AR6AmIBMoCbQFIAKYAVMArYBXYC0AF5AL6AYEAw8BiwDRAGlQNSA1MBrwDgikD8ABcAFAAVAAyABwAEEAMAAygBoAGoAPIAhgCIAEwAJ4AUgAqgBYADEAGYAOcAhgCJAFGAKUAWIAtwBhADKAGiANkAd8A-wD9AIsARgAjgBKQCggFXAK2AXMAvIBtADcAHoAQ6Ai8BIgCdgFDgLFAWwAuABcgC7QF5gMNAYwAyIBkgDJwGXAM5AZ4Az6BpAGkwNYA1kBsYA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8860DEE57E0AE85EA16E5E75E03E3E4F
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPdpR8APdpR8AAcABBENCcCgAAAAAAAAAChQAAAAAAJggAIBGAgDkAAQABoAHAAeABcAD4ALQAfABGACSAFsAMQAfwBIgCuAF8ANQAbQA4gByADnAHUAPkAf4BAwCDgEiAJ-AUMApYBhADqgIbAQ-Ai8BHoCQgErAJtAWEAuIBdAC6gF2gLyAYFAw8DEAGLAMhAZQA0IBowDSgGpgNoAbcA3QBwQSCOAAgABcAFAAVAAyABwADwAIAAYAAygBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCQCGAIkAR0AlgCXAE0AKUAW4AwwBkADLAGyAO-AewB8QD7AP0AgEBFwEYgI0AjgBKQCggFPAKuAXMAxQBrADaQG4AbwA9AB8gEOgJEATEAmUBOwChwFIgKaAWKAtABbAC5AF3gLzAYMAwkBhsDIgMkAZOAy4BnIDPgGkQNYA1kMAeAAMAAsAC4ARgAkgBPgCoAKoAWwAxABvAFIANKAagBqgDiAJaAUsA2QB1AENgIvASEAocBYgC4gGBAMPAYsAyMBoQDdA0B4AKwAXABDADIAGWANkAdgA_ACAAEFAIwAU8Aq8BaAFpANYAbwA6oB8gEOgIqASIAnYBSIC5AGEgMYAZOAzkBngDPhAB0AAwACwALgA1ACMAEkAJ4AVQAtgBiADeAKQAagA4gB8gEiAJaAUuA3ADeAIbAReAkIBQ4C4gGBAMPAYsA0IBugiAuAFYAQwAyABlgDZAHYAPwAgABGACngFXANYAdUA-QCHQEiAJ2AUiAuQBhIDJwGcgM-FQFQAKABDACYAFwARwAywB2AEcAKvAWgBaQDeAJBATEAtgBcgC8wGRAM5AZ4Az4BuQoAoAGIATIApABlQDUANUAbQA4gByADwAIKAS0ApYB1QEegLEAYEAw8BmgDQgGvDACoANQAxACZAFIAMoAagA2gBxADkAHgAS0ApYBYgDqgI9AScAsQBeQDAgGHgNCGQEgAhgBMAEcAMsAdgA-wCOAFXAK2AbwBMQC0QFsALzAZEAzkBngDPhwF8AAQABgAEQAOAA8AC4AHwAWgA5gB-AIIARgAtgBdAC-AGQANAAfwBCACRAE6AKQAWYAvgBlgDSgGoAaoA2gBxADkAHOAOoAdgA7gB8wEAAQWAg4CEAERAJEAS0Am0BPgE_AKWAVAArIBbQC9QGAAYEAwgBmQDWAGvAN4AceA5wDpAHVAPIAfIBCACG4EPgRAAiIBHoCQoErASuAmIBMoCbQFCgKQAUmApgBUwCqoFbAV2AsoBaQC1AFxQLoAuoBewC-gGBQMPAxABiwDIQGUAMvAaFA0UDRgGlANNAamA14BtADbAG3DoKwAC4AKAAqABkADgAIAAXQAwADKAGgAagA8AB9AEMARAAmABPgCqAKwAWAAuABiADMAG8AOYAeoBDAETAJYAmABNACjAFKALEAW8AwgDDgGQAZQA0QBsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWmAuYC6gF5AMUAbQA3EB0wHUAPQAh0BFQCLwEggJEASoAnYBQ4CmgFWALFAWwAuABcgC7QF3gLzAYMAwkBhoDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNYAbGQAagAIACCAF8ANAAfwBIgCkAFuAL4AZcA1ADVAG0AOIAcgA5wB2ADwAIKAT4ApYBWQCxAGAAMIAZkA3gBzgDqgHbAQ-Aj0BIQCTgErgJiATaAoUBSACkwFbALaAXQAvIBewDAgGHgM0AaEA0UBpQDUwG2ANuIQMwAFgAUAAyAC4AGIAQwAmABVAC4AGIAMwAbwA9ACOAFiAMIAZQA3wB3gD7AH-ARwAlIBQQCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAKaAWKAtEBbAC4AFyALtAZEAycBnIDPAGfANEAaSA0sBwBIBOAAIAAwADgALgA5ACoAGQAN4AhABIgCkgFyAXwAywBpADUAG0AO4AgABBwCEgEtAJ8AVAArIBrwDeAHVAPsAlYBNoCkwFlALSAXsAw8BiIDFgGlANyJQMgAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADNAIYAiQBHACjAFKALcAYQAygBsgDvAH4ARwAk4BTwCrwFoAWkAuoBigDcAHUAPkAh0BFQCLwEiALFAWwAu0BeYDIgGTgMsAZyAzwBnwDSAGsAOAKASgABAAGAAuAB8AFoAOQAfgBGACoAFYAL4AZAA2wBvAHIAQgAjgBIgCZAE6AKSAXIBfADLAGkANQAa4A2gBxADnAHUAO4AeAA-QCAAEHAISARUAkQBJwCWgE2gJ8An4BSwCsgFiALqAYCAwgDFAGvAN4AdUA7YB5AD5AH_AR6AmIBMoCbQFIAKYAVMArYBXYC0AF5AL6AYEAw8BiwDRAGlQNSA1MBrwDgikD8ABcAFAAVAAyABwAEEAMAAygBoAGoAPIAhgCIAEwAJ4AUgAqgBYADEAGYAOcAhgCJAFGAKUAWIAtwBhADKAGiANkAd8A-wD9AIsARgAjgBKQCggFXAK2AXMAvIBtADcAHoAQ6Ai8BIgCdgFDgLFAWwAuABcgC7QF5gMNAYwAyIBkgDJwGXAM5AZ4Az6BpAGkwNYA1kBsYA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F089C0AAEBB821642FD2FFA0054E38D0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Booby-trapped Word documents in the wild exploit critical Microsoft 0-day | Ars Technica

Page URL History Show full URLs

https://arstechnica.com/security/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-m... HTTP 301
https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-expl... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

187
Requests

95 %
HTTPS

21 %
IPv6

36
Domains

64
Subdomains

57
IPs

7
Countries

4612 kB
Transfer

10956 kB
Size

22
Cookies

69 Outgoing links

These are links going to different origins than the main page.

URL: http://video.arstechnica.com/
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.condenast.com/brands/ars-technica
Title: Advertise with Ars

Search URL Search Domain Scan URL

URL: https://www.flickr.com/photos/doos/3953478168
Title: Rob Enslin

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D1074069
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Booby-trapped+Word+documents+in+the+wild+exploit+critical+Microsoft+0-day&url=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D1074069
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D1074069&title=Booby-trapped+Word+documents+in+the+wild+exploit+critical+Microsoft+0-day
Title: Share on Reddit

Search URL Search Domain Scan URL

URL: https://twitter.com/mikko/status/851454200747880448
Title: patch the vulnerability on Tuesday

Search URL Search Domain Scan URL

URL: https://twitter.com/ryHanson/status/851159178416496640
Title: adding the following to their Windows registry

Search URL Search Domain Scan URL

URL: https://www.fireeye.com/blog/threat-research/2017/04/acknowledgement_ofa.html
Title: blog post published Saturday

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/HTML_Application
Title: HTML application

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Rich_Text_Format
Title: Rich Text Format

Search URL Search Domain Scan URL

URL: https://securingtomorrow.mcafee.com/mcafee-labs/critical-office-zero-day-attacks-detected-wild/
Title: blog post

Search URL Search Domain Scan URL

URL: https://cdn.arstechnica.net/wp-content/uploads/2017/04/image1.png

Search URL Search Domain Scan URL

URL: https://cdn.arstechnica.net/wp-content/uploads/2017/04/image2.png

Search URL Search Domain Scan URL

URL: https://www.blackhat.com/us-15/briefings.html#attacking-interoperability-an-ole-edition
Title: presentation

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us/help/2458544/the-enhanced-mitigation-experience-toolkit
Title: Enhanced Mitigation Experience Toolkit

Search URL Search Domain Scan URL

URL: https://www.twitter.com/dangoodin001
Title: @dangoodin001

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario
Title: Unsolved Mysteries Of Quantum Leap With Donald P. Bellisario

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-unsolved-mysteries-of-warhammer-40k-with-author-dan-abnett
Title: Unsolved Mysteries Of Warhammer 40K With Author Dan Abnett

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/sitrep-f-16-replacement-search-a-signal-of-f-35-fail
Title: SITREP: F-16 replacement search a signal of F-35 fail?

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/sitrep-boeing-707
Title: Sitrep: Boeing 707

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/personal-history-steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube
Title: Steve Burke of GamersNexus Reacts To Their Top 1000 Comments On YouTube

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube
Title: Modern Vintage Gamer Reacts To His Top 1000 Comments On YouTube

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-the-nes-conquered-a-skeptical-america-in-1985
Title: How The NES Conquered A Skeptical America In 1985

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/scott-manley-reacts-to-his-top-1000-youtube-comments
Title: Scott Manley Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/how-immersive-stories-deepen-the-horror-of-games-like-soma-and-amnesiac-rebirth
Title: How Horror Works in Amnesia: Rebirth, Soma and Amnesia: The Dark Descent

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/lgrs-clint-basinger-reacts-to-his-top-1000-youtube-comments
Title: LGR's Clint Basinger Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/the-f-35-s-next-tech-upgrade
Title: The F-35's next tech upgrade

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-one-gameplay-decision-changed-diablo-forever
Title: How One Gameplay Decision Changed Diablo Forever

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-unsolved-mysteries-mortal-kombat
Title: Unsolved Mortal Kombat Mysteries With Dominic Cianciolo From NetherRealm Studios

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/us-navy-gets-an-italian-accent
Title: US Navy Gets an Italian Accent

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-amazons-undone-brought-dreams-to-life-through-rotoscope-and-oil-paints
Title: How Amazon’s “Undone” Animates Dreams With Rotoscoping And Oil Paints

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit
Title: Fighter Pilot Breaks Down Every Button in an F-15 Cockpit

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-nba-jam-became-a-billion-dollar-slam-dunk
Title: How NBA JAM Became A Billion-Dollar Slam Dunk

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/linus-tech-tips-reacts-to-his-top-1000-youtube-comments
Title: Linus "Tech Tips" Sebastian Reacts to His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-alan-wake-was-rebuilt-3-years-into-development
Title: How Alan Wake Was Rebuilt 3 Years Into Development

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-prince-of-persia-defeated-apple-ii-s-memory-limitations
Title: How Prince of Persia Defeated Apple II's Memory Limitations

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-crash-bandicoot-hacked-the-playstation-to-run
Title: How Crash Bandicoot Hacked The Original Playstation

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-myst
Title: Myst: The challenges of CD-ROM | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/markiplier-reacts-to-his-top-1000-youtube-comments
Title: Markiplier Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-the-evolution-of-oddworld-and-what-comes-next
Title: How Mind Control Saved Oddworld: Abe's Oddysee

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe
Title: Bioware answers unsolved mysteries of the Mass Effect universe

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-civilization
Title: Civilization: It's good to take turns | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/sitrep-dod-resets-ballistic-missile-interceptor-program
Title: SITREP: DOD Resets Ballistic Missile Interceptor program

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/warframe-s-rebecca-ford-reviews-your-characters
Title: Warframe's Rebecca Ford reviews your characters

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-subnautica
Title: Subnautica: A world without guns | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-slay-the-spire-war-stories
Title: How Slay the Spire’s Original Interface Almost Killed the Game | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-amnesia-the-dark-descent-the-horror-facade
Title: Amnesia: The Dark Descent - The horror facade | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-c-and-c-tiberian-sun
Title: Command & Conquer: Tiberian Sun | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-blade-runner-skinjobs-voxels-and-future-noir
Title: Blade Runner: Skinjobs, voxels, and future noir | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-dead-space-the-drag-tentacle
Title: Dead Space: The Drag Tentacle | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/teach-the-controversy-flat-earthers
Title: Teach the Controversy: Flat Earthers

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-gets-a-crucial-green-light
Title: Delta V: The Burgeoning World of Small Rockets, Paul Allen's Huge Plane, and SpaceX Gets a Crucial Green-light

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/chris-hadfield-explains-his-space-oddity-video
Title: Chris Hadfield explains his 'Space Oddity' video

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/apollo-the-greatest-leap-episode-1-risk
Title: The Greatest Leap, Episode 1: Risk

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-ultima-online-the-virtual-ecology
Title: Ultima Online: The Virtual Ecology | War Stories

Search URL Search Domain Scan URL

URL: https://video.arstechnica.com/
Title: More videos

Search URL Search Domain Scan URL

URL: https://www.history-a2z.com/burning-man-pictures-that-will-take-your-breath-away-de/?utm_medium=outbrain&utm_source=886&utm_campaign=220809104713141x0xchrome_00645d5b0ea878dd28af5933c1684835e7&utm_term=$origpubname$_$origsrcname$_$section_id$&utm_content=%5BGalerie%5D+Ihr+war+das+gewagteste+Outfit+beim+Burning+Man+Festival&cpc=$cpc$&obOrigUrl=true
Title: [Galerie] Ihr war das gewagteste Outfit beim Burning Man Festival HistoryA2Z

Search URL Search Domain Scan URL

URL: https://deals.getairphysio.io/KNBLSK7/22XQKHP/?uid=1316&sub1=$ob_click_id$&sub2=00d35df7f71d13cbf0465c111d85b80534&sub3=If+You+Have+Trouble+Breathing%2C+You+Might+Need+This+Strange+Device&sub4=$publisher_name$&sub5=$section_name$&obOrigUrl=true
Title: If You Have Trouble Breathing, You Might Need This Strange Device Air Physio

Search URL Search Domain Scan URL

URL: https://rfvtgb.housediver.com/worldwide/golfer-ob-ge?utm_source=outbrainjk&utm_campaign=hd-golfer-bc1-win-gr-jn-24072d&utm_term=$section_name$&utm_medium=$section_id$&utm_bid=$cpc$&obOrigUrl=true
Title: [Bilder] 40 Fotos von Golf-Star Paige Spiranac Housediver

Search URL Search Domain Scan URL

URL: http://trk.ajaska.de/click/NDEzMg==/?utm_source=o&utm_campaign=00e9d0f3e60663a4d3ac1d9011b841d77b&utm_medium=$section_id$&shortmode=adx&obOrigUrl=true
Title: [Fotos] Auf diese 11 Dinge achten Flugbegleiter bei den Gästen als Erstes VoucherCodes

Search URL Search Domain Scan URL

URL: http://trk.ajaska.de/click/MTYzMA==/?utm_source=o&utm_campaign=00756b57619ba3b668a8669bb38aa3fd50&utm_medium=$section_id$&shortmode=adx&obOrigUrl=true
Title: [Fotos] Niemand hat jemals zuvor eine so große Kreatur gesehen VoucherCodes

Search URL Search Domain Scan URL

URL: http://trk.ajaska.de/click/MzA1Nw==/?utm_source=o&utm_campaign=00bcb2b3d35ae8003830d34508d9aacfd7&utm_medium=$section_id$&shortmode=adx&obOrigUrl=true
Title: [Fotos] Diese Fotos zeigen: So geht es wirklich beim Burning Man Festival zu VoucherCodes

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: http://condenast.com/

Search URL Search Domain Scan URL

URL: https://www.condenast.com/user-agreement/
Title: User Agreement

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy/
Title: Privacy Policy and Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy/#california
Title: Your California Privacy Rights

Search URL Search Domain Scan URL

URL: https://www.condenast.com/online-behavioral-advertising-oba-and-how-to-opt-out-of-oba/#clickheretoreadmoreaboutonlinebehavioraladvertising(oba)
Title: Ad Choices

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://arstechnica.com/security/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/ HTTP 301
https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 187

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&us_privacy=1---&google_tc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEISoHyhAYPtk3Q3c3SRzB2A&google_cver=1

Request Chain 188

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=w5m2Sp5VSHSC1IwvwqJgKg&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=w5m2Sp5VSHSC1IwvwqJgKg

Request Chain 190

https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6RTEOFZ-16-EAJF&sigv=1&esig=2~1f74e8cb56532fd0f0400b1508f9db62def5d556&us_privacy=1---

Request Chain 191

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_u_h74wMQpqmbiOnvR0tUg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_u_h74wMQpqmbiOnvR0tUg

Request Chain 193

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjYwYThiZGVkOGY2Yzc0MmMyYzRlZWY5MGUzMjdkYzUyZGUzZjIyMQ&us_privacy=1---

Request Chain 194

https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSVEVPRlotMTYtRUFKRg==&us_privacy=1---

187 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Redirect Chain

https://arstechnica.com/security/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

49 KB
16 KB

304ms
303ms

Document
text/html

18.119.39.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.119.39.54 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-39-54.us-east-2.compute.amazonaws.com

Software

nginx/1.17.10 / PHP/7.3.33

Resource Hash

26e2c2477b4f1b7625b9d8577966acdbbad27acc28c04f317dc1a56dec6a7b58

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 13 Aug 2022 11:28:39 GMT
link: <https://arstechnica.com/wp-json/>; rel="https://api.w.org/"
server: nginx/1.17.10
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.3.33
x-xss-protection: 1; mode=block

Redirect headers

content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Sat, 13 Aug 2022 11:28:39 GMT
location: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
server: nginx/1.17.10
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.3.33
x-xss-protection: 1; mode=block

GET
H2 200 main-c3a3431538.css
cdn.arstechnica.net/wp-content/themes/ars/assets/css/ 336 KB
71 KB 151ms
18ms Stylesheet
text/css 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 5c5dcbdd805b4603a4ac478d0e3966033767767309ac8eb2ddb6a1aea68ad2c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1646256689:cacheB.cdg1-01:H
x-cf-reqid: e70dda3e71e688f0fa14bf80620775e1
content-length: 71971
x-cf-tsc: 1646966221
x-cf2: H
last-modified: Fri, 04 Mar 2022 15:05:09 GMT
server: CFS 0215
x-cff: B
etag: W/"62222aa5-53f36"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 535481
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:39 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
7 KB 52ms
19ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b193e73190db64bafdb99e78994418d143e8289717118e54fb1cc55f54f7a712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 Aug 2022 11:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 9c22IGK2T1KyARgpJHRGhw==
age: 10400
vary: Accept-Encoding
content-length: 7101
x-ms-lease-status: unlocked
last-modified: Thu, 11 Aug 2022 06:42:14 GMT
server: cloudflare
etag: 0x8DA7B64A03A8AE5
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c5738352-b01e-0140-2a50-adb75d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 73a11bc82eba9177-FRA

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 48ms
16ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 Aug 2022 11:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 650
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: efc86d65-c01e-0100-49a9-2c9eb3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 73a11bc82ec09177-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 51ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60eb12486bd244f9b2c77d851a209c7f1cf81a9a82bce5662efb019b50b6f56c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28772
x-xss-protection: 0
server: sffe
etag: "1302 / 482 of 1000 / last-modified: 1660341990"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 13 Aug 2022 11:28:39 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
38 KB 74ms
9ms Script
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 13 Aug 2022 10:37:56 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 20:51:38 GMT
server: AmazonS3
age: 3044
etag: W/"72916dde70b34122b394074010b382ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-P3
x-amz-cf-id: mMkf2DsqJ7goBXA7v_hI_GwsE1v_Gb_SHsqqcLJMok1gAcK9FW9xnw==

GET
H2 200 prebid.min.js Show response
cdn.arstechnica.net/cns/ 255 KB
77 KB 164ms
32ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 58b5b179b9e8922ad42a52d54677fbf190d990cfd713299275a8a8079e0cf4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
content-encoding: gzip
x-cf3: M
x-amz-request-id: XRVPJFRCQ6DQEHG0
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:M
x-cf-reqid: 00b51b87863e92c6316b5dc09910500d
x-cache-hits: 1
content-length: 78071
x-amz-id-2: t0iM2EjhuTgFvsIlcryrfufC3LiP+ZE0b2ii/U+jPgFDPqdKQxb4NyKp+aYqGL30ODrhTIINBwY=
x-served-by: cache-iad-kcgs7200034-IAD
cf4ttl: 117.500
x-cf2: H
last-modified: Wed, 27 Jul 2022 17:55:39 GMT
server: CFS 0215
x-timer: S1660390076.521107,VS0,VE2
x-cff: B
etag: "f8ed8b860b47a0c401bb33c063dfc468"
vary: Accept-Encoding
x-amz-version-id: E3pLQpoeotOWPMrDwPC_cYg0IIz7hgHw
access-control-allow-origin: *
cache-control: max-age=120
cf4age: 4
accept-ranges: bytes
content-type: application/javascript
x-cf-tsc: 1660390076
expires: Sat, 13 Aug 2022 11:30:39 GMT

GET
H/1.1 200
OK 183973-93942139695505.js Show response
js-sec.indexww.com/ht/p/ 43 KB
15 KB 81ms
16ms Script
text/javascript 184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 11:28:39 GMT
Content-Encoding: gzip
Last-Modified: Sat, 13 Aug 2022 10:55:54 GMT
Server: Apache
ETag: "76496e-ada8-5e61d3e2a50e3"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1724
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 14812
Expires: Sat, 13 Aug 2022 11:57:23 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/condenastprebidheader987326845656/ 216 KB
76 KB 104ms
18ms Script
application/x-javascript 184.51.10.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.51.10.56 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-10-56.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fa5b3b47fc26c97d499f1b708d9f8e069dd2025a85ff3ed9d952037d49f3b5b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 15:26:37 GMT
server: AmazonS3
x-amz-request-id: TV04Q0CGQP7GCE0D
etag: "dd7642e30212333fe2fb1a18079bcbb3"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=45383
accept-ranges: bytes
content-length: 77341
x-amz-id-2: cGc9QhyZvZzFmff6Lx4FtNrHWQIGpJniLaA0zcHxwjOVN4W/pPaZkTxNXjCLEGE/Jua4nC96jYg=

GET
H2 200 ars-technica.min.js Show response
cdn.arstechnica.net/cns/ 116 KB
36 KB 148ms
16ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1660390070
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 83289b925ff981786913c6d685e87cbbf124a81c2a43e21d55d49d563fe9f498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
content-encoding: gzip
x-cf3: H
x-amz-request-id: XRVZMRRTS4AHCS7W
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cf-reqid: 3f59bb8389df0655f67d3ad767fd2a8c
x-cache-hits: 0
content-length: 36633
x-amz-id-2: 9O5Se27v0RYEebjMix42hbe/b2Nj0uuLKFejB3SjYR6ht+p8Dgvbw1yIW7DXP3vZ8DmSG/NRk7M=
x-served-by: cache-iad-kcgs7200045-IAD
cf4ttl: 43200.000
x-cf2: H
last-modified: Fri, 22 Jul 2022 15:04:19 GMT
server: CFS 0215
x-timer: S1660390071.434526,VS0,VE50
x-cff: B
etag: "dac81002701083bbe7621bf70681f911"
vary: Accept-Encoding
x-amz-version-id: giJ9mXvAriKtvmgLEpAmP0UpzIqKH7Py
access-control-allow-origin: *
cache-control: max-age=120
cf4age: 3
accept-ranges: bytes
content-type: application/javascript
x-cf-tsc: 1660390075
expires: Sat, 13 Aug 2022 11:30:39 GMT

GET
H2 200 ars-84a4ab0802.ads.us.js Show response
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 3 KB
1 KB 149ms
18ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/ars-84a4ab0802.ads.us.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 16708dda2536b4b3782313db4a6ec8456cd84da7ae0f56d7d2455e68fc9bc4f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cf-reqid: 74236f5c93129185ee0a877135a3fe89
content-length: 1143
x-cf-tsc: 1657740528
x-cf2: M
last-modified: Thu, 07 Jul 2022 19:54:02 GMT
server: CFS 0215
x-cff: B
etag: W/"62c739da-bc0"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 512368
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:39 GMT

GET
H2 200 word-500x392.jpg
cdn.arstechnica.net/wp-content/uploads/2017/04/ 43 KB
44 KB 177ms
175ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2017/04/word-500x392.jpg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 8da8c23d9bf300c6d309b03cb5678ebadb3b4754e3c081278dbb6f82cbcac094

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
x-cf3: M
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:M
x-cf-reqid: 5977b63775d28b6d75015b49a9eccfc5
content-length: 44404
x-amz-request-id: 9J4BZ53BAB9DC6JJ
x-amz-id-2: cx3Vbq4VAE8SyPe5UlLLMTJ0a1j7A8EdKyC7FgNCipzomJMDJqvtD2/n+rwK2WUF88iQxu/jUdU=
x-cf-tsc: 1660390120
x-cf2: M
last-modified: Sat, 21 Dec 2019 00:43:45 GMT
server: CFS 0215
x-cff: B
etag: "8df26b709ac8859e153a4ce7f300a47c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
x-amz-version-id: null
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:39 GMT

GET
H2 200 image1-300x98.png
cdn.arstechnica.net/wp-content/uploads/2017/04/ 20 KB
21 KB 179ms
177ms Image
image/png 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2017/04/image1-300x98.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 2c42115c0847de6030c95c350f66525b4311997d1911f4d887e8f1c991fcadcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
x-cf3: M
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:M
x-cf-reqid: c91b47b47c82219bb7585bd5e899e5f4
content-length: 20764
x-amz-request-id: 9J485N6ZPJ2VX55B
x-amz-id-2: TLMEEZOIIIiUoVxIkDnutzXplC7M9pHMXtAZPEx2ZEspSrHIUXC+fMgCZTOzy+7eY5uR+MEP54U=
x-cf-tsc: 1660390120
x-cf2: M
last-modified: Sat, 21 Dec 2019 00:43:04 GMT
server: CFS 0215
x-cff: B
etag: "75b5eb7d39b709a9ebc341f6e8288af1"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
x-amz-version-id: null
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:39 GMT

GET
H2 200 image2-300x99.png
cdn.arstechnica.net/wp-content/uploads/2017/04/ 48 KB
49 KB 193ms
192ms Image
image/png 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2017/04/image2-300x99.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 3b150a27981e05771154e8231d64b433239056246ef9ab87aa1573b115125980

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
x-cf3: M
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:M
x-cf-reqid: 0f89baa6b4c2b7623e7b99f1d2d5e45b
content-length: 49567
x-amz-request-id: 9J43E3ZKQ1QEWNQ5
x-amz-id-2: iWlKEh2uz21xc2LV2ka1xaUD/zBbF7c/iEIWb5xnbjm3o3oT/ml8hwF/vKMp2qrm7FS32F0Gquw=
x-cf-tsc: 1660390120
x-cf2: M
last-modified: Sat, 21 Dec 2019 00:43:04 GMT
server: CFS 0215
x-cff: B
etag: "67a076a08ba92c105622b59dd9b6d208"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
x-amz-version-id: null
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:39 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 205 KB
71 KB 150ms
17ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f27f9218959d83895b7422e29a6a86cbd912934868687f92f267dade6751c2db

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 08:21:28 GMT
etag: "15-8QHXUH2IkgzpY8oM/VzX0/PmnFA"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah-stg
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: f9de1fdaef4372598f2997a9bb8a277f
timing-allow-origin: *, *
content-length: 72045

GET
H2 200 main-a3cc766e23.js Show response
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 651 KB
212 KB 17ms
16ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-a3cc766e23.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 6005db7d329c98155b90076de0c9a68cf7316a51883ba92f78d3953ae6e1557b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cf-reqid: 730858f37d5cce4d80d1e1ba7158f136
content-length: 216104
x-cf-tsc: 1653423970
x-cf2: H
last-modified: Tue, 24 May 2022 19:54:56 GMT
server: CFS 0215
x-cff: B
etag: W/"628d3810-a2a00"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:39 GMT

GET
H2 200 conde-asa-polar-master.js Show response
cdn.mediavoice.com/nativeads/script/condenastcorporate/ 5 KB
2 KB 54ms
19ms Script
text/javascript 2606:4700::6813:da83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:da83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 18393
cf-ray: 73a11bc98b2a5c32-FRA
cf-ipcountry: DE
content-length: 2018
via: 1.1 varnish
last-modified: Sat, 13 Aug 2022 03:03:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 2144365521 2144151107
x-country: DE
cache-control: max-age=21600
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 100098X1555750.skimlinks.js Show response
s.skimresources.com/js/ 35 KB
14 KB 97ms
10ms Script
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc6b995a3b037727a4c8e7fe1756c192099f9658c4091ee55c61d3ba85e3920

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 10:52:15 GMT
server: AmazonS3
x-amz-request-id: 2TCFT3E671HF5Z2X
etag: "cd1919c614b1a51b072d5182dda15928"
x-hw: 1660390119.cds241.fr8.hn,1660390119.cds127.fr8.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13792
x-amz-id-2: nU71F7WKFZzsvl2JlK2HSb+DBk7Rp26pLsW1vIo/jkyynUAN86Sn7/lCE5dGaZsgbSyAzjG9Zks=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 468 KB
125 KB 41ms
16ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee9405da990310d7415895804d6361b00c1a94d8556ab3f35175af64cf9b17c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127878
x-xss-protection: 0
last-modified: Sat, 13 Aug 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 13 Aug 2022 11:28:39 GMT

GET
H2 200 b10882a1-8446-4e7d-bfb2-ce2c770ad910.json Show response
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/ 4 KB
2 KB 31ms
14ms XHR
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/b10882a1-8446-4e7d-bfb2-ce2c770ad910.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a24534ed328a0ae9e4f094e9224475c7e4d0cced0f58f09865d05eb7aee2967b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 Aug 2022 11:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zpr6/DSJQ0nTEKBJnSM3tg==
age: 1024
vary: Accept-Encoding
content-length: 1644
x-ms-lease-status: unlocked
last-modified: Fri, 01 Jul 2022 21:52:21 GMT
server: cloudflare
etag: 0x8DA5BABFA139F49
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0e294ff1-301e-0077-20a3-8d5da7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 73a11bc93edf5c26-FRA
expires: Sat, 13 Aug 2022 15:28:39 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 185 B
389 B 95ms
62ms Script
text/javascript 2606:4700:4400::ac40:929e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f808368b7d46fb5ca2841964ebb52519e57a058455eb1e50f90a25aecd2346f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 73a11bc98922bbb6-FRA

GET
H/1.1 200
OK condenast-amp Show response
segment-data.zqtk.net/ 51 B
380 B 110ms
33ms XHR
application/javascript 63.32.0.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://segment-data.zqtk.net/condenast-amp?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1660390070
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.32.0.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-0-187.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cd216bc5cece19866e688ce56e5c5243f32241dfc9cd4045d393f4f111f9333e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 11:28:39 GMT
Server: nginx
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: max-age=30
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 51
Expires: Sat, 13 Aug 2022 11:29:09 GMT

GET
H2 200 ads.js Show response
arstechnica.com/hotzones/src/ 0
495 B 102ms
102ms XHR
application/javascript 18.119.39.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arstechnica.com/hotzones/src/ads.js

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1660390070

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.119.39.54 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-119-39-54.us-east-2.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Jul 2022 19:45:48 GMT
server: nginx/1.17.10
etag: "62c737ec-0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 357 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 economica-bold-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 25 KB
25 KB 50ms
17ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-bold-otf-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cf-reqid: 7baf70c34d8d54ebaa1a9a019bff68f6
content-length: 25592
x-cf-tsc: 1631071301
x-cf2: H
last-modified: Tue, 03 Aug 2021 15:52:12 GMT
server: CFS 0215
x-cff: B
etag: "6109662c-63f8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 32473
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:39 GMT

GET
H2 200 economica-regular-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 24 KB
24 KB 50ms
18ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-regular-otf-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cf-reqid: d4638ff1d86aa593c82b4f3346d189f3
content-length: 24264
x-cf-tsc: 1631071301
x-cf2: H
last-modified: Tue, 03 Aug 2021 15:52:12 GMT
server: CFS 0215
x-cff: B
etag: "6109662c-5ec8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 32473
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:39 GMT

GET
DATA 200
OK truncated
/ 279 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 400 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 700 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 blockquote-afedeab761.svg
cdn.arstechnica.net/wp-content/themes/ars/assets/img/ 419 B
778 B 19ms
17ms Image
image/svg+xml 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/blockquote-afedeab761.svg
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 8edcf5bd609aef18638950de010699cd2765ef88aba3d019feb51a4271807662

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cf-reqid: 1ab8eb6014e2d31952cce697464432da
content-length: 419
x-cf-tsc: 1660354197
x-cf2: H
last-modified: Thu, 07 Jul 2022 19:54:02 GMT
server: CFS 0215
x-cff: B
etag: "62c739da-1a3"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 645206
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:39 GMT

GET
H2 200 bitter-italic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 24 KB
24 KB 19ms
17ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-italic-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cf-reqid: 661587608eb4518dc546b39932b64841
content-length: 24212
x-cf-tsc: 1646883596
x-cf2: H
last-modified: Fri, 04 Mar 2022 15:05:09 GMT
server: CFS 0215
x-cff: B
etag: "62222aa5-5e94"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 464206
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:39 GMT

GET
H2 200 bitter-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 22 KB
23 KB 28ms
26ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-regular-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cf-reqid: 0c8ccfdeea145d5249911be9399b2a10
content-length: 22872
x-cf-tsc: 1631071301
x-cf2: H
last-modified: Tue, 03 Aug 2021 15:52:12 GMT
server: CFS 0215
x-cff: B
etag: "6109662c-5958"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 32473
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:39 GMT

GET
H2 200 opensans-semibold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 19 KB
19 KB 29ms
28ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cf-reqid: 8a92e0d9ec2a360edac67f925382d138
content-length: 18972
x-cf-tsc: 1646963750
x-cf2: H
last-modified: Fri, 04 Mar 2022 15:05:09 GMT
server: CFS 0215
x-cff: B
etag: "62222aa5-4a1c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 544176
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:39 GMT

GET
H2 200 opensans-semibolditalic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 20 KB
21 KB 28ms
27ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibolditalic-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cf-reqid: dafc1ff199041cc4855d7eb89844d9cf
content-length: 20872
x-cf-tsc: 1653874871
x-cf2: H
last-modified: Tue, 24 May 2022 19:54:56 GMT
server: CFS 0215
x-cff: B
etag: "628d3810-5188"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 424576
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:39 GMT

GET
H2 200 opensans-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 19 KB
19 KB 29ms
28ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-bold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cf-reqid: e74d919a3103402ced4ef4ab320ee687
content-length: 19516
x-cf-tsc: 1646963750
x-cf2: H
last-modified: Fri, 04 Mar 2022 15:05:09 GMT
server: CFS 0215
x-cff: B
etag: "62222aa5-4c3c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 536953
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:39 GMT

GET
H2 200 opensans-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 18 KB
19 KB 28ms
27ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-regular-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:39 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cf-reqid: e9d3ac3551824e7d8b1cefa92d0fb174
content-length: 18824
x-cf-tsc: 1646883596
x-cf2: H
last-modified: Fri, 04 Mar 2022 15:05:09 GMT
server: CFS 0215
x-cff: B
etag: "62222aa5-4988"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 464206
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:39 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 176 B
449 B 63ms
41ms XHR
application/json 2606:4700:4400::ac40:929e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bb57548114158248eff7588b52a51a1740695dd8792bd45227246b0f77d31c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 73a11bc9db039277-FRA
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK video_groups Show response
api.cnevids.com/v1/ 4 KB
1 KB 417ms
97ms XHR
application/json 3.89.165.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cnevids.com/v1/video_groups?filters={%22channel_key%22:%22arstechnica%22}&pagesize=20&endpoint=oo.arstechnica

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-a3cc766e23.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.89.165.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-89-165-156.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

cb52c9b5c6b4f30eb9580d4414ecd97d408ffb0579fc9792f379da7e9e43221c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/*
Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 11:28:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 658
X-XSS-Protection: 1; mode=block
X-Request-Id: 0f1ce73c-64f1-4379-a7e2-736d3cad7f94
X-Runtime: 0.001577
X-Backend-Node: 10.110.12.4
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
X-Frame-Options: SAMEORIGIN
ETag: W/"988778d0b281a6b06992000ede9445a8"
X-Download-Options: noopen
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate

GET
H2 200 memo.js Show response
cdn.memo.co/js/ 21 KB
7 KB 124ms
74ms Script
application/javascript 13.32.121.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.memo.co/js/memo.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d7b91ed4a7804e22b94e4873af273def73469e80b740bd9787e287003058868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: dIwRVCKiXrZkA8Vq0TRLD0Yyqjiw5iXT
content-encoding: gzip
etag: W/"09a117df3977ec5a869191fcea2ac408"
last-modified: Wed, 04 May 2022 18:49:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront)
cache-control: no-cache
date: Sat, 13 Aug 2022 11:28:41 GMT
x-amz-cf-id: VVg1LeUVygOmbETfFJdUJZWIq9U57vZ5-8tEZNYjk0rlVRsu3tG6pg==

GET
H/1.1 200
OK arstechnica.js Show response
player.cnevids.com/interlude/ 108 KB
27 KB 124ms
28ms Script
text/javascript 99.86.240.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/interlude/arstechnica.js?isRightRail=true

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-20.vie50.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

fe211d4793b0750c00caa91f8306bbe59e26e0d5d02b3bf3e0d687d5deb81a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 11:27:56 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Age: 44
X-Cache: Hit from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 27017
X-XSS-Protection: 1; mode=block
X-Request-Id: 723d9110-71ab-4e75-8135-129e752549e7
X-Runtime: 0.010664
X-Backend-Node: 10.110.10.54
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"4d11a7cf9a205449458c40423abcf46a"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 e010e3963cfd47d783f0503a3dbc3b90.cloudfront.net (CloudFront)
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: xQDu5a8IbXKyiKaW6n6cOCMgBjABmxfz9mLxgYwszWE0wyP73XiGgg==

GET
DATA 200
OK truncated
/ 841 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Dang.jpg
cdn.arstechnica.net/wp-content/uploads/2018/10/ 90 KB
91 KB 17ms
16ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2018/10/Dang.jpg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
x-cf3: H
x-amz-request-id: Y9WXECG8Y6K25WKV
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cf-reqid: 150e3f5874be6c63a9a03c5b1d1de269
content-length: 92486
x-amz-id-2: OBqVTLOdERajgj7Zs7UvvbYPMxLrmBcsPqp0JKeoHAIAREGIqgBiGKokKq1cWTnVCXH5ognbVkA=
x-cf-tsc: 1660351183
cf4ttl: 43200.000
x-cf2: H
last-modified: Sat, 21 Dec 2019 01:48:48 GMT
server: CFS 0215
x-cff: B
etag: "03e5fec9e7ca5f8064d945bd791bd4c3"
x-amz-version-id: null
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1614715
accept-ranges: bytes
content-type: image/jpeg
x-cf-rand: 53.071
expires: Sat, 08 Oct 2022 11:28:40 GMT

GET
H2 200 channel-ars-be7bb52ba9.png
cdn.arstechnica.net/wp-content/themes/ars/assets/img/ 5 KB
5 KB 18ms
17ms Image
image/png 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/channel-ars-be7bb52ba9.png
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cf-reqid: d7ad839fe865731e6a287969e8258559
content-length: 4809
x-cf-tsc: 1654569426
x-cf2: H
last-modified: Tue, 24 May 2022 19:54:56 GMT
server: CFS 0215
x-cff: B
etag: "628d3810-12c9"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1119129
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:40 GMT

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 bitter-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 22 KB
22 KB 18ms
17ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-bold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cf-reqid: 7f2928c1f192c9e6a73272d882665790
content-length: 22104
x-cf-tsc: 1653876784
x-cf2: H
last-modified: Tue, 24 May 2022 19:54:56 GMT
server: CFS 0215
x-cff: B
etag: "628d3810-5658"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 426488
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:40 GMT

GET
H2 200 opensans-italic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 20 KB
21 KB 19ms
18ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-italic-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Middleburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c46974d8f6030e4888708b18a5d9a32b25eb765a5708896e1899df449d87aab7

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.cdg1:co:1525808045:cacheB.cdg1-01:H
x-cf-reqid: 8230d954117c25b30a0ed76a59925f53
content-length: 20748
x-cf-tsc: 1646883596
x-cf2: H
last-modified: Fri, 04 Mar 2022 15:05:09 GMT
server: CFS 0215
x-cff: B
etag: "62222aa5-510c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 462975
accept-ranges: bytes
expires: Sat, 08 Oct 2022 11:28:40 GMT

POST
H2 200 / Show response
r.skimresources.com/api/ 150 B
373 B 67ms
17ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

0e45770fd9114e9a85aa1504d507bc4a69df998ae2d6c7d6ebfed87366c62fd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://arstechnica.com
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 3905 0
134 B 67ms
18ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4703096323112068
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.10 aiohttp/3.8.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
via: 1.1 google
server: Python/3.10 aiohttp/3.8.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 117ms
17ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=10.479767498067972
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
276 B 115ms
16ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=10.479767498067972
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.35.0/ 360 KB
85 KB 14ms
14ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bDp57sS049dDkRqCL4m53Q==
age: 2023
vary: Accept-Encoding
content-length: 87115
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:21:06 GMT
server: cloudflare
etag: 0x8DA4784BD4AE529
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 74e8856d-c01e-0004-086f-792d64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 73a11bca99da9177-FRA

GET
H2 200 plugin.js Show response
plugin.mediavoice.com/ 367 KB
137 KB 31ms
16ms Script
application/javascript 2606:4700::6813:da83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.mediavoice.com/plugin.js
Requested by: Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:da83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cf7b1e98a88a1cff624cff6b252912d63ee6d9d20d8493f63511df44ec7cfdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 17611
content-type: application/javascript
content-length: 139721
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 12 Jul 2022 18:30:03 GMT
server: cloudflare
etag: W/"62cdbdab-5bd9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-varnish: 2468993527 2468888221
via: 1.1 varnish
cache-control: max-age=43200
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 73a11bcabcdc5c32-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 13 Aug 2022 13:44:46 GMT

GET
H2 200 condenastcorporate Show response
polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/ 208 B
502 B 55ms
21ms XHR
application/json 2606:4700::6811:4132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/condenastcorporate
Requested by: Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc40a5096530714279199bd98ffbe44f3108bf9dd183ec74d85f69705d86e25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
server: cloudflare
etag: W/"f3cb63b5151ee861d177a2136e7d9989"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Country, CF-Ray
cache-control: max-age=3600
x-country: DE
cf-ray: 73a11bcadc38bb97-FRA

GET
H2 200 pubads_impl_2022080901.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
132 KB 48ms
7ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022080901.js?cb=31068915

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 09:15:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7982
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134589
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 08:35:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 13 Aug 2023 09:15:38 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 176 B
751 B 57ms
16ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=arstechnica.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

73c4228fa5b38d181899fbb43d408ac2138b29bfef6260136f66d926723d84d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115
x-xss-protection: 0
expires: Sat, 13 Aug 2022 11:28:40 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 802 B
1 KB 9ms
8ms XHR
application/json 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3035&u=https%3A%2F%2Farstechnica.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 18ff9f7031a6474c6567199041c377bcc5d565ce35d6261269d81beb4ed6fb75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 09:30:44 GMT
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
server: Server
age: 7075
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://arstechnica.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P3
content-length: 802
x-amz-cf-id: h9XTsLeVRRW46nSjhw8Lqk-eWOq_q1ynQyLWT_382Mwr0MEhaX1mIw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
7ms XHR
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 02:41:24 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 31637
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 03 Aug 2022 22:19:11 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: JXufo2ctue2uysHllG2MRpKE8F0E4.a0
via: 1.1 f3e00d74aa4544d776f78a159416d17a.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P3
content-type: application/javascript
x-amz-cf-id: u3ZIQaWDt0XnTcZ0O9_l3WNqi6puC2yyXn21koAEeFAyPSbb2c_M3w==

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 391 B
565 B 351ms
34ms Script
text/html 3.9.57.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CC%24%3D!!tmxgk~GDgxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-RXD%2FUFJ0XDIlaX11F1NpvhT%2BFty8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-vmZzsGufu1cv0g%3D%3D&sc=1&os=1-aw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pcode=condenastprebidheader987326845656&rx=78356969551&callback=MoatNadoAllJsonpRequest_2554722
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.57.182 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-9-57-182.eu-west-2.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 36a013198a9008cfb85603d5445e8c212ed81098dc15142df15fb26ca827f2bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "634a6a39f3f49b09e99aea1d4b983d02a017c5e1"
content-length: 391
content-type: text/html; charset=UTF-8

GET
H2 200 v2 Show response
z-na.associates-amazon.com/onetag/ 11 KB
4 KB 163ms
7ms Script
text/javascript 108.138.23.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.23.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-23-218.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 7475f5c70d3b6020b6f4621b2e69fba3360bea00a913e60b085af165b93842ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 04:08:44 GMT
content-encoding: gzip
accept-charset: UTF-8
server: Server
age: 26396
x-amz-rid: BPC39D1BQRRSJHVQX8E8
vary: accept-encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
permissions-policy: interest-cohort=()
x-amz-cf-pop: FRA56-P7
x-amz-cf-id: vXIgTqvNA1bgFffqp5wHwbbzPLZ-B6i1j_MsmL-p7SrPjfjNJ6PCdQ==
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)

GET
H/1.1 200
OK YXJzdGVjaG5pY2EuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 125ms
17ms XHR
application/json 23.202.54.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/YXJzdGVjaG5pY2EuY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.54.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-54-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 11:28:40 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=17303
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 882cebfb8c6cede05ab1b4299567f0a2
Content-Length: 16
Expires: Sat, 13 Aug 2022 16:17:03 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 86ms
16ms Image
image/gif 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Mon, 12 Sep 2022 11:28:40 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
38 KB 73ms
8ms Script
application/x-javascript 143.204.89.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-32.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
content-encoding: gzip
etag: W/"148e21f812b555a13b2a9c6b616141f4"
age: 11027
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
date: Sat, 13 Aug 2022 08:24:54 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
via: 1.1 6b4954a8411e7b2a232537f8000c5c9c.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: 8T3Six53WeJ2OTDi1VUAXFrHB72taOSC6Dk-PZnbHednKhjbY_jNbA==

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
339 B 18ms
17ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.10 aiohttp/3.8.1 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Aug 2022 11:28:40 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.10 aiohttp/3.8.1
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://arstechnica.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/4358ff0f-2a02-4763-aae1-769adf1f328a/ 221 KB
36 KB 17ms
16ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/4358ff0f-2a02-4763-aae1-769adf1f328a/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e8cee856a0b21bdd96a2ee67f69f5069328896682b8c293197c374c051df06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zezbQFqPIx5NEwuD/ujnYg==
age: 3259
vary: Accept-Encoding
content-length: 36594
x-ms-lease-status: unlocked
last-modified: Fri, 01 Jul 2022 21:53:10 GMT
server: cloudflare
etag: 0x8DA5BAC170FB6BC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3b613b6f-a01e-00f1-29a5-8d0975000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 73a11bcb7a475c26-FRA
expires: Sat, 13 Aug 2022 15:28:40 GMT

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 341 KB
49 KB 15ms
15ms Fetch
application/x-javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6430dc4f65a57738b9f44e49496846c3e249ddce4db0a5bff8cf0a475e61c6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: CZzggcuYnN7o9xeyk7vq9w==
age: 3259
vary: Accept-Encoding
content-length: 49837
x-ms-lease-status: unlocked
last-modified: Sat, 13 Aug 2022 07:27:18 GMT
server: cloudflare
etag: 0x8DA7CFD410D2F1D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a1aa4ebc-701e-0095-32ee-aeb9d5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 73a11bcb7a485c26-FRA

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/6.35.0/ 68 KB
15 KB 14ms
14ms Script
application/javascript 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: h9906B8X4UODtkG9gxLmLQ==
age: 641
vary: Accept-Encoding
content-length: 15011
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:21:04 GMT
server: cloudflare
etag: 0x8DA4784BC25C71C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8347cf45-b01e-006d-5c79-7972c8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 73a11bcb7b169177-FRA

GET
H/1.1 200
OK recommendations Show response
api.condenast.io/v1/ 16 KB
6 KB 286ms
222ms Fetch
application/json 151.101.64.239
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.condenast.io/v1/recommendations?applicationID=cne-interlude-arstechnica&brand=arstechnica&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&filter%5Bstrategy%5D=POPULAR&filter%5BcontentType%5D=CNEVIDEO&filter%5Blanguage%5D=en-US&page%5Bsize%5D=5
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/interlude/arstechnica.js?isRightRail=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: d61c43c341fce6713ed963afc1d1287e940d4cc98cb24c551586fda3b92efc77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
X-Backend: 2SrKDXXFWNz87LdtRpzPzK--F_api_eu_central_1_condenast_io
access-control-allow-origin: https://arstechnica.com
transfer-encoding: chunked
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-hhn4067-HHN
Server: nginx/1.15.8
X-Timer: S1660390120.320475,VS0,VE214
Vary: origin,accept-encoding, Accept-Encoding, Origin
Content-Type: application/json;charset=utf-8
Via: 1.1 varnish
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: private, max-age=0
access-control-allow-credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1 200
OK n Show response
elsa.memoinsights.com/ 382 B
958 B 437ms
102ms Script
application/javascript 50.17.85.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://elsa.memoinsights.com/n?pid=62012a7a19351c07620394e0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&author%5B%5D=Dan%20Goodin&title=Booby-trapped%20Word%20documents%20in%20the%20wild%20exploit%20critical%20Microsoft%200-day&date=2017-04-08T20%3A00%3A41Z&referrer=&ref_url=&page_url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&cb=MEMO.API.callbacks.cbkyifo&v=v3.0.6
Requested by: Host: cdn.memo.co
URL: https://cdn.memo.co/js/memo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.85.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-85-17.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 5e2dc2d5071ebc32d28a9183d0c7eafb5ad1592a70170f2869f11f0b39431216

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
server: istio-envoy
content-type: application/javascript
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 260
x-request-id: 4d0d72b277addf72db67240eec647927

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
166 B 363ms
124ms XHR
application/json 3.219.23.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=CONDENAST&sv_domain=arstechnica.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.23.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-23-242.compute-1.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://arstechnica.com
date: Sat, 13 Aug 2022 11:28:40 GMT
access-control-allow-credentials: true
server: nginx/1.20.2
content-length: 2
vary: Origin
content-type: application/json

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.35.0/assets/ 9 KB
3 KB 34ms
33ms Fetch
application/json 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1da25cf82f065474aadce40a8c7369f6df48e1847cb95c21bd9083488eff7390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fTgzYGTDokH8tdiAiskzEg==
age: 494
vary: Accept-Encoding
content-length: 2585
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:20:57 GMT
server: cloudflare
etag: 0x8DA4784B80C618C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ab71653d-001e-009a-438a-795423000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 73a11bcc7c155c26-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.35.0/assets/ 21 KB
4 KB 16ms
16ms Fetch
text/css 2606:4700::6810:9440
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
age: 2860
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:21:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 53a4d8f1-301e-005e-768a-792be5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 73a11bcc7c185c26-FRA

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
533 B 40ms
39ms XHR
text/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3035&u=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pid=6muxV7fyAzsym&cb=0&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22post_nav_0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22hero%2Fdesktop%22%7D%2C%7B%22sd%22%3A%22siderail_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22rail%2Fdesktop%22%7D%5D&pj=%7B%22si_section%22%3A%22information-technology%22%2C%22us_privacy%22%3A%221---%22%7D&gdpre=1&gdprc=CPdpR8APdpR8AAcABBENCcCgAAAAAAAAAChQAAAAAAJggAIBGAgDkAAQABoAHAAeABcAD4ALQAfABGACSAFsAMQAfwBIgCuAF8ANQAbQA4gByADnAHUAPkAf4BAwCDgEiAJ-AUMApYBhADqgIbAQ-Ai8BHoCQgErAJtAWEAuIBdAC6gF2gLyAYFAw8DEAGLAMhAZQA0IBowDSgGpgNoAbcA3QBwQSCOAAgABcAFAAVAAyABwADwAIAAYAAygBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCQCGAIkAR0AlgCXAE0AKUAW4AwwBkADLAGyAO-AewB8QD7AP0AgEBFwEYgI0AjgBKQCggFPAKuAXMAxQBrADaQG4AbwA9AB8gEOgJEATEAmUBOwChwFIgKaAWKAtABbAC5AF3gLzAYMAwkBhsDIgMkAZOAy4BnIDPgGkQNYA1kMAeAAMAAsAC4ARgAkgBPgCoAKoAWwAxABvAFIANKAagBqgDiAJaAUsA2QB1AENgIvASEAocBYgC4gGBAMPAYsAyMBoQDdA0B4AKwAXABDADIAGWANkAdgA_ACAAEFAIwAU8Aq8BaAFpANYAbwA6oB8gEOgIqASIAnYBSIC5AGEgMYAZOAzkBngDPhAB0AAwACwALgA1ACMAEkAJ4AVQAtgBiADeAKQAagA4gB8gEiAJaAUuA3ADeAIbAReAkIBQ4C4gGBAMPAYsA0IBugiAuAFYAQwAyABlgDZAHYAPwAgABGACngFXANYAdUA-QCHQEiAJ2AUiAuQBhIDJwGcgM-FQFQAKABDACYAFwARwAywB2AEcAKvAWgBaQDeAJBATEAtgBcgC8wGRAM5AZ4Az4BuQoAoAGIATIApABlQDUANUAbQA4gByADwAIKAS0ApYB1QEegLEAYEAw8BmgDQgGvDACoANQAxACZAFIAMoAagA2gBxADkAHgAS0ApYBYgDqgI9AScAsQBeQDAgGHgNCGQEgAhgBMAEcAMsAdgA-wCOAFXAK2AbwBMQC0QFsALzAZEAzkBngDPhwF8AAQABgAEQAOAA8AC4AHwAWgA5gB-AIIARgAtgBdAC-AGQANAAfwBCACRAE6AKQAWYAvgBlgDSgGoAaoA2gBxADkAHOAOoAdgA7gB8wEAAQWAg4CEAERAJEAS0Am0BPgE_AKWAVAArIBbQC9QGAAYEAwgBmQDWAGvAN4AceA5wDpAHVAPIAfIBCACG4EPgRAAiIBHoCQoErASuAmIBMoCbQFCgKQAUmApgBUwCqoFbAV2AsoBaQC1AFxQLoAuoBewC-gGBQMPAxABiwDIQGUAMvAaFA0UDRgGlANNAamA14BtADbAG3DoKwAC4AKAAqABkADgAIAAXQAwADKAGgAagA8AB9AEMARAAmABPgCqAKwAWAAuABiADMAG8AOYAeoBDAETAJYAmABNACjAFKALEAW8AwgDDgGQAZQA0QBsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWmAuYC6gF5AMUAbQA3EB0wHUAPQAh0BFQCLwEggJEASoAnYBQ4CmgFWALFAWwAuABcgC7QF3gLzAYMAwkBhoDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNYAbGQAagAIACCAF8ANAAfwBIgCkAFuAL4AZcA1ADVAG0AOIAcgA5wB2ADwAIKAT4ApYBWQCxAGAAMIAZkA3gBzgDqgHbAQ-Aj0BIQCTgErgJiATaAoUBSACkwFbALaAXQAvIBewDAgGHgM0AaEA0UBpQDUwG2ANuIQMwAFgAUAAyAC4AGIAQwAmABVAC4AGIAMwAbwA9ACOAFiAMIAZQA3wB3gD7AH-ARwAlIBQQCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAKaAWKAtEBbAC4AFyALtAZEAycBnIDPAGfANEAaSA0sBwBIBOAAIAAwADgALgA5ACoAGQAN4AhABIgCkgFyAXwAywBpADUAG0AO4AgABBwCEgEtAJ8AVAArIBrwDeAHVAPsAlYBNoCkwFlALSAXsAw8BiIDFgGlANyJQMgAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADNAIYAiQBHACjAFKALcAYQAygBsgDvAH4ARwAk4BTwCrwFoAWkAuoBigDcAHUAPkAh0BFQCLwEiALFAWwAu0BeYDIgGTgMsAZyAzwBnwDSAGsAOAKASgABAAGAAuAB8AFoAOQAfgBGACoAFYAL4AZAA2wBvAHIAQgAjgBIgCZAE6AKSAXIBfADLAGkANQAa4A2gBxADnAHUAO4AeAA-QCAAEHAISARUAkQBJwCWgE2gJ8An4BSwCsgFiALqAYCAwgDFAGvAN4AdUA7YB5AD5AH_AR6AmIBMoCbQFIAKYAVMArYBXYC0AF5AL6AYEAw8BiwDRAGlQNSA1MBrwDgikD8ABcAFAAVAAyABwAEEAMAAygBoAGoAPIAhgCIAEwAJ4AUgAqgBYADEAGYAOcAhgCJAFGAKUAWIAtwBhADKAGiANkAd8A-wD9AIsARgAjgBKQCggFXAK2AXMAvIBtADcAHoAQ6Ai8BIgCdgFDgLFAWwAuABcgC7QF5gMNAYwAyIBkgDJwGXAM5AZ4Az6BpAGkwNYA1kBsYA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.209.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-209-55.fra56.r.cloudfront.net

Software

Server /

Resource Hash

159bd804f3a207ce59088ef63f186ba5b3d906d5245b7bfa882a6a6c3f6a9314

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
via: 1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
x-amz-rid: ANPSZVDVDB5SE0DSNFFE
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: TtbpHUz29RREj9JEInlDxE48HWlEfmdGvoD0OFtMDxmOtJXslASPfA==

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 329 B
1 KB 229ms
162ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552960&size_id=2&alt_size_ids=57&us_privacy=1---&eid_pubcid.org=58044ab7-017c-46ec-accd-311983ae2aa5%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&tg_i.cnt_tags=exploits%2Cmicrosoft-3%2Coffice%2Cvulnerabilities%2Cword%2Czeroday&tk_flint=pbjs_lite_v7.7.0&x_source.tid=ed11e5cf-9c0a-4d59-8f06-80e551497ca5&l_pb_bid_id=26ab349759d92e&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8805395234491151
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c9a5d4daa76187b43454c870a4dda657fb81a089da8d74c901b744c6fe598b58

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Aug 2022 11:28:40 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 329
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 329 B
1 KB 152ms
84ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552962&size_id=2&alt_size_ids=57&us_privacy=1---&eid_pubcid.org=58044ab7-017c-46ec-accd-311983ae2aa5%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&tg_i.cnt_tags=exploits%2Cmicrosoft-3%2Coffice%2Cvulnerabilities%2Cword%2Czeroday&tk_flint=pbjs_lite_v7.7.0&x_source.tid=ed11e5cf-9c0a-4d59-8f06-80e551497ca5&l_pb_bid_id=36c1eed5a722ca&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8110698553804825
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 767d45f24df97c5aec4707f7721bff23ecfda6e01f71f67bf2ee7bb53613742f

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Aug 2022 11:28:40 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 329
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 13 KB
7 KB 180ms
136ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=375849&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224b76c7d6383b4%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F%3Fcnt_tags%3Dexploits%252Cmicrosoft-3%252Coffice%252Cvulnerabilities%252Cword%252Czeroday%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cnt_tags%22%3A%5B%22exploits%22%2C%22microsoft-3%22%2C%22office%22%2C%22vulnerabilities%22%2C%22word%22%2C%22zeroday%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.7.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F%22%2C%22tmax%22%3A1000%2C%22syncsPerBidder%22%3A5%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22adunitcode%22%3A%22hero_728x90_970x250%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22558aad507b0515%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22375849%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22375848%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22ed11e5cf-9c0a-4d59-8f06-80e551497ca5%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2258044ab7-017c-46ec-accd-311983ae2aa5%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfef216bcf4b2bfb2029c1dee8aabb342b6647893dc6be915838137ff6582a0

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ihArVH6xhES%2Fc5nSyNuNDKBzA8m%2BX7jBQIXXUAxnFUGt6%2B4t9k%2FTJCck5bFglA1ldAhm7z2N7s3gq2Qs2C4PTJPdGYsGQGrSqTNnEOPqlOpLjOwOSs8UNjhNfyf%2FUGeyCTP0rRpr"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 73a11bcd0bbabbc7-FRA
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 200ms
99ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a969ce00175757040bb70c4ff01002a&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 451681557b1134535080aeca3ae336399b746f27de9a38d22dec2d4b2be58893

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
292 B 155ms
55ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a9691380175757044fd70c4fff3002b&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: f0d91d794c42b7bd9e2528f42ffe07c8819d002ceb997763d79c74d115c3a5c0

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 arj Show response
condenastus-d.openx.net/w/1.0/ 73 B
377 B 98ms
19ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ed11e5cf-9c0a-4d59-8f06-80e551497ca5%2Ced11e5cf-9c0a-4d59-8f06-80e551497ca5&nocache=1660390120443&us_privacy=1---&pubcid=58044ab7-017c-46ec-accd-311983ae2aa5&aus=728x90%2C970x250%7C728x90%2C970x250&divids=hero_728x90_970x250%2Chero_728x90_970x250&aucs=%2C&auid=541000619%2C541000563&aumfs=50%2C50
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 2d7f23560495bf3906401f877b3e1e435257e2fde10f14ecb2fffcb6a9eee27b

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://arstechnica.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
876 B 133ms
102ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 876e5a0f86b204a1da3795f675b8211bb108147cc0d8232c33cc6028e553ce85

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 330 B
1 KB 175ms
119ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552988&size_id=15&alt_size_ids=10&us_privacy=1---&eid_pubcid.org=58044ab7-017c-46ec-accd-311983ae2aa5%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&tg_i.cnt_tags=exploits%2Cmicrosoft-3%2Coffice%2Cvulnerabilities%2Cword%2Czeroday&tk_flint=pbjs_lite_v7.7.0&x_source.tid=f016ddc7-674a-40ac-ba78-568e7331ee8c&l_pb_bid_id=204030ced73b951&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.21064225039114204
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d345cfd987ee905424e4d3d22a677d2f1a45f2cb0cc6fe213228a63457305625

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Aug 2022 11:28:40 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 330
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 330 B
1 KB 193ms
137ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552990&size_id=15&alt_size_ids=10&us_privacy=1---&eid_pubcid.org=58044ab7-017c-46ec-accd-311983ae2aa5%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&tg_i.cnt_tags=exploits%2Cmicrosoft-3%2Coffice%2Cvulnerabilities%2Cword%2Czeroday&tk_flint=pbjs_lite_v7.7.0&x_source.tid=f016ddc7-674a-40ac-ba78-568e7331ee8c&l_pb_bid_id=2197d98467cc9e5&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2048638521627646
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1d4b4d6b90f7172c4b2482bfb10686113ef275045d6f386460468fb0e8efd549

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 13 Aug 2022 11:28:40 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 330
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 6 KB
4 KB 186ms
151ms XHR
application/json 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=375865&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2222c3648c291b5a9%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F%3Fcnt_tags%3Dexploits%252Cmicrosoft-3%252Coffice%252Cvulnerabilities%252Cword%252Czeroday%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cnt_tags%22%3A%5B%22exploits%22%2C%22microsoft-3%22%2C%22office%22%2C%22vulnerabilities%22%2C%22word%22%2C%22zeroday%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.7.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F%22%2C%22tmax%22%3A1000%2C%22syncsPerBidder%22%3A5%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22adunitcode%22%3A%22rail_300x250_300x600%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2223a49199e059778%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22375865%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22375864%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22f016ddc7-674a-40ac-ba78-568e7331ee8c%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2258044ab7-017c-46ec-accd-311983ae2aa5%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac6e7564f150e93cf152e3a5e9b714f4840907210422d6e5b3899725ec55fa5

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tyUmHTk0uLIcPEqSY4JNBtz9J2mDit3n9%2FksOOabuE1rE2SE4vdetLpQ%2B3lVccTYdr60yNMZk51b0tfQhVm9HWEdsYmuEomGNsIA9%2BBcH4rCPZhSgkPhzWn%2BRRvzlX%2B2M%2F1o%2BPqq"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 73a11bcd0bbcbbc7-FRA
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 184ms
92ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a969ce00175757040bb70c50db8002f&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: c4c0f74424400fde409113658bc07d218278fa71d0b7950c71171cf429f9fc29

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 5 KB
5 KB 228ms
137ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a9691380175757044fd70c50ec60030&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.25 /
Resource Hash: 836969720dde46dcfa07564000a19bc8adbf327e105f970fd811ea764cd06227

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
server: ATS/9.1.10.25
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
content-length: 4981

GET
H2 200 arj Show response
condenastus-d.openx.net/w/1.0/ 73 B
145 B 91ms
20ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f016ddc7-674a-40ac-ba78-568e7331ee8c%2Cf016ddc7-674a-40ac-ba78-568e7331ee8c&nocache=1660390120451&us_privacy=1---&pubcid=58044ab7-017c-46ec-accd-311983ae2aa5&aus=300x250%2C300x600%7C300x250%2C300x600&divids=rail_300x250_300x600%2Crail_300x250_300x600&aucs=%2C&auid=541000589%2C541000592&aumfs=50%2C50
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 2925550a51eae030b3069b8410919caa8500e69a5f4961649c78067dda69946a

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://arstechnica.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
739 B 156ms
132ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 8922541353770fe5211fce4fe64478deb4afbd9a4e4e8a35d695497b7620f8ed

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
593 B 38ms
7ms Fetch
application/json 13.32.99.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-122.fra60.r.cloudfront.net
Software: /
Resource Hash: a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 01:05:05 GMT
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront), 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
age: 37415
x-amzn-requestid: 34b525bc-14f2-4cf3-be15-6a896105d757
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62f6f8c1-789eda4a213d21a97edaffd9;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA6-C1, FRA60-P3
x-amz-apigw-id: WxvORH3ljoEFztA=
content-length: 30
x-amz-cf-id: we_v599MSb7h1us1EPPnSBnWQHbrYYgEmqbozRZHlO6haJQ1Sfnrgg==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H/1.1 200
OK 5b27ee7e8c1abc4e7900000f Show response
api.cnevids.com/v1/video_groups/ 104 KB
17 KB 197ms
197ms XHR
application/json 3.89.165.156
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cnevids.com/v1/video_groups/5b27ee7e8c1abc4e7900000f?endpoint=oo.arstechnica

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-a3cc766e23.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.89.165.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-89-165-156.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

d779f1e01127fcaeb5a4c26fcc01339f7f2a5f11fa0abaae1aeb6ed8c5dde475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/*
Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 11:28:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 17087
X-XSS-Protection: 1; mode=block
X-Request-Id: 9e97eb87-674a-4785-8d72-18882a128382
X-Runtime: 0.006579
X-Backend-Node: 10.110.125.62
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
X-Frame-Options: SAMEORIGIN
ETag: W/"ce437f704a3a6ad300b667c1d83ea867"
X-Download-Options: noopen
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK andoncord Show response
assoc-na.associates-amazon.com/onetag/ 16 B
415 B 523ms
103ms XHR
application/json 72.21.195.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assoc-na.associates-amazon.com/onetag/andoncord
Requested by: Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: Server /
Resource Hash: c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 11:28:40 GMT
Server: Server
x-amz-rid: P7FFK0WWPK346TYQ0T3B
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 16

GET
H2 200 get Show response
odb.outbrain.com/utils/ 80 KB
35 KB 368ms
282ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&srcUrl=http%3A%2F%2Ffeeds.arstechnica.com%2Farstechnica%2Findex%2F&idx=0&rand=63169&key=NANOWDGT01&widgetJSId=AR_14&va=true&et=true&format=html&adblck=false&abwl=false&px=190&py=4328&vpd=3128&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000853&sig=CkMA0JkS&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPdpR8APdpR8AAcABBENCcCgAAAAAAAAAChQAAAAAAJggAIBGAgDkAAQABoAHAAeABcAD4ALQAfABGACSAFsAMQAfwBIgCuAF8ANQAbQA4gByADnAHUAPkAf4BAwCDgEiAJ-AUMApYBhADqgIbAQ-Ai8BHoCQgErAJtAWEAuIBdAC6gF2gLyAYFAw8DEAGLAMhAZQA0IBowDSgGpgNoAbcA3QBwQSCOAAgABcAFAAVAAyABwADwAIAAYAAygBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCQCGAIkAR0AlgCXAE0AKUAW4AwwBkADLAGyAO-AewB8QD7AP0AgEBFwEYgI0AjgBKQCggFPAKuAXMAxQBrADaQG4AbwA9AB8gEOgJEATEAmUBOwChwFIgKaAWKAtABbAC5AF3gLzAYMAwkBhsDIgMkAZOAy4BnIDPgGkQNYA1kMAeAAMAAsAC4ARgAkgBPgCoAKoAWwAxABvAFIANKAagBqgDiAJaAUsA2QB1AENgIvASEAocBYgC4gGBAMPAYsAyMBoQDdA0B4AKwAXABDADIAGWANkAdgA_ACAAEFAIwAU8Aq8BaAFpANYAbwA6oB8gEOgIqASIAnYBSIC5AGEgMYAZOAzkBngDPhAB0AAwACwALgA1ACMAEkAJ4AVQAtgBiADeAKQAagA4gB8gEiAJaAUuA3ADeAIbAReAkIBQ4C4gGBAMPAYsA0IBugiAuAFYAQwAyABlgDZAHYAPwAgABGACngFXANYAdUA-QCHQEiAJ2AUiAuQBhIDJwGcgM-FQFQAKABDACYAFwARwAywB2AEcAKvAWgBaQDeAJBATEAtgBcgC8wGRAM5AZ4Az4BuQoAoAGIATIApABlQDUANUAbQA4gByADwAIKAS0ApYB1QEegLEAYEAw8BmgDQgGvDACoANQAxACZAFIAMoAagA2gBxADkAHgAS0ApYBYgDqgI9AScAsQBeQDAgGHgNCGQEgAhgBMAEcAMsAdgA-wCOAFXAK2AbwBMQC0QFsALzAZEAzkBngDPhwF8AAQABgAEQAOAA8AC4AHwAWgA5gB-AIIARgAtgBdAC-AGQANAAfwBCACRAE6AKQAWYAvgBlgDSgGoAaoA2gBxADkAHOAOoAdgA7gB8wEAAQWAg4CEAERAJEAS0Am0BPgE_AKWAVAArIBbQC9QGAAYEAwgBmQDWAGvAN4AceA5wDpAHVAPIAfIBCACG4EPgRAAiIBHoCQoErASuAmIBMoCbQFCgKQAUmApgBUwCqoFbAV2AsoBaQC1AFxQLoAuoBewC-gGBQMPAxABiwDIQGUAMvAaFA0UDRgGlANNAamA14BtADbAG3DoKwAC4AKAAqABkADgAIAAXQAwADKAGgAagA8AB9AEMARAAmABPgCqAKwAWAAuABiADMAG8AOYAeoBDAETAJYAmABNACjAFKALEAW8AwgDDgGQAZQA0QBsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWmAuYC6gF5AMUAbQA3EB0wHUAPQAh0BFQCLwEggJEASoAnYBQ4CmgFWALFAWwAuABcgC7QF3gLzAYMAwkBhoDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNYAbGQAagAIACCAF8ANAAfwBIgCkAFuAL4AZcA1ADVAG0AOIAcgA5wB2ADwAIKAT4ApYBWQCxAGAAMIAZkA3gBzgDqgHbAQ-Aj0BIQCTgErgJiATaAoUBSACkwFbALaAXQAvIBewDAgGHgM0AaEA0UBpQDUwG2ANuIQMwAFgAUAAyAC4AGIAQwAmABVAC4AGIAMwAbwA9ACOAFiAMIAZQA3wB3gD7AH-ARwAlIBQQCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAKaAWKAtEBbAC4AFyALtAZEAycBnIDPAGfANEAaSA0sBwBIBOAAIAAwADgALgA5ACoAGQAN4AhABIgCkgFyAXwAywBpADUAG0AO4AgABBwCEgEtAJ8AVAArIBrwDeAHVAPsAlYBNoCkwFlALSAXsAw8BiIDFgGlANyJQMgAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADNAIYAiQBHACjAFKALcAYQAygBsgDvAH4ARwAk4BTwCrwFoAWkAuoBigDcAHUAPkAh0BFQCLwEiALFAWwAu0BeYDIgGTgMsAZyAzwBnwDSAGsAOAKASgABAAGAAuAB8AFoAOQAfgBGACoAFYAL4AZAA2wBvAHIAQgAjgBIgCZAE6AKSAXIBfADLAGkANQAa4A2gBxADnAHUAO4AeAA-QCAAEHAISARUAkQBJwCWgE2gJ8An4BSwCsgFiALqAYCAwgDFAGvAN4AdUA7YB5AD5AH_AR6AmIBMoCbQFIAKYAVMArYBXYC0AF5AL6AYEAw8BiwDRAGlQNSA1MBrwDgikD8ABcAFAAVAAyABwAEEAMAAygBoAGoAPIAhgCIAEwAJ4AUgAqgBYADEAGYAOcAhgCJAFGAKUAWIAtwBhADKAGiANkAd8A-wD9AIsARgAjgBKQCggFXAK2AXMAvIBtADcAHoAQ6Ai8BIgCdgFDgLFAWwAuABcgC7QF5gMNAYwAyIBkgDJwGXAM5AZ4Az6BpAGkwNYA1kBsYA.YAAAAAAAAAAA&cmpStat=1&ccpa=1---&ccpaStat=1&ogn=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3fefff325ac5bc74bfc75a4e37bf8e7e729d9770faacbc4d93c07e82bd691b87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, VIE, Europe1
x-timer: S1660390121.597661,VS0,VE268
accept-ranges: bytes
x-served-by: cache-lga21937-LGA, cache-vie6367-VIE
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: f07fd592665482665289f797e7345f68
content-encoding: gzip
content-length: 35363
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 5fac054038d0695db9ad7760.js Show response
player.cnevids.com/script/video/ 64 KB
22 KB 135ms
135ms Script
text/javascript 99.86.240.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/script/video/5fac054038d0695db9ad7760.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_a367a365-6724-4eab-a12d-2b43970ae006_text2vec1_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false&isRightRail=true

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/interlude/arstechnica.js?isRightRail=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-20.vie50.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

d570e39b75b89e92bc0d55b390517ced259e0878067404495f96c9e92d71d54c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 11:28:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: VIE50-C1
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 21724
X-XSS-Protection: 1; mode=block
X-Request-Id: 15006fad-40b5-419d-923b-dfcad93f0fe6
X-Runtime: 0.005067
X-Backend-Node: 10.110.30.156
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"018397d319ed5f855765bef6384cb499"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 e010e3963cfd47d783f0503a3dbc3b90.cloudfront.net (CloudFront)
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Id: RpEUshtbYKJmxWtHviNJSzujGkKxK81gzLaeYpO-xjB0QH_dOaHpwA==

GET
H/1.1 200
OK 60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady94773576 Show response
player.cnevids.com/script/video/ 64 KB
22 KB 145ms
127ms Script
text/javascript 99.86.240.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady94773576

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-a3cc766e23.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-20.vie50.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

d570e39b75b89e92bc0d55b390517ced259e0878067404495f96c9e92d71d54c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 11:28:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: VIE50-C1
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 21724
X-XSS-Protection: 1; mode=block
X-Request-Id: 5fc69b2f-0f7f-4066-9a9f-61d0f1c3fb26
X-Runtime: 0.004532
X-Backend-Node: 10.110.10.54
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"018397d319ed5f855765bef6384cb499"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 e010e3963cfd47d783f0503a3dbc3b90.cloudfront.net (CloudFront)
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Id: lFd3bmum8w_B-YSKGU5oMrT0DrcCxFW8ojWfZRr06y5kAICEyUDeiA==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1621877260/ 11 KB
12 KB 203ms
89ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

0396be2ab58ec30babd0838d7e37d6407475d4361be85ee7451dbac9186add57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 1f335ab2faaa6d3c09f24b13eee05a74.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 133
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:40 GMT
Connection: keep-alive
Content-Length: 11625
Last-Modified: Thu, 20 Jan 2022 21:51:37 GMT
Server: Cloudinary
ETag: "0b80752552abdab1277829e7a4b2824a"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 0Mcio20KdLxhhLOnHMrQCDuwdmyntFy3DjCxrxH2e3p5zIdpoHE3aA==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-the-warhammer-40k-universe-answered-by-author-dan-abnett.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1620135390/ 14 KB
15 KB 226ms
100ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1620135390/arstechnica_unsolved-mysteries-unsolved-mysteries-of-the-warhammer-40k-universe-answered-by-author-dan-abnett.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

a2bd43c80adc73ae26472a90ec3bd9df44a5b7d2dafb133b8660efd800c719b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 f423b4b27c5f393b3a3ac603729301d6.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 133
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:40 GMT
Connection: keep-alive
Content-Length: 14620
Last-Modified: Thu, 20 Jan 2022 21:51:38 GMT
Server: Cloudinary
ETag: "7996e22c04be37a8677bb680607e6d12"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: qPSHtXCbi7hhDtWkuZ6UqKlQwMsqU7Z5Jmlk_ULib1FCy-KtS1WP6w==

GET
H/1.1 200
OK arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1619531614/ 5 KB
6 KB 183ms
56ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1619531614/arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

85c33811c2b04e4e02babe2fd6bd7ac0035f93e95827116429bbda2cf9c6c95d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 5d680ce98dd8de93bed1cbbbd15a6f44.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 278
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:25:03 GMT
Connection: keep-alive
Content-Length: 5242
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "cfdeb1a825aca3ca1bf9ab3727325d27"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: uASZBIzZ0VQ_VGKBJYyGdLIPBr4PoCTlFTAbQAjQz1nEZT5S7Nsifg==

GET
H/1.1 200
OK arstechnica_sitrep-boeing-707.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1615574323/ 12 KB
12 KB 174ms
47ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1615574323/arstechnica_sitrep-boeing-707.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

571479d52cd675db5573fe46973c62cba6d8224a76136fcefeb90f7dc42a6391

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 b09c9bae34dd4cc8282943c21319f752.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 194374
X-Cache: Hit from cloudfront
Date: Thu, 11 Aug 2022 05:29:06 GMT
Connection: keep-alive
Content-Length: 11899
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "49fd6cf75b5acbe4ea95126496406585"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: M1ybmbD592gzJFKKVhJGFfjU_mimGnMeAg-a1qYeuKxsvJAm-4c0MQ==

GET
H/1.1 200
OK arstechnica_steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1611089409/ 16 KB
17 KB 244ms
115ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1611089409/arstechnica_steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

06b33c040105224101afcdaacd82b6dfb3ea1bf9ef3d7478cf5fa163a0ad65e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 29241b755d58e5d5a8e1a24549cddd72.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 84
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:40 GMT
Connection: keep-alive
Content-Length: 16317
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "4796345150de82db7572da4e13d5fbc1"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 9C1bDTxEAUPFLMs6hqj5ycMuEuLiDEaBq8ekdQZAPR7e34KKahO17Q==

GET
H/1.1 200
OK arstechnica_modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1607984287/ 14 KB
15 KB 226ms
97ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1607984287/arstechnica_modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

de5e37739b5797e8ba9dba4a2dcb65f37c36a65fe839cb306162e21c74ba166e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 ae2c0b9c10da68dd435320c2e9c67f10.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 133
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:40 GMT
Connection: keep-alive
Content-Length: 14171
Last-Modified: Thu, 20 Jan 2022 21:51:37 GMT
Server: Cloudinary
ETag: "7f2bf661d68cedfcf91542c6e1dab7c6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: x-g78BqVoH40avPsJMBveu6RA5HTRnQb11zfBmG6jx63XyhaVcajMQ==

GET
H/1.1 200
OK arstechnica_war-stories-gail-tilden.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603899385/ 15 KB
15 KB 113ms
113ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603899385/arstechnica_war-stories-gail-tilden.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

7d91c04c657709af03f6dad61d375c3208d18ab5ff7851c2472007dc05201342

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 b09c9bae34dd4cc8282943c21319f752.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 133
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:40 GMT
Connection: keep-alive
Content-Length: 15071
Last-Modified: Thu, 20 Jan 2022 21:51:38 GMT
Server: Cloudinary
ETag: "1f4aa6187c59e6ed79d0c3a2a0bc19d9"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 4hL9i8aX14oj5XqLlIkdMmywGLgdTRlvUdRfwL0Lt-FTdE8bD90JIA==

GET
H/1.1 200
OK arstechnica_personal-history-scott-manley.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603123470/ 14 KB
15 KB 48ms
47ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603123470/arstechnica_personal-history-scott-manley.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1f466b08649eef5ad16c20f6d7207bf8818cb107b6241950dbc568cdffc03d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 5d680ce98dd8de93bed1cbbbd15a6f44.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 229
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:25:03 GMT
Connection: keep-alive
Content-Length: 14113
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "963bf0b22c745f95a06f32ee1317b872"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: K4qKLjb8DQZOUlRRihy6AnhXLl667tmqxEqUPr78Ma8DAUKKDgXLfQ==

GET
H/1.1 200
OK arstechnica_scare-tactics-thomas-grip.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1602524702/ 15 KB
15 KB 101ms
101ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1602524702/arstechnica_scare-tactics-thomas-grip.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

617e0f9fee7ef0ca891735246b4b5a61caa3622db4a4256685b061c9f43bd053

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 1f335ab2faaa6d3c09f24b13eee05a74.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 133
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:40 GMT
Connection: keep-alive
Content-Length: 15079
Last-Modified: Thu, 20 Jan 2022 21:51:38 GMT
Server: Cloudinary
ETag: "d57f99149a48173e30de572cfa48ed93"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: RsrNs1mWBtgqflPi6ms7NsfmDtliGPYWbqTFZdF6bHIhOmNJHojqHg==

GET
H/1.1 200
OK arstechnica_personal-history-lgr.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1600711530/ 14 KB
15 KB 110ms
109ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1600711530/arstechnica_personal-history-lgr.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

29637e0647104ccc5d5583e652db29ce99e947c858c3d9502960e7ea7f1aea19

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 ae2c0b9c10da68dd435320c2e9c67f10.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 83
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:40 GMT
Connection: keep-alive
Content-Length: 14772
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "4049b10cd3281951b01beb4f36134234"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: _RD0WCPItfGTHHLDvnbYjfi60VsKB9uSPuR2okYX4fhY2PJisHSY-g==

GET
H/1.1 200
OK arstechnica_the-f-35-s-next-tech-upgrade.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1598890591/ 3 KB
4 KB 42ms
41ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1598890591/arstechnica_the-f-35-s-next-tech-upgrade.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3b0209841325362235c221628e471145726897e4e1c9b210b6e6b2217fdf2ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 5d680ce98dd8de93bed1cbbbd15a6f44.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 198968
X-Cache: Hit from cloudfront
Date: Thu, 11 Aug 2022 04:12:32 GMT
Connection: keep-alive
Content-Length: 3374
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "3f16924a1fdff64e971a0491115fc147"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: AMbsikMPTisQ7cA_CeeWlalYmPjHZZbnvv7kkyAClRr6jlkSHqYaUQ==

GET
H/1.1 200
OK arstechnica_war-stories-diablo.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1597686086/ 14 KB
15 KB 100ms
99ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1597686086/arstechnica_war-stories-diablo.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

aa3b9513abbbf65a2c8483122648fce1b39b1afa2a69bdf863242f1411baba58

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 f423b4b27c5f393b3a3ac603729301d6.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 133
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:40 GMT
Connection: keep-alive
Content-Length: 14667
Last-Modified: Thu, 20 Jan 2022 21:51:39 GMT
Server: Cloudinary
ETag: "d4de63ae8b9ef5b77ad58eaae97d7d02"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: vL0ubbf12MhsgzIJbZjxDJ7lT_b0aLuwZUCrGD1Y5glUPlSv1N9PbA==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-mortal-kombat.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1596476950/ 11 KB
12 KB 112ms
112ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1596476950/arstechnica_unsolved-mysteries-unsolved-mysteries-mortal-kombat.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

0b5c6a8d4a856db56da956eced8af9a5eb6e0a89dc67de5ffc4c83513472a3cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 29241b755d58e5d5a8e1a24549cddd72.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 133
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:40 GMT
Connection: keep-alive
Content-Length: 11486
Last-Modified: Thu, 20 Jan 2022 21:51:38 GMT
Server: Cloudinary
ETag: "7a8a596aae95c9a900261808554523e6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: WVNKLhQCQoH9qF_h4GfXuV6dPE0LjKIIUclAzBooZ3Qer-ZoBu3C8A==

GET
H/1.1 200
OK arstechnica_us-navy-gets-an-italian-accent.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1595427354/ 6 KB
7 KB 44ms
44ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1595427354/arstechnica_us-navy-gets-an-italian-accent.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

85db95dbe15c810a710ca6d9094a2a29f2eeea05791cc7aaab7af8939684b978

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 5d680ce98dd8de93bed1cbbbd15a6f44.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 105312
X-Cache: Hit from cloudfront
Date: Fri, 12 Aug 2022 06:13:28 GMT
Connection: keep-alive
Content-Length: 6124
Last-Modified: Thu, 20 Jan 2022 21:51:46 GMT
Server: Cloudinary
ETag: "51113bf4443c0cf453d0e8bf60489ac7"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: BvURB2FtxIDpm5CkBl8_MT8wY_XyL6hiu-rGAvq6JsXBuy4Fe82a6g==

GET
H/1.1 200
OK arstechnica_war-stories-war-stories-undone-w-slash-hisko-hulsing.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1594656439/ 10 KB
11 KB 95ms
94ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1594656439/arstechnica_war-stories-war-stories-undone-w-slash-hisko-hulsing.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e74b9cb9d8871d300d2a1d36ce2cd00dfbfe0c5d8066d1d415c4ce620a919d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 b09c9bae34dd4cc8282943c21319f752.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 81
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 10345
Last-Modified: Thu, 20 Jan 2022 21:52:15 GMT
Server: Cloudinary
ETag: "60622b64688dbb49917234d4091856fb"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: Ko8inSVG35kC9-JsgYNFNmX2PpRYHsv3aZyHFz4GEK1ct5qVYx2EuA==

GET
H/1.1 200
OK arstechnica_fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1593453234/ 15 KB
16 KB 47ms
47ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1593453234/arstechnica_fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

9431bc6d1a6d036a70c92dfc9000d7965f939671a59705bdd01c3e652048ed9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 1f335ab2faaa6d3c09f24b13eee05a74.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 113332
X-Cache: Hit from cloudfront
Date: Fri, 12 Aug 2022 03:59:49 GMT
Connection: keep-alive
Content-Length: 15307
Last-Modified: Thu, 20 Jan 2022 21:49:07 GMT
Server: Cloudinary
ETag: "324e15e8b7d3edd23ffbf5df0a1a9e77"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: iTaU5Q9Hu7SKmFPaZKZIG-MRTAZt27j52bvYt2UfDW4qy_KjmY3Plg==

GET
H/1.1 200
OK arstechnica_war-stories-war-stories-nba-jam.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1592315288/ 14 KB
15 KB 107ms
107ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1592315288/arstechnica_war-stories-war-stories-nba-jam.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

5be5b0170ad4bbd2be91182d137933e7de9c7e86b09ec855a4bac015ebfd746f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 5d680ce98dd8de93bed1cbbbd15a6f44.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 134
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 14149
Last-Modified: Thu, 20 Jan 2022 21:51:39 GMT
Server: Cloudinary
ETag: "bd63326fa81d10df9e2da1245d3c122c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: pEOS-Qbwms6tmvcUDWIghh3b58hnd98urR_TMUUsVPjvRxdNnOooZg==

GET
H/1.1 200
OK arstechnica_linus-tech-tips-reacts-to-his-top-1000-youtube-comments.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1591804041/ 9 KB
10 KB 109ms
109ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1591804041/arstechnica_linus-tech-tips-reacts-to-his-top-1000-youtube-comments.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e8830a414dfeb4c0e0f519d3419f69849df9226f329357c938333dbf2c956f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 ae2c0b9c10da68dd435320c2e9c67f10.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 85
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 9054
Last-Modified: Thu, 20 Jan 2022 21:49:07 GMT
Server: Cloudinary
ETag: "b17d3aab70cb56fbf2df892c8415ab16"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: JiycNBx59ODf1W6jcqN_qrhGOZH23OLpZ3ujQG928gx6kR3i_Lt62w==

GET
H/1.1 200
OK arstechnica_war-stories-how-alan-wake-was-rebuilt-3-years-into-development.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1589408118/ 11 KB
11 KB 112ms
110ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1589408118/arstechnica_war-stories-how-alan-wake-was-rebuilt-3-years-into-development.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3f2cf5f857c617761a251ceef8f6ed452a7690e21f16eff0a70dddf9beea8633

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 f423b4b27c5f393b3a3ac603729301d6.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 134
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 10817
Last-Modified: Thu, 20 Jan 2022 21:51:39 GMT
Server: Cloudinary
ETag: "9417ada34c9b6b07ccd41a463b717969"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: y2klxBjesDpcMpEKNFrVMhQurUXyM5X24GU5dkJLCzOo1fvEc_Atig==

GET
H/1.1 200
OK arstechnica_war-stories-prince-of-persia.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1584454477/ 15 KB
16 KB 113ms
112ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1584454477/arstechnica_war-stories-prince-of-persia.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

56f8838a24cb0cc47dc34a19d6b84d6ce8bf8086b1682bbb990abc13b1e2da65

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 29241b755d58e5d5a8e1a24549cddd72.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 134
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 15682
Last-Modified: Thu, 20 Jan 2022 21:51:39 GMT
Server: Cloudinary
ETag: "e9cccef2a4a4cf217be0ba162f6b4296"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: ja7sdZ4vDpwOb82EFuPyA2MhyDQFF1yWVI6Bl2cZJy6mClroJWZHgQ==

GET
H/1.1 200
OK arstechnica_war-stories-how-crash-bandicoot-hacked-the-playstation-to-run.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582755533/ 17 KB
18 KB 90ms
89ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582755533/arstechnica_war-stories-how-crash-bandicoot-hacked-the-playstation-to-run.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

46a9ddb1f206a46900872e0a832750ae06925528f81883a3d3517fdb42aefb6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 1f335ab2faaa6d3c09f24b13eee05a74.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 134
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 17475
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "7588b83c6eb2a1165344abad7e12e715"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: C5YKod0KjD_I70xV-dFsFjkMKEnfTxutDk7idYxJsWyi_ooz4eQCjw==

GET
H/1.1 200
OK arstechnica_war-stories-myst.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1580223113/ 13 KB
14 KB 109ms
108ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1580223113/arstechnica_war-stories-myst.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1bf55bc00dbf13180884211c3d301729e67b81f3456225c1fbf97d271d636509

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 b09c9bae34dd4cc8282943c21319f752.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 134
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 13522
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "ed8c6a9aa19e7d5c7aa46a3aead23a87"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: aYbwXWItzMHoCriJDdbjTnVLlvOvruXrtxqRGR2gCGdzlcypRFwCtw==

GET
H/1.1 200
OK arstechnica_markiplier-reacts-to-his-top-1000-youtube-comments.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1579194313/ 9 KB
9 KB 113ms
113ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1579194313/arstechnica_markiplier-reacts-to-his-top-1000-youtube-comments.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e336ff50623cff960c2396944be4392139f63dcc032e5f3428d81489fdfe697a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 5d680ce98dd8de93bed1cbbbd15a6f44.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 134
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 8832
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "2bad386c14ac040d530ceb2ae89c8bbb"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 0e6OJD4pzVyfpguZXn5eS5alL8NhN77QDGxJ-pJmuYMTP3xW3qZ1_A==

GET
H/1.1 200
OK arstechnica_war-stories-war-stories-oddworld.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582815531/ 12 KB
13 KB 176ms
175ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582815531/arstechnica_war-stories-war-stories-oddworld.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1097abb6f0992cccc79428374463e7f23b99dae5eb85d7317b20bd57c96031bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 ae2c0b9c10da68dd435320c2e9c67f10.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 133
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 12614
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "4a7903cbe66890b5688d843661943ccd"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: PuxVERupLai5RrAz7vCNI-spQdh8U_5U0UiGCUDkz70eUIw2OPZsdQ==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1573140819/ 11 KB
12 KB 102ms
101ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1573140819/arstechnica_unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

de24551bd4396fc8579b2d87ce01944553dd48fb52775d14373725a50efa0c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 f423b4b27c5f393b3a3ac603729301d6.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 81
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 11417
Last-Modified: Thu, 20 Jan 2022 21:52:15 GMT
Server: Cloudinary
ETag: "3e8509d06c6610d54babcac0d91e5d93"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: vUDX4BVzFGn-3GjNKLdLE-r2wvqLbiPAQ5ecOq71Isc8Ma5G7GhOZQ==

GET
H/1.1 200
OK arstechnica_war-stories-civilization.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1569003425/ 16 KB
17 KB 91ms
90ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1569003425/arstechnica_war-stories-civilization.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1c7dcc8216c6f82da2998ceeac2523632c7f9bffe510824b6d082621201f2012

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 1f335ab2faaa6d3c09f24b13eee05a74.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 133
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 16236
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "72002610618f7bf8bf0e52c760e39897"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: P2twimR3jpotJ5ZdqOqwezpHJHOtdybCPh8-2yQ_DAMRK1vmQpUJCg==

GET
H/1.1 200
OK arstechnica_sitrep-dod-resets-ballistic-missile-interceptor-program.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1568662260/ 11 KB
11 KB 41ms
41ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1568662260/arstechnica_sitrep-dod-resets-ballistic-missile-interceptor-program.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

7fc88c65d46e83b3f3e9f098f05fd639480332fc3718cd714725e2e4633af4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 29241b755d58e5d5a8e1a24549cddd72.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 193550
X-Cache: Hit from cloudfront
Date: Thu, 11 Aug 2022 05:42:51 GMT
Connection: keep-alive
Content-Length: 10793
Last-Modified: Thu, 20 Jan 2022 21:51:46 GMT
Server: Cloudinary
ETag: "0e1ff58ccf6d97759de3d774a7ff835a"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 4UAIumDYUwjYMuM-sxrvS5Bx3JG-Jln9udYuCjCdqCSQP-tKg6gRPA==

GET
H/1.1 200
OK arstechnica_warframe-reviews.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1561556730/ 14 KB
15 KB 105ms
105ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1561556730/arstechnica_warframe-reviews.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

83a366075eb2387c6d9f848f42b08df0546027333eccf5813edf95ba45709be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 b09c9bae34dd4cc8282943c21319f752.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 133
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 14837
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "1d90d6aef7585f963e1270a1a02a4dd4"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 0-RDtjMPqecWYOA93ELpPq2qDM6rAGhitxwoxt5TlGfTPZzD4wAt5Q==

GET
H/1.1 200
OK arstechnica_war-stories-subnautica.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559747425/ 15 KB
16 KB 111ms
110ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559747425/arstechnica_war-stories-subnautica.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

20660a9ef7ec454c15b2dc62b3db084e0cc9f74c5bb6de71a96fb1a54aef00f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 29241b755d58e5d5a8e1a24549cddd72.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 133
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 15222
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "8c45b6c645caba59f4b14d3fbdc09062"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: Op98zc6yi0MixSsKOBBoDcce0ggsBP0AoQVDnrfMa4CIC1GCY8KUaQ==

GET
H/1.1 200
OK arstechnica_war-stories-slay-the-spire-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556741487/ 15 KB
16 KB 115ms
114ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556741487/arstechnica_war-stories-slay-the-spire-war-stories.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

f9d9e96c4439beeca49a1a10f9dffe6f5cd0b604d13aa13af170d0bc62d8ca1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 5d680ce98dd8de93bed1cbbbd15a6f44.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 133
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 15634
Last-Modified: Thu, 20 Jan 2022 21:51:41 GMT
Server: Cloudinary
ETag: "abee90e53f29ba0127fca9442ab50902"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: cS8kHgyljHZB2CaBDYvY0IYUvHqa7cS7ePHiUaVqlVu5lx-lN0k4qg==

GET
H/1.1 200
OK arstechnica_war-stories-amnesia-the-dark-descent-the-horror-facade.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1555359865/ 15 KB
16 KB 91ms
91ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1555359865/arstechnica_war-stories-amnesia-the-dark-descent-the-horror-facade.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1defb6bc54a7ee9c066136908360e8455c23ee9ad0dec9924e7255d7948cd4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 1f335ab2faaa6d3c09f24b13eee05a74.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 133
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 15251
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "3e7cdc13e718680bf5e1efa64468b560"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 84RQ32IX6phCYtpmNIy504oKEN0vJuxdAsz3UtaTXIPIXFVc-SZDfg==

GET
H/1.1 200
OK arstechnica_war-stories-c-and-c-tiberian-sun.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/ 19 KB
19 KB 95ms
95ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/arstechnica_war-stories-c-and-c-tiberian-sun.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 f423b4b27c5f393b3a3ac603729301d6.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 133
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 19022
Last-Modified: Thu, 20 Jan 2022 21:51:41 GMT
Server: Cloudinary
ETag: "fe52b9acd391d8bee8de15a0f429b377"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: LLAS0L1Ydjb-0OVa7ASSJo_rN2bbeNBYroVPqUuhRIcrZ9CuR8UoMw==

GET
H/1.1 200
OK arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/ 18 KB
18 KB 103ms
103ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 b09c9bae34dd4cc8282943c21319f752.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 133
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 18172
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "32f1b8954559c8d598e9861f5b8360b9"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: H9sVlCl54uGh3A2VpL6fNVHKz2QttndZ8gsyeQ26i3QD4vpW-YNp2g==

GET
H/1.1 200
OK arstechnica_war-stories-dead-space-the-drag-tentacle.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/ 7 KB
8 KB 43ms
43ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/arstechnica_war-stories-dead-space-the-drag-tentacle.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 ae2c0b9c10da68dd435320c2e9c67f10.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 77842
X-Cache: Hit from cloudfront
Date: Fri, 12 Aug 2022 13:51:19 GMT
Connection: keep-alive
Content-Length: 7393
Last-Modified: Thu, 20 Jan 2022 21:51:41 GMT
Server: Cloudinary
ETag: "17a6e4b5eb75eb12f5d8c89eb3d0ace8"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: qI2FraElLcyhTxeSfPj_KPQcyjukkNAwe_P1tNNIkUJCOHqLhLn3gg==

GET
H/1.1 200
OK arstechnica_teach-the-controversy-flat-earthers.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/ 10 KB
11 KB 115ms
115ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/arstechnica_teach-the-controversy-flat-earthers.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 29241b755d58e5d5a8e1a24549cddd72.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 210
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 10595
Last-Modified: Thu, 20 Jan 2022 21:52:14 GMT
Server: Cloudinary
ETag: "6c0c4f8a9d61ed2b5863a8058c624a37"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 6TOcBgy_6nU-V1RAw6EcPbERgg_t4GPts2wewdr4j5PR_q8bGis9Ww==

GET
H/1.1 200
OK arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/ 12 KB
13 KB 101ms
100ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 1f335ab2faaa6d3c09f24b13eee05a74.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 210
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 12509
Last-Modified: Thu, 20 Jan 2022 21:52:14 GMT
Server: Cloudinary
ETag: "b9c502ffc902b60d0eb13698b37a945d"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: eZDgh2PMIh3opa86NaPOzHBY61b4z05WZsqN5FnuNAdIbruYwak_sw==

GET
H/1.1 200
OK arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/ 7 KB
8 KB 42ms
42ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 5d680ce98dd8de93bed1cbbbd15a6f44.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 1333710
X-Cache: Hit from cloudfront
Date: Fri, 29 Jul 2022 01:00:10 GMT
Connection: keep-alive
Content-Length: 7181
Last-Modified: Thu, 20 Jan 2022 21:52:14 GMT
Server: Cloudinary
ETag: "0549828edcecd339d8d10ebe6119de70"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: QzG-oj2hWuwNUwqBD4IMJg-AHEX1NklGWxp9QsAroxWY1nrv0SzNhw==

GET
H/1.1 200
OK arstechnica_apollo-mission-episode-1.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/ 14 KB
14 KB 101ms
101ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/arstechnica_apollo-mission-episode-1.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 f423b4b27c5f393b3a3ac603729301d6.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 81
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 14040
Last-Modified: Thu, 20 Jan 2022 21:52:14 GMT
Server: Cloudinary
ETag: "ecc047c6eed3dc571a78eab647201220"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: ReVa1Dp2TPFBc5x8IEO0IsY1VJYjEolh1ikEN_t-gDKQ_1va5MQDcg==

GET
H/1.1 200
OK arstechnica_richard-garriot-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/ 14 KB
14 KB 118ms
117ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/arstechnica_richard-garriot-war-stories.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 ae2c0b9c10da68dd435320c2e9c67f10.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 133
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 13885
Last-Modified: Thu, 20 Jan 2022 21:51:41 GMT
Server: Cloudinary
ETag: "13d45a1733ad4d2f3ae707584d6a8a32"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: -N-rGxZCF-UcxBH6Lki62O-04JyL0BaqEu168wwvyUOf2kGzYAXbiw==

GET
DATA 200
OK truncated
/ 408 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 400
Bad Request embed-api.json Show response
player.cnevids.com/ 50 B
955 B 460ms
433ms Fetch
application/json 99.86.240.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/embed-api.json?videoId=5fac054038d0695db9ad7760&playerType=interlude&embedLocation=arstechnica

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5fac054038d0695db9ad7760.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_a367a365-6724-4eab-a12d-2b43970ae006_text2vec1_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false&isRightRail=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-20.vie50.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

82f3834d998aae8cd5b9c9e5b1334404bac616f33a47072dbf034b6e177a4baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 11:28:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: VIE50-C1
X-Cache: Error from cloudfront
Status: 400 Bad Request
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 75
X-XSS-Protection: 1; mode=block
X-Request-Id: ab4872e9-89ab-4dd6-8baa-b0ff821bb25c
X-Runtime: 0.002576
Access-Control-Allow-Origin: *
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Via: 1.1 2a3d03f915cb6d29f35b8f9edd3b1956.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control: no-cache
X-Amz-Cf-Id: kB0zShVaV0fkgqDqKGqNDvopqHEjXcmhDTSvYt9XMl0n-tlS2L37qQ==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 4C1A 375 KB
125 KB 56ms
20ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e083bdb3ff06c71a5ac92ecadf7a268e26dacf715baae6e84a6a3f3711366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127744
x-xss-protection: 0
expires: Sat, 13 Aug 2022 11:28:40 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 84 KB
31 KB 45ms
9ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe93939200848242cd5fc5450d5e39d22048d6fb1b88ad1cb471cbe0006a78d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30899
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 18:37:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Sat, 13 Aug 2022 11:42:26 GMT

GET
H/1.1 200
OK player-style-b53d54db9671e9d427bd.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame 4C1A 90 KB
13 KB 71ms
14ms Stylesheet
text/css 13.32.11.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-b53d54db9671e9d427bd.css
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5fac054038d0695db9ad7760.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_a367a365-6724-4eab-a12d-2b43970ae006_text2vec1_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false&isRightRail=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c26965b3758255462804203b738f7b446de4a66ec96fa8095a0dcc52b334918

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 03 Jul 2022 12:20:48 GMT
Content-Encoding: gzip
Age: 3539273
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 12888
Last-Modified: Wed, 11 May 2022 18:53:17 GMT
Server: AmazonS3
ETag: "fa4f9cf006104ef494127316840b2ea8"
x-amz-version-id: DdN5Y84Atx5yhBQvA82BKCNxeoeewWoR
Via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
X-Amz-Cf-Pop: VIE50-C2
Accept-Ranges: bytes
Content-Type: text/css; charset=utf-8
X-Amz-Cf-Id: -9AF_v7MJ5_ImvgQzZfe4NjsEJZwOFU-Mmqh1YZvDjGVgBjKRxaVPg==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK main-4cae1b3e6f0feb2058c1.js Show response
d2c8v52ll5s99u.cloudfront.net/player/ Frame 4C1A 826 KB
225 KB 34ms
14ms Script
application/javascript 13.32.11.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4cae1b3e6f0feb2058c1.js
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5fac054038d0695db9ad7760.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_a367a365-6724-4eab-a12d-2b43970ae006_text2vec1_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false&isRightRail=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f38ff54055f161d95dce36786c8004c1a98d456155ed32540b540e4b90fdd9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:35:48 GMT
Content-Encoding: gzip
Age: 1356773
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 230163
Last-Modified: Thu, 28 Jul 2022 18:24:01 GMT
Server: AmazonS3
ETag: "550d0f79315f6cf0420c2584bddcf166"
x-amz-version-id: xdPxlyt8CG69DFiNVWY2k4TnMe4lcMH_
Via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
X-Amz-Cf-Pop: VIE50-C2
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: -IAEeNp7Eidldf5db_h-csiMzdtevZEeiEKavRd883Qe5l08ZFBsjQ==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
575 B 61ms
28ms XHR
text/plain 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=383250&u=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 13 Aug 2022 11:28:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wGqQkoh3%2FvEUrkXqWxltCdkjqmo4RGFUsbx0UjxT7P%2F2bw3CCJGRBdCebU4TdlOW9fXWmQsdrL%2FePbU6tPXCY6PCztfWoruMHlSqD4heF6lkqnhnngZa4BRn2gcE%2FwFKURjB0H8Q83g%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 73a11bced8a869a3-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200
OK embed-api.json Show response
player.cnevids.com/ 11 KB
5 KB 39ms
14ms Fetch
application/json 99.86.240.20
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/embed-api.json?videoId=60abade4dc31e5375248cba6&embedLocation=arstechnica

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady94773576

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

99.86.240.20 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-240-20.vie50.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

3399efa4756f80b55d8c0a86353a1cecf23d28555be239cc6d8efd6dc86b328b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 11:28:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Age: 27
X-Cache: Hit from cloudfront
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 3704
X-XSS-Protection: 1; mode=block
X-Request-Id: 22b3e737-dc73-4100-9470-cece3d689e56
X-Runtime: 0.012293
X-Backend-Node: 10.110.124.231
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"5224e4289a429a5e27fdc832bfce33e2"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Via: 1.1 a776ddd883fba0ca203b52822fb50572.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control: max-age=300, public
X-Amz-Cf-Pop: VIE50-C1
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: zUBY8P5hYoeX2NWomU_5ri86lycoG4LsRAWdlspQ6iXIu3RyR9ecHA==

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 372A 375 KB
125 KB 34ms
17ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady94773576

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64e083bdb3ff06c71a5ac92ecadf7a268e26dacf715baae6e84a6a3f3711366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127744
x-xss-protection: 0
expires: Sat, 13 Aug 2022 11:28:40 GMT

GET
H/1.1 200
OK player-style-b53d54db9671e9d427bd.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame 372A 90 KB
13 KB 14ms
13ms Stylesheet
text/css 13.32.11.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-b53d54db9671e9d427bd.css
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady94773576
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c26965b3758255462804203b738f7b446de4a66ec96fa8095a0dcc52b334918

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sun, 03 Jul 2022 12:20:48 GMT
Content-Encoding: gzip
Age: 3539273
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 12888
Last-Modified: Wed, 11 May 2022 18:53:17 GMT
Server: AmazonS3
ETag: "fa4f9cf006104ef494127316840b2ea8"
x-amz-version-id: DdN5Y84Atx5yhBQvA82BKCNxeoeewWoR
Via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
X-Amz-Cf-Pop: VIE50-C2
Accept-Ranges: bytes
Content-Type: text/css; charset=utf-8
X-Amz-Cf-Id: v4mg9Cx0-VrJyTBG6q8iezORrIkcz6PTlUxfr980ozxplGD6Qs7Amw==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK main-4cae1b3e6f0feb2058c1.js Show response
d2c8v52ll5s99u.cloudfront.net/player/ Frame 372A 826 KB
225 KB 15ms
13ms Script
application/javascript 13.32.11.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4cae1b3e6f0feb2058c1.js
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady94773576
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1f38ff54055f161d95dce36786c8004c1a98d456155ed32540b540e4b90fdd9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Thu, 28 Jul 2022 18:35:48 GMT
Content-Encoding: gzip
Age: 1356773
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 230163
Last-Modified: Thu, 28 Jul 2022 18:24:01 GMT
Server: AmazonS3
ETag: "550d0f79315f6cf0420c2584bddcf166"
x-amz-version-id: xdPxlyt8CG69DFiNVWY2k4TnMe4lcMH_
Via: 1.1 881b12332738e10f6e80298fbdcd7e8e.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
X-Amz-Cf-Pop: VIE50-C2
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: 4ADE21o3R-PuTabp69tKjIw7S7hWqqqLZrtOnAWG8PQpVF_jPG14OA==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
BLOB 200
OK fef883e6-41be-48f0-8db0-1a04bf795317
https://arstechnica.com/ Frame 4C1A 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/fef883e6-41be-48f0-8db0-1a04bf795317
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 16ms
16ms Image
image/png 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1656855974.293667"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Mon, 12 Sep 2022 11:28:40 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 17ms
16ms Image
image/svg+xml 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Mon, 12 Sep 2022 11:28:40 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 387ms
88ms Fetch
text/plain 64.202.112.127
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=67552963a847da9c03a8f8c5c1b23c91_6817_1660390120796&tm=730&eT=0&widgetWidth=1220&widgetHeight=235&widgetX=190&widgetY=4909&wRV=2000853&pVis=1&lsd=-1&eIdx=&ccpa=1---&cnsntV2=CPdpR8APdpR8AAcABBENCcCgAAAAAAAAAChQAAAAAAJggAIBGAgDkAAQABoAHAAeABcAD4ALQAfABGACSAFsAMQAfwBIgCuAF8ANQAbQA4gByADnAHUAPkAf4BAwCDgEiAJ-AUMApYBhADqgIbAQ-Ai8BHoCQgErAJtAWEAuIBdAC6gF2gLyAYFAw8DEAGLAMhAZQA0IBowDSgGpgNoAbcA3QBwQSCOAAgABcAFAAVAAyABwADwAIAAYAAygBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCQCGAIkAR0AlgCXAE0AKUAW4AwwBkADLAGyAO-AewB8QD7AP0AgEBFwEYgI0AjgBKQCggFPAKuAXMAxQBrADaQG4AbwA9AB8gEOgJEATEAmUBOwChwFIgKaAWKAtABbAC5AF3gLzAYMAwkBhsDIgMkAZOAy4BnIDPgGkQNYA1kMAeAAMAAsAC4ARgAkgBPgCoAKoAWwAxABvAFIANKAagBqgDiAJaAUsA2QB1AENgIvASEAocBYgC4gGBAMPAYsAyMBoQDdA0B4AKwAXABDADIAGWANkAdgA_ACAAEFAIwAU8Aq8BaAFpANYAbwA6oB8gEOgIqASIAnYBSIC5AGEgMYAZOAzkBngDPhAB0AAwACwALgA1ACMAEkAJ4AVQAtgBiADeAKQAagA4gB8gEiAJaAUuA3ADeAIbAReAkIBQ4C4gGBAMPAYsA0IBugiAuAFYAQwAyABlgDZAHYAPwAgABGACngFXANYAdUA-QCHQEiAJ2AUiAuQBhIDJwGcgM-FQFQAKABDACYAFwARwAywB2AEcAKvAWgBaQDeAJBATEAtgBcgC8wGRAM5AZ4Az4BuQoAoAGIATIApABlQDUANUAbQA4gByADwAIKAS0ApYB1QEegLEAYEAw8BmgDQgGvDACoANQAxACZAFIAMoAagA2gBxADkAHgAS0ApYBYgDqgI9AScAsQBeQDAgGHgNCGQEgAhgBMAEcAMsAdgA-wCOAFXAK2AbwBMQC0QFsALzAZEAzkBngDPhwF8AAQABgAEQAOAA8AC4AHwAWgA5gB-AIIARgAtgBdAC-AGQANAAfwBCACRAE6AKQAWYAvgBlgDSgGoAaoA2gBxADkAHOAOoAdgA7gB8wEAAQWAg4CEAERAJEAS0Am0BPgE_AKWAVAArIBbQC9QGAAYEAwgBmQDWAGvAN4AceA5wDpAHVAPIAfIBCACG4EPgRAAiIBHoCQoErASuAmIBMoCbQFCgKQAUmApgBUwCqoFbAV2AsoBaQC1AFxQLoAuoBewC-gGBQMPAxABiwDIQGUAMvAaFA0UDRgGlANNAamA14BtADbAG3DoKwAC4AKAAqABkADgAIAAXQAwADKAGgAagA8AB9AEMARAAmABPgCqAKwAWAAuABiADMAG8AOYAeoBDAETAJYAmABNACjAFKALEAW8AwgDDgGQAZQA0QBsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWmAuYC6gF5AMUAbQA3EB0wHUAPQAh0BFQCLwEggJEASoAnYBQ4CmgFWALFAWwAuABcgC7QF3gLzAYMAwkBhoDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNYAbGQAagAIACCAF8ANAAfwBIgCkAFuAL4AZcA1ADVAG0AOIAcgA5wB2ADwAIKAT4ApYBWQCxAGAAMIAZkA3gBzgDqgHbAQ-Aj0BIQCTgErgJiATaAoUBSACkwFbALaAXQAvIBewDAgGHgM0AaEA0UBpQDUwG2ANuIQMwAFgAUAAyAC4AGIAQwAmABVAC4AGIAMwAbwA9ACOAFiAMIAZQA3wB3gD7AH-ARwAlIBQQCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAKaAWKAtEBbAC4AFyALtAZEAycBnIDPAGfANEAaSA0sBwBIBOAAIAAwADgALgA5ACoAGQAN4AhABIgCkgFyAXwAywBpADUAG0AO4AgABBwCEgEtAJ8AVAArIBrwDeAHVAPsAlYBNoCkwFlALSAXsAw8BiIDFgGlANyJQMgAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADNAIYAiQBHACjAFKALcAYQAygBsgDvAH4ARwAk4BTwCrwFoAWkAuoBigDcAHUAPkAh0BFQCLwEiALFAWwAu0BeYDIgGTgMsAZyAzwBnwDSAGsAOAKASgABAAGAAuAB8AFoAOQAfgBGACoAFYAL4AZAA2wBvAHIAQgAjgBIgCZAE6AKSAXIBfADLAGkANQAa4A2gBxADnAHUAO4AeAA-QCAAEHAISARUAkQBJwCWgE2gJ8An4BSwCsgFiALqAYCAwgDFAGvAN4AdUA7YB5AD5AH_AR6AmIBMoCbQFIAKYAVMArYBXYC0AF5AL6AYEAw8BiwDRAGlQNSA1MBrwDgikD8ABcAFAAVAAyABwAEEAMAAygBoAGoAPIAhgCIAEwAJ4AUgAqgBYADEAGYAOcAhgCJAFGAKUAWIAtwBhADKAGiANkAd8A-wD9AIsARgAjgBKQCggFXAK2AXMAvIBtADcAHoAQ6Ai8BIgCdgFDgLFAWwAuABcgC7QF5gMNAYwAyIBkgDJwGXAM5AZ4Az6BpAGkwNYA1kBsYA.YAAAAAAAAAAA&cheq=0&rtt=425&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.127 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sat, 13 Aug 2022 11:28:41 GMT
content-encoding: gzip
X-TraceId: b73802bde06039417120eb0b21a8fc25
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 clip.js Show response
widgets.outbrain.com/nanoWidget/2000853/module/ 1 KB
1 KB 16ms
16ms Script
application/x-javascript 184.51.9.223
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000853/module/clip.js?e=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.223 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-223.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 95270a944e1c44e868283da6f91f9e4a32de071cad47e116958d0759f2e13a9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:40 GMT
content-encoding: gzip
last-modified: Thu, 11 Aug 2022 08:20:21 GMT
server: AkamaiNetStorage
etag: "8b2f9221122ebff2b69ff51edcfe237b:1660207215.588519"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 701
expires: Sat, 13 Aug 2022 15:28:40 GMT

GET
H2 200 eyJpdSI6IjNiNmFmYzMyNTQ3OTVlMDAyMjlkNGQzNTllZDZjOWU0ZWZlZjhlNGQyYTNhZTdjY2FlMWRiMzE0NTFhZGEzY2MiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 73 KB
73 KB 103ms
15ms Image
video/mp4 23.202.54.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNiNmFmYzMyNTQ3OTVlMDAyMjlkNGQzNTllZDZjOWU0ZWZlZjhlNGQyYTNhZTdjY2FlMWRiMzE0NTFhZGEzY2MiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.54.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-54-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:41 GMT
last-modified: Tue, 26 Jul 2022 14:23:38 GMT
access-control-allow-methods: GET,POST
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=973364
access-control-allow-credentials: false
x-traceid: b308edf82a3cacee71604bd2ab8e0e30
timing-allow-origin: *, *
content-length: 74364

GET
H2 206 eyJpdSI6IjNiNmFmYzMyNTQ3OTVlMDAyMjlkNGQzNTllZDZjOWU0ZWZlZjhlNGQyYTNhZTdjY2FlMWRiMzE0NTFhZGEzY2MiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 73 KB
73 KB 112ms
33ms Media
video/mp4 23.202.54.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNiNmFmYzMyNTQ3OTVlMDAyMjlkNGQzNTllZDZjOWU0ZWZlZjhlNGQyYTNhZTdjY2FlMWRiMzE0NTFhZGEzY2MiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.202.54.36 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-202-54-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c48f9c21ccbc573466085957c360b5e627136d14fff5631227137d75607d1f85

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 13 Aug 2022 11:28:41 GMT
last-modified: Tue, 26 Jul 2022 14:23:38 GMT
access-control-allow-origin: *
access-control-allow-methods: GET,POST
content-type: video/mp4
Content-Range: bytes 0-74363/74364
cache-control: max-age=973364
access-control-allow-credentials: false
x-traceid: b308edf82a3cacee71604bd2ab8e0e30
timing-allow-origin: *, *
Content-Length: 74364

GET
BLOB 200
OK 8e809936-a999-462b-b204-5aa1729d2d46
https://arstechnica.com/ Frame 372A 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/8e809936-a999-462b-b204-5aa1729d2d46
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1 200
OK sf-ui-display-medium-webfont.woff2
d2c8v52ll5s99u.cloudfront.net/assets/fonts/ Frame 372A 29 KB
30 KB 472ms
443ms Font
application/font-woff2 13.32.11.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-b53d54db9671e9d427bd.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.11.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-11-75.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

Referer: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-b53d54db9671e9d427bd.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
ETag: "7d18db04f980971f2a9c5026bbc34bed"
X-Amz-Cf-Pop: VIE50-C2
X-Cache: RefreshHit from cloudfront
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 29632
Access-Control-Allow-Origin: *
Last-Modified: Mon, 26 Jun 2017 15:24:42 GMT
Server: AmazonS3
Date: Sat, 13 Aug 2022 11:28:42 GMT
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff2
Via: 1.1 f886f6227d3373aee9b545641306fb68.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: xVH_L9oD83cFGpViL_0LyAuiwJCvNgpd7o0vtJM9od4Q6ccqR5YW-w==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H3 200 bridge3.524.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame DB00 635 KB
205 KB 9ms
8ms Document
text/html 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d0b5a63ca5e36540e2628599ba666ef0ac2bd34f8ea5f25c9a51b0e4c72fed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 58075
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 210237
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 19:20:46 GMT
expires: Sat, 12 Aug 2023 19:20:46 GMT
last-modified: Mon, 08 Aug 2022 18:34:29 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 372A 44 KB
17 KB 207ms
158ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 13 Aug 2022 11:28:41 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 372A 100 KB
27 KB 56ms
14ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4cae1b3e6f0feb2058c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26515
x-xss-protection: 0
pragma: public
x-fb-debug: YFskc1SXoIqYa2s8tuIuRdXW0L5UtQW6KSBokCZV9qWO648T7m5c5SLVGubwBFTpEiOq8uXVtUQ/1GBryv8Wkw==
x-fb-trip-id: 720026100
x-frame-options: DENY
date: Sat, 13 Aug 2022 11:28:41 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 372A 48 B
48 B 433ms
100ms Image
image/gif 35.168.71.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2022-08-13T11%3A28%3A40.960Z&_c=&_t=Player%20Requested&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.71.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-71-80.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 372A 48 B
48 B 422ms
100ms Image
image/gif 35.168.71.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2022-08-13T11%3A28%3A41.018Z&_c=initial&_t=gptData&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&dim1=%7B%22adBlocked%22%3Afalse%2C%22adUnits%22%3A%5B%223379%2Fconde.ars%2Finterstitial%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fhero%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F2%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F3%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F2%22%5D%2C%22embedLocation%22%3A%22arstechnica%22%2C%22error%22%3A%22%22%2C%22lineItems%22%3A%5B%5D%2C%22publicaEnabled%22%3Afalse%2C%22videoId%22%3A%2260abade4dc31e5375248cba6%22%7D
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.71.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-71-80.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame 372A 50 KB
51 KB 47ms
46ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 5d680ce98dd8de93bed1cbbbd15a6f44.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 219
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:25:06 GMT
Connection: keep-alive
Content-Length: 51500
Last-Modified: Tue, 25 May 2021 15:04:45 GMT
Server: Cloudinary
ETag: "1631177d1131925333a3b2b652f3d8b2"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: Qn6D-knES7tLap22pxwT3W7LyWC8qVBatOm_6JgZJC2GySb9FmPxPA==

GET
H/1.1 200
OK onetag Show response
assoc-na.associates-amazon.com/ 64 B
463 B 103ms
103ms XHR
application/json 72.21.195.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22arstech20-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F%22%7D&u=https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Requested by: Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: Server /
Resource Hash: 05cd90cceb6efe0cf9f7993f28164a96aa7e4811028e3fbb4f23cbacc2435dea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 11:28:41 GMT
Server: Server
x-amz-rid: RYVYEV3A99CCW5EVERK5
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 64

GET
H/1.1 206
Partial Content 1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame 372A 196 KB
0 57ms
14ms Media
video/mp4 99.86.240.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-59.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 13 Aug 2022 04:19:31 GMT
Via: 1.1 f78fee2989d34e40cb45ddfbcb9ba346.cloudfront.net (CloudFront)
Last-Modified: Mon, 24 May 2021 13:51:20 GMT
Server: AmazonS3
Age: 26828
ETag: "580642a938142bddde48207109f78d2b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-2480938/2480939
Connection: keep-alive
X-Amz-Cf-Pop: VIE50-C1
Accept-Ranges: bytes
Content-Length: 2480939
X-Amz-Cf-Id: KWSEov6Toe-tcxIoOVSWMilCO85XYNfCHGrNWLVPKkZXekcNlxlY8A==

GET
H/1.1 206
Partial Content 1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame 372A 8 KB
0 44ms
13ms Media
video/mp4 99.86.240.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-59.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 13 Aug 2022 04:19:31 GMT
Via: 1.1 108e63109879954f4e720db50559f788.cloudfront.net (CloudFront)
Last-Modified: Mon, 24 May 2021 13:51:20 GMT
Server: AmazonS3
Age: 26828
ETag: "580642a938142bddde48207109f78d2b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-2480938/2480939
Connection: keep-alive
X-Amz-Cf-Pop: VIE50-C1
Accept-Ranges: bytes
Content-Length: 2480939
X-Amz-Cf-Id: tTatsG3jElgoyslkkvMm3N1x_t40s4lXnRFj77ermZdwtXrVEazBtA==

GET
H/1.1 200
OK 1c5e052d-9221-44ad-9785-4ca784ceb60dmanifest-ios.m3u8 Show response
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame 372A 918 B
1 KB 43ms
13ms XHR
application/x-mpegurl 99.86.240.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dmanifest-ios.m3u8?videoIndex=0&requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4cae1b3e6f0feb2058c1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-59.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 005f315d6f7cf50f04161a51e17287b5040b513267560b083a3cf39d0b892ba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 04:36:09 GMT
Via: 1.1 f78fee2989d34e40cb45ddfbcb9ba346.cloudfront.net (CloudFront)
Vary: Accept-Encoding,Origin
Age: 24753
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 918
Last-Modified: Mon, 24 May 2021 13:49:14 GMT
Server: AmazonS3
ETag: "4300fd3b9bba40f219ea54c572764fe0"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: VIE50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: 1LAETRINmBt16MHIohzWXaZal6sZlxykiMruDXC6OIojWft3R1Ag9w==

GET
BLOB 200
OK f3d21eb1-6452-4203-882f-b2d3c4dfe8dc
https://arstechnica.com/ Frame 372A 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/f3d21eb1-6452-4203-882f-b2d3c4dfe8dc
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4d4b028218d4808224a88882415be732a01fbeb23b03fa2b7f334bf915a9984

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length: 5409
Content-Type: application/javascript

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 372A 4 KB
1 KB 57ms
56ms XHR
text/xml 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=640x480|480x70&iu=/3379/conde.ars/player/information-technology/article&ciu_szs=300x60&gdfp_req=1&env=vp&output=vmap&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.62.0%26ctx_page_slug%3Dbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%26cnt_tags%3Dexploits%252Cmicrosoft-3%252Coffice%252Cvulnerabilities%252Cword%252Czeroday%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D14%26usr_bkt_pv%3D91%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D%26ctx_line_items%3D%26height%3D329%26muted%3D0%26right_rail%3D0%26sensitive%3D0%26series%3D5c82bcebbcdfff6f132fc5e6%26width%3D584%26feature_flags%3Dclick-to-play&correlator=1379854013450625&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&vid=60abade4dc31e5375248cba6&cmsid=1495&ppid=

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4cae1b3e6f0feb2058c1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

90509aefc725c07ca283bcc5b80540ac463704179ce45b018cf15be7f9d897f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1191
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768.m3u8 Show response
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame 372A 11 KB
1 KB 14ms
14ms XHR
application/x-mpegurl 99.86.240.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768.m3u8?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4cae1b3e6f0feb2058c1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-59.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fb846048afd0ee79141b669572402fc0a024d937c00977e124405d11cd319fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 04:41:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 24699
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Mon, 24 May 2021 13:54:58 GMT
Server: AmazonS3
ETag: W/"cc4f278863bddb064b3e70268d5f02f8"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 f78fee2989d34e40cb45ddfbcb9ba346.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: 4M2gt1FIPIuZUH3oFxiGrCdxQUI163LC7murXSQEX7BoYqzvtwcovQ==

GET
H/1.1 200
OK track
capture.condenastdigital.com/ 48 B
48 B 332ms
100ms Image
image/gif 35.168.71.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&app=playerservice&cCh=videos%2Fshow&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pID=&sID=&uId=&xid=&_ts=2022-08-13T11%3A28%3A41.226Z&_c=error&_t=FetchConfigError&cId=5fac054038d0695db9ad7760&dim1=%7B%22guid%22%3A%22d28e6359-a9c0-8fde-4850-ba8984061588%22%2C%22iu%22%3Anull%2C%22playerType%22%3A%22interlude%22%7D&dim3=API%20ERROR%3A%20400%20(Bad%20Request)
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.71.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-71-80.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK track
capture.condenastdigital.com/ 48 B
48 B 238ms
101ms Image
image/gif 35.168.71.80
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&app=playerservice&cCh=videos%2Fshow&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&pID=&sID=&uId=&xid=&_ts=2022-08-13T11%3A28%3A41.226Z&_c=error&_t=FetchConfigError&cId=5fac054038d0695db9ad7760&dim1=%7B%22guid%22%3A%22d28e6359-a9c0-8fde-4850-ba8984061588%22%2C%22iu%22%3Anull%2C%22playerType%22%3A%22interlude%22%7D&dim3=Interlude%20Embed%20Failed.
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.71.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-71-80.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 13 Aug 2022 11:28:41 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
BLOB 200
OK 32b53a8d-359a-4224-9f25-6b717889a039
https://arstechnica.com/ Frame 372A 63 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/32b53a8d-359a-4224-9f25-6b717889a039
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16d2ff0f0f0d9a9023d071d78bed35c72c256b04006ba9b083a1ee29db0f618e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length: 64606
Content-Type: application/javascript

GET
H/1.1 200
OK 1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768-00001.ts Show response
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame 372A 821 KB
807 KB 13ms
13ms XHR
application/x-mpegurl 99.86.240.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768-00001.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4cae1b3e6f0feb2058c1.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-59.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e944e6d1b0904bc0c1298fe828ec727bc6a9b46f0b4799e197a1a2acc46fb685

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 02:33:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 32362
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Mon, 24 May 2021 13:54:44 GMT
Server: AmazonS3
ETag: W/"9c6e79c618e52ccae61fce8e62e8cd50"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 f78fee2989d34e40cb45ddfbcb9ba346.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: XmWgu9fnmzMT5BPKevi7dVbuj1caA0xaL0got2i6lSjzOXZThMuoqg==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame 372A 50 KB
51 KB 130ms
48ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4cae1b3e6f0feb2058c1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 d2712b4133994c3cdb499c5a8217979c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 219
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:25:06 GMT
Connection: keep-alive
Content-Length: 51500
Last-Modified: Tue, 25 May 2021 15:04:45 GMT
Server: Cloudinary
ETag: "1631177d1131925333a3b2b652f3d8b2"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: pQQ8ppsP8MvteWgjbRmOR0ywMWKKlhtIHu7uF6Fr4DHn3h6j5wbKeA==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame 372A 50 KB
51 KB 51ms
51ms Image
image/jpeg 52.85.6.122
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2017/04/booby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.85.6.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-85-6-122.sof50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 ae2c0b9c10da68dd435320c2e9c67f10.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 219
X-Cache: Hit from cloudfront
Date: Sat, 13 Aug 2022 11:25:06 GMT
Connection: keep-alive
Content-Length: 51500
Last-Modified: Tue, 25 May 2021 15:04:45 GMT
Server: Cloudinary
ETag: "1631177d1131925333a3b2b652f3d8b2"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: SOF50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: yR3rS1Hn-naQjP2Am7lSLcICwJxhLDO7JUrKH3VM3xNFkQcatqk62g==

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame DB00 0
540 B 45ms
22ms XHR
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?sz=640x480%7C480x70&iu=%2F3379%2Fconde.ars%2Fplayer%2Finformation-technology%2Farticle&ciu_szs=1x1&gdfp_req=1&env=vp&output=xml_vmap1&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.62.0%26ctx_page_slug%3Dbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%26cnt_tags%3Dexploits%252Cmicrosoft-3%252Coffice%252Cvulnerabilities%252Cword%252Czeroday%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D14%26usr_bkt_pv%3D91%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D%26ctx_line_items%3D%26height%3D329%26muted%3D0%26right_rail%3D0%26sensitive%3D0%26series%3D5c82bcebbcdfff6f132fc5e6%26width%3D584%26feature_flags%3Dclick-to-play&correlator=1379854013450625&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&vid=60abade4dc31e5375248cba6&cmsid=1495&ppid&sdkv=h.3.524.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&ptt=20&adk=3930290185&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.524.0&sid=07DB126A-80AB-4846-B1E6-18CE27C3AE72&nel=0&eid=44725356%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&dlt=1660390120827&idt=377&dt=1660390121770&scor=2394389753058561&ged=ve4_td1_tt1_pd1_la1000_er4501.310.4654.610_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.524.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:41 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1409 Show response
check.analytics.rlcdn.com/check/ 23 B
381 B 98ms
54ms XHR
application/json 99.86.240.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.analytics.rlcdn.com/check/1409
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-82.vie50.r.cloudfront.net
Software: /
Resource Hash: d0ef936654ba84031c1ef90617069aceaab3dac1dd0912b76ebd449f9a566e55

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Aug 2022 11:28:42 GMT
via: 1.1 3a65445020a52e9a185051db037167ba.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amzn-requestid: cf8d174e-90f3-42cd-9d58-d4cee921b206
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62f78aea-238e08c404376f2e005624bb
x-amz-apigw-id: WzKktFj2joEFfrQ=
content-length: 23
x-amz-cf-id: IWaZ1M9-jjia0sK9PW1sksuWr7M-txPIUr7R9r4HrtEfjkXqOBuSrw==

GET
H2 200 1409 Show response
check.analytics.rlcdn.com/check/ 23 B
383 B 179ms
139ms XHR
application/json 99.86.240.82
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.analytics.rlcdn.com/check/1409
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-82.vie50.r.cloudfront.net
Software: /
Resource Hash: d0ef936654ba84031c1ef90617069aceaab3dac1dd0912b76ebd449f9a566e55

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Aug 2022 11:28:42 GMT
via: 1.1 3a65445020a52e9a185051db037167ba.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
x-amzn-requestid: 77417c71-10f0-4466-9f13-c324b2119ab8
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62f78aea-77dbd5e0386ff9646c102d46
x-amz-apigw-id: WzKkuHn_DoEFkSg=
content-length: 23
x-amz-cf-id: j-PsfKYmzBJjdZp_m0CpHN3ydLEED8eNUv5rY1YK4IaFHoVu09LqRg==

GET
H2 200 rid Show response
match.adsrvr.org/track/ 0
301 B 185ms
52ms XHR
application/javascript 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=3egfyfq&fmt=json
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Aug 2022 11:28:43 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://arstechnica.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0
expires: Sun, 13 Aug 2023 11:28:43 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
359 B 64ms
16ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1409

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 13 Aug 2022 11:28:43 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame AF70 0
91 B 31ms
17ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sat, 13 Aug 2022 11:28:43 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 542A 281 B
554 B 90ms
20ms Document
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Aug 2022 11:28:43 GMT
ETag: "402b2-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 5373 3 KB
2 KB 16ms
16ms Document
text/html 184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Aug 2022 11:28:43 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 29EC 3 KB
2 KB 32ms
15ms Document
text/html 184.51.9.98
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.98 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-98.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Sat, 13 Aug 2022 11:28:43 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 2697 0
80 B 28ms
18ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sat, 13 Aug 2022 11:28:43 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 876E 23 KB
8 KB 137ms
87ms Document
text/html 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c95d61a2596b9a902375d13da7d337bad8a029ed5449afddf505db066aa37c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8331
content-type: text/html; charset=UTF-8
date: Sat, 13 Aug 2022 11:28:43 GMT
expires: Mon, 15 Aug 2022 11:28:43 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 12DC 23 KB
8 KB 158ms
109ms Document
text/html 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1660390070

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c95d61a2596b9a902375d13da7d337bad8a029ed5449afddf505db066aa37c64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8331
content-type: text/html; charset=UTF-8
date: Sat, 13 Aug 2022 11:28:43 GMT
expires: Mon, 15 Aug 2022 11:28:43 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 8860 54 B
629 B 84ms
26ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPdpR8APdpR8AAcABBENCcCgAAAAAAAAAChQAAAAAAJggAIBGAgDkAAQABoAHAAeABcAD4ALQAfABGACSAFsAMQAfwBIgCuAF8ANQAbQA4gByADnAHUAPkAf4BAwCDgEiAJ-AUMApYBhADqgIbAQ-Ai8BHoCQgErAJtAWEAuIBdAC6gF2gLyAYFAw8DEAGLAMhAZQA0IBowDSgGpgNoAbcA3QBwQSCOAAgABcAFAAVAAyABwADwAIAAYAAygBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCQCGAIkAR0AlgCXAE0AKUAW4AwwBkADLAGyAO-AewB8QD7AP0AgEBFwEYgI0AjgBKQCggFPAKuAXMAxQBrADaQG4AbwA9AB8gEOgJEATEAmUBOwChwFIgKaAWKAtABbAC5AF3gLzAYMAwkBhsDIgMkAZOAy4BnIDPgGkQNYA1kMAeAAMAAsAC4ARgAkgBPgCoAKoAWwAxABvAFIANKAagBqgDiAJaAUsA2QB1AENgIvASEAocBYgC4gGBAMPAYsAyMBoQDdA0B4AKwAXABDADIAGWANkAdgA_ACAAEFAIwAU8Aq8BaAFpANYAbwA6oB8gEOgIqASIAnYBSIC5AGEgMYAZOAzkBngDPhAB0AAwACwALgA1ACMAEkAJ4AVQAtgBiADeAKQAagA4gB8gEiAJaAUuA3ADeAIbAReAkIBQ4C4gGBAMPAYsA0IBugiAuAFYAQwAyABlgDZAHYAPwAgABGACngFXANYAdUA-QCHQEiAJ2AUiAuQBhIDJwGcgM-FQFQAKABDACYAFwARwAywB2AEcAKvAWgBaQDeAJBATEAtgBcgC8wGRAM5AZ4Az4BuQoAoAGIATIApABlQDUANUAbQA4gByADwAIKAS0ApYB1QEegLEAYEAw8BmgDQgGvDACoANQAxACZAFIAMoAagA2gBxADkAHgAS0ApYBYgDqgI9AScAsQBeQDAgGHgNCGQEgAhgBMAEcAMsAdgA-wCOAFXAK2AbwBMQC0QFsALzAZEAzkBngDPhwF8AAQABgAEQAOAA8AC4AHwAWgA5gB-AIIARgAtgBdAC-AGQANAAfwBCACRAE6AKQAWYAvgBlgDSgGoAaoA2gBxADkAHOAOoAdgA7gB8wEAAQWAg4CEAERAJEAS0Am0BPgE_AKWAVAArIBbQC9QGAAYEAwgBmQDWAGvAN4AceA5wDpAHVAPIAfIBCACG4EPgRAAiIBHoCQoErASuAmIBMoCbQFCgKQAUmApgBUwCqoFbAV2AsoBaQC1AFxQLoAuoBewC-gGBQMPAxABiwDIQGUAMvAaFA0UDRgGlANNAamA14BtADbAG3DoKwAC4AKAAqABkADgAIAAXQAwADKAGgAagA8AB9AEMARAAmABPgCqAKwAWAAuABiADMAG8AOYAeoBDAETAJYAmABNACjAFKALEAW8AwgDDgGQAZQA0QBsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWmAuYC6gF5AMUAbQA3EB0wHUAPQAh0BFQCLwEggJEASoAnYBQ4CmgFWALFAWwAuABcgC7QF3gLzAYMAwkBhoDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNYAbGQAagAIACCAF8ANAAfwBIgCkAFuAL4AZcA1ADVAG0AOIAcgA5wB2ADwAIKAT4ApYBWQCxAGAAMIAZkA3gBzgDqgHbAQ-Aj0BIQCTgErgJiATaAoUBSACkwFbALaAXQAvIBewDAgGHgM0AaEA0UBpQDUwG2ANuIQMwAFgAUAAyAC4AGIAQwAmABVAC4AGIAMwAbwA9ACOAFiAMIAZQA3wB3gD7AH-ARwAlIBQQCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAKaAWKAtEBbAC4AFyALtAZEAycBnIDPAGfANEAaSA0sBwBIBOAAIAAwADgALgA5ACoAGQAN4AhABIgCkgFyAXwAywBpADUAG0AO4AgABBwCEgEtAJ8AVAArIBrwDeAHVAPsAlYBNoCkwFlALSAXsAw8BiIDFgGlANyJQMgAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADNAIYAiQBHACjAFKALcAYQAygBsgDvAH4ARwAk4BTwCrwFoAWkAuoBigDcAHUAPkAh0BFQCLwEiALFAWwAu0BeYDIgGTgMsAZyAzwBnwDSAGsAOAKASgABAAGAAuAB8AFoAOQAfgBGACoAFYAL4AZAA2wBvAHIAQgAjgBIgCZAE6AKSAXIBfADLAGkANQAa4A2gBxADnAHUAO4AeAA-QCAAEHAISARUAkQBJwCWgE2gJ8An4BSwCsgFiALqAYCAwgDFAGvAN4AdUA7YB5AD5AH_AR6AmIBMoCbQFIAKYAVMArYBXYC0AF5AL6AYEAw8BiwDRAGlQNSA1MBrwDgikD8ABcAFAAVAAyABwAEEAMAAygBoAGoAPIAhgCIAEwAJ4AUgAqgBYADEAGYAOcAhgCJAFGAKUAWIAtwBhADKAGiANkAd8A-wD9AIsARgAjgBKQCggFXAK2AXMAvIBtADcAHoAQ6Ai8BIgCdgFDgLFAWwAuABcgC7QF5gMNAYwAyIBkgDJwGXAM5AZ4Az6BpAGkwNYA1kBsYA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73a11be1baca9064-FRA
content-encoding: br
content-type: text/html
date: Sat, 13 Aug 2022 11:28:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OoOkT8AKmDRIVKq5Kt61Wvh5CqUf5pnB0z%2FFtxVmXwbObBwkZF%2FX4MnLt5fZBH14tKvaV7ivC6vttS7xmQUqc0gC7aDXUyPJaXXSU160fV96Qja0zoDuelN0yxM63fmvaGNUYe75AZ%2B5gg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame F089 54 B
329 B 72ms
27ms Document
text/html 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPdpR8APdpR8AAcABBENCcCgAAAAAAAAAChQAAAAAAJggAIBGAgDkAAQABoAHAAeABcAD4ALQAfABGACSAFsAMQAfwBIgCuAF8ANQAbQA4gByADnAHUAPkAf4BAwCDgEiAJ-AUMApYBhADqgIbAQ-Ai8BHoCQgErAJtAWEAuIBdAC6gF2gLyAYFAw8DEAGLAMhAZQA0IBowDSgGpgNoAbcA3QBwQSCOAAgABcAFAAVAAyABwADwAIAAYAAygBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCQCGAIkAR0AlgCXAE0AKUAW4AwwBkADLAGyAO-AewB8QD7AP0AgEBFwEYgI0AjgBKQCggFPAKuAXMAxQBrADaQG4AbwA9AB8gEOgJEATEAmUBOwChwFIgKaAWKAtABbAC5AF3gLzAYMAwkBhsDIgMkAZOAy4BnIDPgGkQNYA1kMAeAAMAAsAC4ARgAkgBPgCoAKoAWwAxABvAFIANKAagBqgDiAJaAUsA2QB1AENgIvASEAocBYgC4gGBAMPAYsAyMBoQDdA0B4AKwAXABDADIAGWANkAdgA_ACAAEFAIwAU8Aq8BaAFpANYAbwA6oB8gEOgIqASIAnYBSIC5AGEgMYAZOAzkBngDPhAB0AAwACwALgA1ACMAEkAJ4AVQAtgBiADeAKQAagA4gB8gEiAJaAUuA3ADeAIbAReAkIBQ4C4gGBAMPAYsA0IBugiAuAFYAQwAyABlgDZAHYAPwAgABGACngFXANYAdUA-QCHQEiAJ2AUiAuQBhIDJwGcgM-FQFQAKABDACYAFwARwAywB2AEcAKvAWgBaQDeAJBATEAtgBcgC8wGRAM5AZ4Az4BuQoAoAGIATIApABlQDUANUAbQA4gByADwAIKAS0ApYB1QEegLEAYEAw8BmgDQgGvDACoANQAxACZAFIAMoAagA2gBxADkAHgAS0ApYBYgDqgI9AScAsQBeQDAgGHgNCGQEgAhgBMAEcAMsAdgA-wCOAFXAK2AbwBMQC0QFsALzAZEAzkBngDPhwF8AAQABgAEQAOAA8AC4AHwAWgA5gB-AIIARgAtgBdAC-AGQANAAfwBCACRAE6AKQAWYAvgBlgDSgGoAaoA2gBxADkAHOAOoAdgA7gB8wEAAQWAg4CEAERAJEAS0Am0BPgE_AKWAVAArIBbQC9QGAAYEAwgBmQDWAGvAN4AceA5wDpAHVAPIAfIBCACG4EPgRAAiIBHoCQoErASuAmIBMoCbQFCgKQAUmApgBUwCqoFbAV2AsoBaQC1AFxQLoAuoBewC-gGBQMPAxABiwDIQGUAMvAaFA0UDRgGlANNAamA14BtADbAG3DoKwAC4AKAAqABkADgAIAAXQAwADKAGgAagA8AB9AEMARAAmABPgCqAKwAWAAuABiADMAG8AOYAeoBDAETAJYAmABNACjAFKALEAW8AwgDDgGQAZQA0QBsgDfAHeAPaAfYB-gD_gIsAjABHICUgJUAUEAp4BVwCxQFoAWmAuYC6gF5AMUAbQA3EB0wHUAPQAh0BFQCLwEggJEASoAnYBQ4CmgFWALFAWwAuABcgC7QF3gLzAYMAwkBhoDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNYAbGQAagAIACCAF8ANAAfwBIgCkAFuAL4AZcA1ADVAG0AOIAcgA5wB2ADwAIKAT4ApYBWQCxAGAAMIAZkA3gBzgDqgHbAQ-Aj0BIQCTgErgJiATaAoUBSACkwFbALaAXQAvIBewDAgGHgM0AaEA0UBpQDUwG2ANuIQMwAFgAUAAyAC4AGIAQwAmABVAC4AGIAMwAbwA9ACOAFiAMIAZQA3wB3gD7AH-ARwAlIBQQCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAKaAWKAtEBbAC4AFyALtAZEAycBnIDPAGfANEAaSA0sBwBIBOAAIAAwADgALgA5ACoAGQAN4AhABIgCkgFyAXwAywBpADUAG0AO4AgABBwCEgEtAJ8AVAArIBrwDeAHVAPsAlYBNoCkwFlALSAXsAw8BiIDFgGlANyJQMgAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADNAIYAiQBHACjAFKALcAYQAygBsgDvAH4ARwAk4BTwCrwFoAWkAuoBigDcAHUAPkAh0BFQCLwEiALFAWwAu0BeYDIgGTgMsAZyAzwBnwDSAGsAOAKASgABAAGAAuAB8AFoAOQAfgBGACoAFYAL4AZAA2wBvAHIAQgAjgBIgCZAE6AKSAXIBfADLAGkANQAa4A2gBxADnAHUAO4AeAA-QCAAEHAISARUAkQBJwCWgE2gJ8An4BSwCsgFiALqAYCAwgDFAGvAN4AdUA7YB5AD5AH_AR6AmIBMoCbQFIAKYAVMArYBXYC0AF5AL6AYEAw8BiwDRAGlQNSA1MBrwDgikD8ABcAFAAVAAyABwAEEAMAAygBoAGoAPIAhgCIAEwAJ4AUgAqgBYADEAGYAOcAhgCJAFGAKUAWIAtwBhADKAGiANkAd8A-wD9AIsARgAjgBKQCggFXAK2AXMAvIBtADcAHoAQ6Ai8BIgCdgFDgLFAWwAuABcgC7QF5gMNAYwAyIBkgDJwGXAM5AZ4Az6BpAGkwNYA1kBsYA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 73a11be1bacb9064-FRA
content-encoding: br
content-type: text/html
date: Sat, 13 Aug 2022 11:28:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWB1hwDcM%2BZyHYvdZEBg2j6OwcFMdkOB%2BJRSlCxBvsXYkoqrzWvvbRtFVek2nz9oe3bOtW4utVW7z4istd48jnF%2B5WTsx2Mt691bgrRYxk1vB%2FCFY%2FxTJc3Sd4qokmE88GSlJorNKmmjjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 542A 31 KB
10 KB 16ms
15ms Script
text/html 104.96.145.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.96.145.246 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-96-145-246.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bce483ce05e34af34c91bf765756b9bb814731a1a6dd1bb73fc3a05ec93b5dc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Sat, 13 Aug 2022 11:28:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=77752
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9453
Expires: Sun, 14 Aug 2022 09:04:35 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 542A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&us_privacy=1---&google_tc=
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEISoHyhAYPtk3Q3c3SRzB2A&google_cver=1

0
239 B

287ms
11ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEISoHyhAYPtk3Q3c3SRzB2A&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 13 Aug 2022 11:28:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEISoHyhAYPtk3Q3c3SRzB2A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 542A
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=w5m2Sp5VSHSC1IwvwqJgKg&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=w5m2Sp5VSHSC1IwvwqJgKg

43 B
556 B

35ms
35ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=w5m2Sp5VSHSC1IwvwqJgKg

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Aug 2022 11:28:44 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: QSHH394PHS76PQGQHHQN
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=w5m2Sp5VSHSC1IwvwqJgKg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 542A 0
98 B 66ms
17ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:44 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 542A
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6RTEOFZ-16-EAJF&sigv=1&esig=2~1f74e8cb56532fd0f0400b1508f9db62def5d556&us_privacy=1---

0
194 B

315ms
16ms

Image
text/plain

2a00:1288:f03d:1fa::2000
YAHOO-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6RTEOFZ-16-EAJF&sigv=1&esig=2~1f74e8cb56532fd0f0400b1508f9db62def5d556&us_privacy=1---

Protocol

Server

2a00:1288:f03d:1fa::2000 , United Kingdom, ASN10310 (YAHOO-1, US),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:44 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L6RTEOFZ-16-EAJF&sigv=1&esig=2~1f74e8cb56532fd0f0400b1508f9db62def5d556&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 542A
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=_u_h74wMQpqmbiOnvR0tUg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_u_h74wMQpqmbiOnvR0tUg

43 B
556 B

106ms
106ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_u_h74wMQpqmbiOnvR0tUg

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 13 Aug 2022 11:28:45 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: 52HXNW07J62RBY6RRMHM
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=_u_h74wMQpqmbiOnvR0tUg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 542A 70 B
264 B 52ms
51ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Aug 2022 11:28:44 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 542A
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjYwYThiZGVkOGY2Yzc0MmMyYzRlZWY5MGUzMjdkYzUyZGUzZjIyMQ&us_privacy=1---

170 B
188 B

21ms
18ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjYwYThiZGVkOGY2Yzc0MmMyYzRlZWY5MGUzMjdkYzUyZGUzZjIyMQ&us_privacy=1---

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Aug 2022 11:28:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjYwYThiZGVkOGY2Yzc0MmMyYzRlZWY5MGUzMjdkYzUyZGUzZjIyMQ&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 542A
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSVEVPRlotMTYtRUFKRg==&us_privacy=1---

170 B
188 B

23ms
19ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSVEVPRlotMTYtRUFKRg==&us_privacy=1---

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 13 Aug 2022 11:28:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZSVEVPRlotMTYtRUFKRg==&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK t Show response
elsa.memoinsights.com/ 106 B
348 B 102ms
101ms Script
application/javascript 50.17.85.17
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://elsa.memoinsights.com/t?pid=62012a7a19351c07620394e0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&author%5B%5D=Dan%20Goodin&title=Booby-trapped%20Word%20documents%20in%20the%20wild%20exploit%20critical%20Microsoft%200-day&date=2017-04-08T20%3A00%3A41Z&referrer=&ref_url=&page_url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&cb=MEMO.API.callbacks.cbihowkshp&v=v3.0.6&t=5000&e=5000&s=0
Requested by: Host: cdn.memo.co
URL: https://cdn.memo.co/js/memo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.17.85.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-85-17.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: 2f24786000f527316cbd9d63cca06fef90a72e3100a71ccf273e1962f4b0e043

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sat, 13 Aug 2022 11:28:45 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 106
x-request-id: fe09701a36bf14520aedbd3837d861c7
content-type: application/javascript

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
arstechnica.com/	1970-01-20 05:56:22	Name: _pbjs_userid_consent_data Value: 3524755945110770
.arstechnica.com/	1970-01-20 06:39:34	Name: _pubcid Value: 58044ab7-017c-46ec-accd-311983ae2aa5
arstechnica.com/	1970-01-20 13:58:46	Name: usprivacy Value: 1---
.arstechnica.com/	1970-01-20 05:13:10	Name: session_seen_posts Value: 0
.arstechnica.com/	1970-01-20 05:56:22	Name: seen_posts Value:
arstechnica.com/	1970-01-20 05:39:50	Name: CN_visits_m Value: 1661990400190%26vn%3D1
arstechnica.com/	1970-01-20 05:13:11	Name: CN_in_visit_m Value: true
arstechnica.com/	1970-01-20 13:58:46	Name: __srret Value: 1
arstechnica.com/	1970-01-20 13:58:46	Name: OneTrustWPCCPAGoogleOptOut Value: true
.arstechnica.com/	1970-01-20 13:58:46	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Sat+Aug+13+2022+11%3A28%3A40+GMT%2B0000+(GMT)&version=6.35.0&isIABGlobal=false&hosts=&consentId=b9c44289-358a-42b4-a7ae-185210cb7aa7&interactionCount=0&landingPath=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2017%2F04%2Fbooby-trapped-word-documents-in-the-wild-exploit-critical-microsoft-0day%2F&groups=C0001%3A1%2CC0003%3A0%2CC0004%3A0%2CC0002%3A0%2CSTACK42%3A0
arstechnica.com/	1970-01-20 05:14:36	Name: _lr_geo_location Value: DE
.rubiconproject.com/	1970-01-20 13:58:46	Name: khaos Value: L6RTEOFZ-16-EAJF
.rubiconproject.com/	1970-01-20 13:58:46	Name: audit Value: 1\|SDziDG3X/EjnGb6ec3+rJF4C1LCtWBX9mfsNIvv6Qtp0kTU4st2MuT9wOzzzFQ1EY911e+5TFTAbP22rillvZyYbB5SW5XQ3r2IsKRhWH5ema+WVcS1g3g==
arstechnica.com/	1970-01-20 13:58:46	Name: __srui Value: 14ce9395-1afb-11ed-8005-6a1025f604db
arstechnica.com/	1970-01-20 07:37:10	Name: cneplayercount Value: 1
arstechnica.com/	1970-01-20 05:14:36	Name: _lr_sampling_rate Value: 0
.arstechnica.com/	1970-01-20 06:39:34	Name: _pubcid_last Value: Sat%2C%2013%20Aug%202022%2011%3A28%3A43%20GMT
arstechnica.com/	1970-01-20 05:13:13	Name: _lr_retry_request Value: true
arstechnica.com/	1970-01-20 05:56:22	Name: _lr_env_src_ats Value: false
.doubleclick.net/	1970-01-20 14:34:46	Name: IDE Value: AHWqTUnizVFWGwtBQDAQkONWGOJdE9nV8BtjFxnBCIRVLlJxfo0UExz6w6jn_Z8m0us
.amazon-adsystem.com/	1970-01-20 14:49:10	Name: ad-privacy Value: 0
.amazon-adsystem.com/	1970-01-20 10:45:48	Name: ad-id Value: Aw5ZXK-ROUrTilRyFDlUmYM\|t

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://player.cnevids.com/embed-api.json?videoId=5fac054038d0695db9ad7760&playerType=interlude&embedLocation=arstechnica Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1409 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/709414.gif?us_privacy=1--- Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ads.yahoo.com
api.cnevids.com
api.condenast.io
api.rlcdn.com
arstechnica.com
as-sec.casalemedia.com
assoc-na.associates-amazon.com
ats.rlcdn.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
capture.condenastdigital.com
cdn.arstechnica.net
cdn.cookielaw.org
cdn.mediavoice.com
cdn.memo.co
check.analytics.rlcdn.com
cm.g.doubleclick.net
condenastus-d.openx.net
connect.facebook.net
contextual.media.net
d2c8v52ll5s99u.cloudfront.net
dp8hsntg6do36.cloudfront.net
dwgyu36up6iuz.cloudfront.net
elsa.memoinsights.com
eus.rubiconproject.com
fastlane.rubiconproject.com
geo.privacymanager.io
geolocation.onetrust.com
htlb.casalemedia.com
id.rlcdn.com
id.sv.rkdms.com
images.outbrainimg.com
imasdk.googleapis.com
js-sec.indexww.com
match.adsrvr.org
mb.moatads.com
mcdp-nydc1.outbrain.com
odb.outbrain.com
p.skimresources.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
player.cnevids.com
plugin.mediavoice.com
polarcdn-terrax.com
prebid.media.net
pubads.g.doubleclick.net
r.skimresources.com
s.amazon-adsystem.com
s.skimresources.com
s0.2mdn.net
securepubads.g.doubleclick.net
segment-data.zqtk.net
ssum-sec.casalemedia.com
t.skimresources.com
tcheck.outbrainimg.com
token.rubiconproject.com
u.openx.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.googletagmanager.com
www.googletagservices.com
z-na.associates-amazon.com
z.moatads.com
104.18.18.126
104.96.145.246
108.138.23.218
13.32.11.75
13.32.121.43
13.32.99.122
142.250.185.130
142.250.186.66
143.204.89.32
151.101.64.239
151.139.128.11
18.119.39.54
18.156.195.47
184.51.10.56
184.51.9.223
184.51.9.98
199.232.18.132
205.234.175.175
23.202.54.36
2602:803:c003:200::41
2606:4700:4400::ac40:929e
2606:4700::6810:9440
2606:4700::6811:4132
2606:4700::6813:da83
2a00:1288:f03d:1fa::2000
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:803::2008
2a00:1450:4001:80e::2006
2a00:1450:4001:813::2002
2a03:2880:f007:8:face:b00c:0:1
3.219.23.242
3.89.165.156
3.9.57.182
34.107.148.139
34.120.133.55
35.168.71.80
35.190.59.101
35.190.91.160
35.201.67.47
35.244.159.8
35.244.174.68
35.71.131.137
50.17.85.17
52.222.209.55
52.46.143.56
52.85.6.122
52.95.125.22
63.32.0.187
64.202.112.127
69.173.144.138
69.173.144.139
72.21.195.65
92.123.38.97
99.86.240.20
99.86.240.59
99.86.240.82
005f315d6f7cf50f04161a51e17287b5040b513267560b083a3cf39d0b892ba8
0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c
030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06
0396be2ab58ec30babd0838d7e37d6407475d4361be85ee7451dbac9186add57
039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15
05cd90cceb6efe0cf9f7993f28164a96aa7e4811028e3fbb4f23cbacc2435dea
06b33c040105224101afcdaacd82b6dfb3ea1bf9ef3d7478cf5fa163a0ad65e0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e
0b5c6a8d4a856db56da956eced8af9a5eb6e0a89dc67de5ffc4c83513472a3cc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf7b1e98a88a1cff624cff6b252912d63ee6d9d20d8493f63511df44ec7cfdf
0e45770fd9114e9a85aa1504d507bc4a69df998ae2d6c7d6ebfed87366c62fd9
1097abb6f0992cccc79428374463e7f23b99dae5eb85d7317b20bd57c96031bb
1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83
159bd804f3a207ce59088ef63f186ba5b3d906d5245b7bfa882a6a6c3f6a9314
16708dda2536b4b3782313db4a6ec8456cd84da7ae0f56d7d2455e68fc9bc4f0
16d2ff0f0f0d9a9023d071d78bed35c72c256b04006ba9b083a1ee29db0f618e
16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8
18ff9f7031a6474c6567199041c377bcc5d565ce35d6261269d81beb4ed6fb75
1bf55bc00dbf13180884211c3d301729e67b81f3456225c1fbf97d271d636509
1c7dcc8216c6f82da2998ceeac2523632c7f9bffe510824b6d082621201f2012
1d4b4d6b90f7172c4b2482bfb10686113ef275045d6f386460468fb0e8efd549
1da25cf82f065474aadce40a8c7369f6df48e1847cb95c21bd9083488eff7390
1defb6bc54a7ee9c066136908360e8455c23ee9ad0dec9924e7255d7948cd4be
1f38ff54055f161d95dce36786c8004c1a98d456155ed32540b540e4b90fdd9e
1f466b08649eef5ad16c20f6d7207bf8818cb107b6241950dbc568cdffc03d63
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378
20660a9ef7ec454c15b2dc62b3db084e0cc9f74c5bb6de71a96fb1a54aef00f8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26e2c2477b4f1b7625b9d8577966acdbbad27acc28c04f317dc1a56dec6a7b58
27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5
2925550a51eae030b3069b8410919caa8500e69a5f4961649c78067dda69946a
29637e0647104ccc5d5583e652db29ce99e947c858c3d9502960e7ea7f1aea19
2c42115c0847de6030c95c350f66525b4311997d1911f4d887e8f1c991fcadcc
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d7f23560495bf3906401f877b3e1e435257e2fde10f14ecb2fffcb6a9eee27b
2e8cee856a0b21bdd96a2ee67f69f5069328896682b8c293197c374c051df06e
2f24786000f527316cbd9d63cca06fef90a72e3100a71ccf273e1962f4b0e043
3399efa4756f80b55d8c0a86353a1cecf23d28555be239cc6d8efd6dc86b328b
36a013198a9008cfb85603d5445e8c212ed81098dc15142df15fb26ca827f2bf
3b0209841325362235c221628e471145726897e4e1c9b210b6e6b2217fdf2ee8
3b150a27981e05771154e8231d64b433239056246ef9ab87aa1573b115125980
3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c
3f2cf5f857c617761a251ceef8f6ed452a7690e21f16eff0a70dddf9beea8633
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
3fefff325ac5bc74bfc75a4e37bf8e7e729d9770faacbc4d93c07e82bd691b87
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
451681557b1134535080aeca3ae336399b746f27de9a38d22dec2d4b2be58893
46a9ddb1f206a46900872e0a832750ae06925528f81883a3d3517fdb42aefb6d
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39
4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105
4d7b91ed4a7804e22b94e4873af273def73469e80b740bd9787e287003058868
4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8
4f808368b7d46fb5ca2841964ebb52519e57a058455eb1e50f90a25aecd2346f
4fb846048afd0ee79141b669572402fc0a024d937c00977e124405d11cd319fe
4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1
5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b
56f8838a24cb0cc47dc34a19d6b84d6ce8bf8086b1682bbb990abc13b1e2da65
571479d52cd675db5573fe46973c62cba6d8224a76136fcefeb90f7dc42a6391
58b5b179b9e8922ad42a52d54677fbf190d990cfd713299275a8a8079e0cf4bd
59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282
5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c
5be5b0170ad4bbd2be91182d137933e7de9c7e86b09ec855a4bac015ebfd746f
5c5dcbdd805b4603a4ac478d0e3966033767767309ac8eb2ddb6a1aea68ad2c7
5e2dc2d5071ebc32d28a9183d0c7eafb5ad1592a70170f2869f11f0b39431216
5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba
6005db7d329c98155b90076de0c9a68cf7316a51883ba92f78d3953ae6e1557b
60eb12486bd244f9b2c77d851a209c7f1cf81a9a82bce5662efb019b50b6f56c
617e0f9fee7ef0ca891735246b4b5a61caa3622db4a4256685b061c9f43bd053
62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235
6430dc4f65a57738b9f44e49496846c3e249ddce4db0a5bff8cf0a475e61c6ab
6c26965b3758255462804203b738f7b446de4a66ec96fa8095a0dcc52b334918
6d0b5a63ca5e36540e2628599ba666ef0ac2bd34f8ea5f25c9a51b0e4c72fed2
6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a
7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3
73c4228fa5b38d181899fbb43d408ac2138b29bfef6260136f66d926723d84d6
7475f5c70d3b6020b6f4621b2e69fba3360bea00a913e60b085af165b93842ec
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
767d45f24df97c5aec4707f7721bff23ecfda6e01f71f67bf2ee7bb53613742f
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207
7d91c04c657709af03f6dad61d375c3208d18ab5ff7851c2472007dc05201342
7fc88c65d46e83b3f3e9f098f05fd639480332fc3718cd714725e2e4633af4e8
807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752
82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
82f3834d998aae8cd5b9c9e5b1334404bac616f33a47072dbf034b6e177a4baf
83289b925ff981786913c6d685e87cbbf124a81c2a43e21d55d49d563fe9f498
836969720dde46dcfa07564000a19bc8adbf327e105f970fd811ea764cd06227
83a366075eb2387c6d9f848f42b08df0546027333eccf5813edf95ba45709be2
85c33811c2b04e4e02babe2fd6bd7ac0035f93e95827116429bbda2cf9c6c95d
85db95dbe15c810a710ca6d9094a2a29f2eeea05791cc7aaab7af8939684b978
86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
876e5a0f86b204a1da3795f675b8211bb108147cc0d8232c33cc6028e553ce85
88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf
8922541353770fe5211fce4fe64478deb4afbd9a4e4e8a35d695497b7620f8ed
8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da8c23d9bf300c6d309b03cb5678ebadb3b4754e3c081278dbb6f82cbcac094
8dc40a5096530714279199bd98ffbe44f3108bf9dd183ec74d85f69705d86e25
8edcf5bd609aef18638950de010699cd2765ef88aba3d019feb51a4271807662
90509aefc725c07ca283bcc5b80540ac463704179ce45b018cf15be7f9d897f8
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9431bc6d1a6d036a70c92dfc9000d7965f939671a59705bdd01c3e652048ed9a
95270a944e1c44e868283da6f91f9e4a32de071cad47e116958d0759f2e13a9d
9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab
9bb57548114158248eff7588b52a51a1740695dd8792bd45227246b0f77d31c0
9bfef216bcf4b2bfb2029c1dee8aabb342b6647893dc6be915838137ff6582a0
a24534ed328a0ae9e4f094e9224475c7e4d0cced0f58f09865d05eb7aee2967b
a2bd43c80adc73ae26472a90ec3bd9df44a5b7d2dafb133b8660efd800c719b1
a57258a3f51dc6ee13ca490ab8e780ed443e5725a650e7f085f1c67325784461
a64e083bdb3ff06c71a5ac92ecadf7a268e26dacf715baae6e84a6a3f3711366
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
aa3b9513abbbf65a2c8483122648fce1b39b1afa2a69bdf863242f1411baba58
b193e73190db64bafdb99e78994418d143e8289717118e54fb1cc55f54f7a712
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
bce483ce05e34af34c91bf765756b9bb814731a1a6dd1bb73fc3a05ec93b5dc6
c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34
c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c46974d8f6030e4888708b18a5d9a32b25eb765a5708896e1899df449d87aab7
c48f9c21ccbc573466085957c360b5e627136d14fff5631227137d75607d1f85
c4c0f74424400fde409113658bc07d218278fa71d0b7950c71171cf429f9fc29
c4d4b028218d4808224a88882415be732a01fbeb23b03fa2b7f334bf915a9984
c95d61a2596b9a902375d13da7d337bad8a029ed5449afddf505db066aa37c64
c9a5d4daa76187b43454c870a4dda657fb81a089da8d74c901b744c6fe598b58
caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a
cb52c9b5c6b4f30eb9580d4414ecd97d408ffb0579fc9792f379da7e9e43221c
cd216bc5cece19866e688ce56e5c5243f32241dfc9cd4045d393f4f111f9333e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0ef936654ba84031c1ef90617069aceaab3dac1dd0912b76ebd449f9a566e55
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3
d345cfd987ee905424e4d3d22a677d2f1a45f2cb0cc6fe213228a63457305625
d570e39b75b89e92bc0d55b390517ced259e0878067404495f96c9e92d71d54c
d61c43c341fce6713ed963afc1d1287e940d4cc98cb24c551586fda3b92efc77
d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa
d779f1e01127fcaeb5a4c26fcc01339f7f2a5f11fa0abaae1aeb6ed8c5dde475
d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dac6e7564f150e93cf152e3a5e9b714f4840907210422d6e5b3899725ec55fa5
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de24551bd4396fc8579b2d87ce01944553dd48fb52775d14373725a50efa0c37
de5e37739b5797e8ba9dba4a2dcb65f37c36a65fe839cb306162e21c74ba166e
e336ff50623cff960c2396944be4392139f63dcc032e5f3428d81489fdfe697a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e618a577f0277d37fa43eaa36bcde1a98e6698356705294205887f6ace5134d7
e74b9cb9d8871d300d2a1d36ce2cd00dfbfe0c5d8066d1d415c4ce620a919d47
e8830a414dfeb4c0e0f519d3419f69849df9226f329357c938333dbf2c956f63
e944e6d1b0904bc0c1298fe828ec727bc6a9b46f0b4799e197a1a2acc46fb685
ee9405da990310d7415895804d6361b00c1a94d8556ab3f35175af64cf9b17c7
efc6b995a3b037727a4c8e7fe1756c192099f9658c4091ee55c61d3ba85e3920
f0d91d794c42b7bd9e2528f42ffe07c8819d002ceb997763d79c74d115c3a5c0
f27f9218959d83895b7422e29a6a86cbd912934868687f92f267dade6751c2db
f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d
f9d9e96c4439beeca49a1a10f9dffe6f5cd0b604d13aa13af170d0bc62d8ca1b
fa5b3b47fc26c97d499f1b708d9f8e069dd2025a85ff3ed9d952037d49f3b5b8
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fe211d4793b0750c00caa91f8306bbe59e26e0d5d02b3bf3e0d687d5deb81a7b
fe93939200848242cd5fc5450d5e39d22048d6fb1b88ad1cb471cbe0006a78d4

arstechnica.com Open in urlscan Pro 18.119.39.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

187 Requests

95 %HTTPS

21 %IPv6

36 Domains

64 Subdomains

57 IPs

7 Countries

4612 kBTransfer

10956 kBSize

22 Cookies

69 Outgoing links

Page URL History

Redirected requests

187 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

arstechnica.com Open in urlscan Pro
18.119.39.54 Public Scan

Screenshot
Live screenshot

Full Image

187
Requests

95 %
HTTPS

21 %
IPv6

36
Domains

64
Subdomains

57
IPs

7
Countries

4612 kB
Transfer

10956 kB
Size

22
Cookies

187 HTTP transactions
10 data transactions