arstechnica.com Open in urlscan Pro
3.12.231.112 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/#comments
Effective URL:
https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Submission: On November 28 via manual (November 28th 2024, 3:03:24 am UTC) from GB — Scanned from GB

Summary HTTP 205 Redirects Links 25 Behaviour Indicators

Summary

This website contacted 50 IPs in 5 countries across 31 domains to perform 205 HTTP transactions. The main IP is 3.12.231.112, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is arstechnica.com. The Cisco Umbrella rank of the primary domain is 46191.
TLS certificate: Issued by Amazon RSA 2048 M02 on August 27th 2024. Valid for: a year.

This is the only time arstechnica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 5	3.12.231.112 3.12.231.112	16509 (AMAZON-02) (AMAZON-02)
10	2606:4700::68... 2606:4700::6812:562a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
57	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2600:9000:225... 2600:9000:225e:2e00:17:b7d9:a700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.91 151.101.65.91	54113 (FASTLY) (FASTLY)
2	2606:4700:440... 2606:4700:4400::6812:2089	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
12	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
3	2606:4700::68... 2606:4700::6812:186f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
2	35.201.67.47 35.201.67.47	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
3	18.173.205.99 18.173.205.99	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE Criteo Technology SAS)
3	2600:9000:21f... 2600:9000:21f3:b800:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:230d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	108.138.3.93 108.138.3.93	16509 (AMAZON-02) (AMAZON-02)
2	108.138.7.116 108.138.7.116	16509 (AMAZON-02) (AMAZON-02)
1	44.236.234.50 44.236.234.50	16509 (AMAZON-02) (AMAZON-02)
1 2	18.244.18.27 18.244.18.27	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.51 18.66.102.51	16509 (AMAZON-02) (AMAZON-02)
5	44.213.38.227 44.213.38.227	14618 (AMAZON-AES) (AMAZON-AES)
1	65.9.66.76 65.9.66.76	16509 (AMAZON-02) (AMAZON-02)
2	185.199.108.154 185.199.108.154	54113 (FASTLY) (FASTLY)
1	3.160.150.105 3.160.150.105	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:7... 2600:1901:0:767b::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	13.33.187.74 13.33.187.74	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.9 65.9.66.9	16509 (AMAZON-02) (AMAZON-02)
1	35.241.9.51 35.241.9.51	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	13.32.27.78 13.32.27.78	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::ac40:98f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
1	52.73.123.163 52.73.123.163	14618 (AMAZON-AES) (AMAZON-AES)
2	34.107.161.9 34.107.161.9	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	13.32.99.59 13.32.99.59	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	52.222.236.34 52.222.236.34	16509 (AMAZON-02) (AMAZON-02)
39	23.75.64.232 23.75.64.232	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3	3.160.156.42 3.160.156.42	16509 (AMAZON-02) (AMAZON-02)
5	18.66.147.111 18.66.147.111	16509 (AMAZON-02) (AMAZON-02)
1	199.232.215.52 199.232.215.52	54113 (FASTLY) (FASTLY)
1	141.226.228.48 141.226.228.48	() ()
205	50

5 3.12.231.112 (Columbus, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-231-112.us-east-2.compute.amazonaws.com

arstechnica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700::6812:562a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

57 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.arstechnica.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:225e:2e00:17:b7d9:a700:93a1 (United States)

ASN16509 (AMAZON-02, US)

ads-static.conde.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:2089 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.193.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
beacon.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:186f (United States)

ASN13335 (CLOUDFLARENET, US)

shiverscissors.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
planebasin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.67.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.173.205.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-205-99.fra56.r.cloudfront.net

player.cnevids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:21f3:b800:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:230d (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.138.3.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-3-93.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-116.fra56.r.cloudfront.net

globalservices.conde.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.236.234.50 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-236-234-50.us-west-2.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.244.18.27 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-244-18-27.fra56.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-51.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.213.38.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-38-227.compute-1.amazonaws.com

c.arstechnica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-76.fra56.r.cloudfront.net

config.aps.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.199.108.154 (Hoover, United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-154.github.com

opengraph.githubassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
github.githubassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.160.150.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-105.fra60.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:767b:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

tagging.conde.digital	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.187.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-74.fra60.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-9.fra56.r.cloudfront.net

fpa-cdn.arstechnica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 51.9.241.35.bc.googleusercontent.com

bd1cec50-00d1-4ce9-9572-785857419a1e.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.85 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-78.fra56.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:98f3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.123.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-123-163.compute-1.amazonaws.com

fpa-events.arstechnica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.161.9 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 9.161.107.34.bc.googleusercontent.com

permutive.arstechnica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-59.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.236.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-34.fra56.r.cloudfront.net

player-frontend.cnevids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 23.75.64.232 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-64-232.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.160.156.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-156-42.fra60.r.cloudfront.net

dwgyu36up6iuz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.147.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-111.fra60.r.cloudfront.net

dp8hsntg6do36.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.215.52 (United States)

ASN54113 (FASTLY, US)

apv-launcher.minute.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (None, )

ASN- ()

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	arstechnica.net cdn.arstechnica.net — Cisco Umbrella Rank: 59939	2 MB
39	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 953	27 KB
15	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 934 trc.taboola.com — Cisco Umbrella Rank: 763 beacon.taboola.com — Cisco Umbrella Rank: 2035 am-trc-events.taboola.com	465 KB
14	arstechnica.com 2 redirects arstechnica.com — Cisco Umbrella Rank: 46191 c.arstechnica.com — Cisco Umbrella Rank: 83883 fpa-cdn.arstechnica.com — Cisco Umbrella Rank: 168213 fpa-events.arstechnica.com — Cisco Umbrella Rank: 97923 permutive.arstechnica.com — Cisco Umbrella Rank: 96397	124 KB
10	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 329	299 KB
8	cloudfront.net dwgyu36up6iuz.cloudfront.net dp8hsntg6do36.cloudfront.net	760 KB
6	cnevids.com player.cnevids.com — Cisco Umbrella Rank: 25917 player-frontend.cnevids.com — Cisco Umbrella Rank: 31560	360 KB
6	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 5442 r.skimresources.com — Cisco Umbrella Rank: 5291 t.skimresources.com — Cisco Umbrella Rank: 5602 p.skimresources.com — Cisco Umbrella Rank: 6773	16 KB
6	conde.digital ads-static.conde.digital — Cisco Umbrella Rank: 24230 globalservices.conde.digital — Cisco Umbrella Rank: 27700 tagging.conde.digital — Cisco Umbrella Rank: 24431	176 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 2787 launchpad.privacymanager.io — Cisco Umbrella Rank: 2323 geo.privacymanager.io — Cisco Umbrella Rank: 2054	39 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 347 config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 687	90 KB
4	adsafeprotected.com static.adsafeprotected.com — Cisco Umbrella Rank: 639 pixel.adsafeprotected.com — Cisco Umbrella Rank: 680	15 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 506	183 KB
2	planebasin.com planebasin.com — Cisco Umbrella Rank: 70750	846 B
2	githubassets.com opengraph.githubassets.com — Cisco Umbrella Rank: 104351 github.githubassets.com — Cisco Umbrella Rank: 9764	108 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 888 script.hotjar.com — Cisco Umbrella Rank: 1185	61 KB
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 186	6 KB
2	permutive.app cdn.permutive.app — Cisco Umbrella Rank: 7433	314 KB
2	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218	152 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	249 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 514	548 B
1	minute.ly apv-launcher.minute.ly — Cisco Umbrella Rank: 5925	971 B
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110	15 KB
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	61 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 373	17 KB
1	parsely.com p1.parsely.com — Cisco Umbrella Rank: 2508	259 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 281	698 B
1	prmutv.co bd1cec50-00d1-4ce9-9572-785857419a1e.prmutv.co — Cisco Umbrella Rank: 36142	384 B
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 450	728 B
1	shiverscissors.com shiverscissors.com — Cisco Umbrella Rank: 141125	24 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 332	33 KB
205	31

	Domain	Requested by
57	cdn.arstechnica.net	arstechnica.com cdn.arstechnica.net
39	ct.pinterest.com	arstechnica.com
10	cdn.cookielaw.org	arstechnica.com cdn.cookielaw.org
6	beacon.taboola.com	cdn.taboola.com
6	cdn.taboola.com	arstechnica.com cdn.taboola.com
5	dp8hsntg6do36.cloudfront.net	arstechnica.com player-frontend.cnevids.com
5	c.arstechnica.com	globalservices.conde.digital
5	arstechnica.com	2 redirects arstechnica.com cdn.arstechnica.net
3	dwgyu36up6iuz.cloudfront.net	arstechnica.com player-frontend.cnevids.com
3	player-frontend.cnevids.com	player.cnevids.com player-frontend.cnevids.com
3	imasdk.googleapis.com	player.cnevids.com imasdk.googleapis.com
3	c.amazon-adsystem.com	ads-static.conde.digital c.amazon-adsystem.com
3	static.adsafeprotected.com	ads-static.conde.digital arstechnica.com player.cnevids.com
3	player.cnevids.com	arstechnica.com player.cnevids.com
3	ads-static.conde.digital	arstechnica.com ads-static.conde.digital
2	trc.taboola.com	cdn.taboola.com
2	planebasin.com	shiverscissors.com
2	geo.privacymanager.io	launchpad.privacymanager.io
2	permutive.arstechnica.com	cdn.permutive.app
2	sb.scorecardresearch.com	1 redirects arstechnica.com
2	globalservices.conde.digital	cdn.arstechnica.net globalservices.conde.digital
2	cdn.permutive.app	ads-static.conde.digital cdn.permutive.app
2	securepubads.g.doubleclick.net	www.googletagservices.com imasdk.googleapis.com
2	p.skimresources.com	arstechnica.com
2	t.skimresources.com	arstechnica.com s.skimresources.com
2	www.googletagmanager.com	arstechnica.com www.googletagmanager.com
2	geolocation.onetrust.com	cdn.cookielaw.org
1	am-trc-events.taboola.com	cdn.taboola.com
1	apv-launcher.minute.ly	cdn.taboola.com
1	pagead2.googlesyndication.com	imasdk.googleapis.com
1	connect.facebook.net	player-frontend.cnevids.com
1	s0.2mdn.net	imasdk.googleapis.com
1	fpa-events.arstechnica.com	arstechnica.com
1	p1.parsely.com	arstechnica.com
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	ib.adnxs.com	cdn.permutive.app
1	bd1cec50-00d1-4ce9-9572-785857419a1e.prmutv.co	cdn.permutive.app
1	fpa-cdn.arstechnica.com	cdn.cookielaw.org
1	script.hotjar.com	static.hotjar.com
1	tagging.conde.digital	www.googletagmanager.com
1	launchpad-wrapper.privacymanager.io	arstechnica.com
1	github.githubassets.com	arstechnica.com
1	opengraph.githubassets.com	arstechnica.com
1	config.aps.amazon-adsystem.com	c.amazon-adsystem.com
1	static.hotjar.com	arstechnica.com
1	pixel.adsafeprotected.com	static.adsafeprotected.com
1	gum.criteo.com	cdn.taboola.com
1	r.skimresources.com	s.skimresources.com
1	shiverscissors.com	arstechnica.com
1	s.skimresources.com	arstechnica.com
1	www.googletagservices.com	arstechnica.com
205	51

This site contains links to these domains. Also see Links.

Domain
cdn.arstechnica.net
www.welivesecurity.com
en.wikipedia.org
www.arstechnica.com
docs.microsoft.com
infosec.exchange
bsky.app
popup.taboola.com
globalvisitclub.com
www.autoexpress.co.uk
www.brightlifedaily.com
track.constant-track.com
twitter.com
mastodon.social
www.facebook.com
www.youtube.com
www.instagram.com
www.condenast.com
www.aboutads.info

Subject Issuer	Validity	Valid
*.arstechnica.com Amazon RSA 2048 M02	`2024-08-27` - `2025-09-24`	a year	crt.sh
cookielaw.org WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2024-11-12` - `2025-12-14`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
ads-static.conde.digital Amazon RSA 2048 M03	`2024-02-18` - `2025-03-19`	a year	crt.sh
*.skimresources.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-01` - `2024-12-31`	6 months	crt.sh
geolocation.onetrust.com WE1	`2024-10-11` - `2025-01-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
shiverscissors.com WE1	`2024-11-14` - `2025-02-12`	3 months	crt.sh
skimresources.com WR3	`2024-11-16` - `2025-02-14`	3 months	crt.sh
*.cnevids.com Amazon RSA 2048 M03	`2024-08-01` - `2025-08-29`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-24` - `2024-12-25`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2024-04-25` - `2025-05-24`	a year	crt.sh
permutive.app WE1	`2024-11-25` - `2025-02-23`	3 months	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M03	`2024-11-19` - `2025-12-18`	a year	crt.sh
globalservices.conde.digital Amazon RSA 2048 M03	`2024-05-19` - `2025-06-17`	a year	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2024-02-28` - `2025-03-29`	a year	crt.sh
*.hotjar.com Amazon RSA 2048 M03	`2024-05-22` - `2025-06-20`	a year	crt.sh
c.admagazine.com Amazon RSA 2048 M03	`2024-07-29` - `2025-08-27`	a year	crt.sh
config.aps.amazon-adsystem.com Amazon RSA 2048 M02	`2024-01-21` - `2025-02-19`	a year	crt.sh
*.githubassets.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-24` - `2025-09-24`	a year	crt.sh
*.privacymanager.io Amazon RSA 2048 M03	`2024-06-26` - `2025-07-24`	a year	crt.sh
tagging.conde.digital WR3	`2024-11-11` - `2025-02-09`	3 months	crt.sh
fpa-events.arstechnica.com Amazon RSA 2048 M03	`2024-02-25` - `2025-03-24`	a year	crt.sh
*.prmutv.co E5	`2024-11-13` - `2025-02-11`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh
*.parsely.com R11	`2024-11-04` - `2025-02-02`	3 months	crt.sh
a.api.permutive.app R11	`2024-10-19` - `2025-01-17`	3 months	crt.sh
planebasin.com WE1	`2024-11-14` - `2025-02-12`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-02` - `2025-08-07`	a year	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-06` - `2024-12-05`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.minute.ly R11	`2024-11-13` - `2025-02-11`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Frame ID: 052B2E04C7B7A4962EC9F04918926DCF
Requests: 140 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.34609018840993366
Frame ID: 0D5FF895943C0DB9A7043181D7A41188
Requests: 1 HTTP requests in this frame

Frame: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Frame ID: 0AAF9FFEE7AEBF4A92E2B425ABBE1A86
Requests: 38 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: 2E2BED0945DD9258EC1FBDCFDD4894B8
Requests: 1 HTTP requests in this frame

Frame: https://cdn.permutive.app/topics.html
Frame ID: DA47C94859B6802317CA846996AC89A7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 6F8C6EA973C3CC66879C616F0A1AFB64
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html?gdpr=1
Frame ID: 4AD3B23BF8A8514B0A5641CA78C31617
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D678E7887D35AF64FC10BD113426B980
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Frame ID: C79BF792BC18B5D4323287F29451AD17
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Found in the wild: The world’s first unkillable UEFI bootkit for Linux - Ars Technica

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

XenForo (Message Boards) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

205
Requests

96 %
HTTPS

27 %
IPv6

31
Domains

51
Subdomains

50
IPs

5
Countries

5279 kB
Transfer

16373 kB
Size

23
Cookies

25 Outgoing links

These are links going to different origins than the main page.

URL: https://cdn.arstechnica.net/wp-content/uploads/2022/07/chip-based-rootkit.jpeg

Search URL Search Domain Scan URL

URL: https://www.welivesecurity.com/en/eset-research/bootkitty-analyzing-first-uefi-bootkit-linux/
Title: wrote

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Unified_Extensible_Firmware_Interface
Title: Unified Extensible Firmware Interface

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/how-lighting-design-in-the-callisto-protocol-elevates-the-horror
Title: How Lighting Design In The Callisto Protocol Elevates The Horror

Search URL Search Domain Scan URL

URL: https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-secure-boot
Title: UEFI Secure Boot

Search URL Search Domain Scan URL

URL: https://infosec.exchange/@dangoodin
Title: here

Search URL Search Domain Scan URL

URL: https://bsky.app/profile/dangoodin.bsky.social
Title: here

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=condenast-arstechnica&utm_medium=referral&utm_content=thumbnails-a-6x1:Below%20Article%20Thumbnails%20-%20AT:
Title: by Taboola

Search URL Search Domain Scan URL

URL: https://globalvisitclub.com/cf/r/66bfa689dbb14f001231d4fa?click_id=GiCDJx4brPRhcqTwT30_idL_QGL5-NC7_C99QgergcLSKSD_8Gcot9b1xN3NmoRjMNTtXA&site=condenast-arstechnica&site_id=1521364&title=Find+High-Paying+Security+Guard+Jobs+Near+You+%E2%80%93+Apply+for+Immediate+Openings%21&platform=Desktop&campaign_id=41797092&campaign_item_id=3999555391&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2FGETTY_IMAGES%2FSKP%2F1618446911__3IeRbvya.jpg&camp_name=Security+Guard+jobs+-+TopTip+-+17+August+-+US%2FCA%2FUK%2FAU&tblci=GiCDJx4brPRhcqTwT30_idL_QGL5-NC7_C99QgergcLSKSD_8Gcot9b1xN3NmoRjMNTtXA#tblciGiCDJx4brPRhcqTwT30_idL_QGL5-NC7_C99QgergcLSKSD_8Gcot9b1xN3NmoRjMNTtXA

Search URL Search Domain Scan URL

URL: https://www.autoexpress.co.uk/best-cars-vans/359461/best-new-cars-coming-soon?utm_source=taboola&utm_medium=cpc&utm_campaign=TBAEXBestNewCars20242025AndBeyond&utm_content=condenast-arstechnica&tblci=GiCDJx4brPRhcqTwT30_idL_QGL5-NC7_C99QgergcLSKSCRuD0o-7KAx--y8KnDATDU7Vw#tblciGiCDJx4brPRhcqTwT30_idL_QGL5-NC7_C99QgergcLSKSCRuD0o-7KAx--y8KnDATDU7Vw

Search URL Search Domain Scan URL

URL: https://www.brightlifedaily.com/lander/uk/homevalue/en-102/?subid1=condenast-arstechnica&subid2=42806838&subid3=4060246799&adtitle=Unbelievable%3A+Calculator+Shows+The+Value+Of+Your+House+Instantly+%28Take+a+Look%29&tbclickid=GiCDJx4brPRhcqTwT30_idL_QGL5-NC7_C99QgergcLSKSDCqWIotuuN45-H66LyATDU7Vw#tblciGiCDJx4brPRhcqTwT30_idL_QGL5-NC7_C99QgergcLSKSDCqWIotuuN45-H66LyATDU7Vw

Search URL Search Domain Scan URL

URL: https://track.constant-track.com/6d00f39b-1464-496b-bfca-d24b009bcb23?site=condenast-arstechnica&title=Say+Goodbye+To+Expensive+Solar+Panels+And+Hello+To+The+3000W+Solar+Generator%21&site_id=1521364&platform=Desktop&campaign_id=43245124&campaign_item_id=4068965657&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F9f68992d3cbb717f5ffd841515bbc37d.jpg&hl={hl}&click_id=GiCDJx4brPRhcqTwT30_idL_QGL5-NC7_C99QgergcLSKSC0s14otfmHp8_ft_STATDU7Vw&tblci=GiCDJx4brPRhcqTwT30_idL_QGL5-NC7_C99QgergcLSKSC0s14otfmHp8_ft_STATDU7Vw#tblciGiCDJx4brPRhcqTwT30_idL_QGL5-NC7_C99QgergcLSKSC0s14otfmHp8_ft_STATDU7Vw

Search URL Search Domain Scan URL

URL: https://globalvisitclub.com/cf/r/668a7c2dfdd6430012343f00?click_id=GiCDJx4brPRhcqTwT30_idL_QGL5-NC7_C99QgergcLSKSD_8Gco_8qBosTwi9_jATDU7Vw&site=condenast-arstechnica&site_id=1521364&title=Affordable+Roofing+Services+%E2%80%93+Expert+Repairs+and+Installations+for+Your+Home&platform=Desktop&campaign_id=41206770&campaign_item_id=3964933664&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fd47ce6b4b79c16e2ccf623beef4e17d8.jpg&camp_name=Roofing+Services+-+Rsoc+-+toptip+-+US%2FUK%2FAU%2FCA&tblci=GiCDJx4brPRhcqTwT30_idL_QGL5-NC7_C99QgergcLSKSD_8Gco_8qBosTwi9_jATDU7Vw#tblciGiCDJx4brPRhcqTwT30_idL_QGL5-NC7_C99QgergcLSKSD_8Gco_8qBosTwi9_jATDU7Vw

Search URL Search Domain Scan URL

URL: https://track.constant-track.com/3ac8d3d9-1ce6-4bb9-a116-71c8b707410f?site=condenast-arstechnica&title=Unsold+Garden+Offices+With+Toilet+And+Kitchen+Are+Selling+For+Almost+Nothing%21&site_id=1521364&platform=Desktop&campaign_id=30526827&campaign_item_id=3958341357&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F165540d61bcebb14e4411f0d1946000b.png&click_id=GiCDJx4brPRhcqTwT30_idL_QGL5-NC7_C99QgergcLSKSC3xF4o9dW6sd73pvDpATDU7Vw&tblci=GiCDJx4brPRhcqTwT30_idL_QGL5-NC7_C99QgergcLSKSC3xF4o9dW6sd73pvDpATDU7Vw#tblciGiCDJx4brPRhcqTwT30_idL_QGL5-NC7_C99QgergcLSKSC3xF4o9dW6sd73pvDpATDU7Vw

Search URL Search Domain Scan URL

URL: https://twitter.com/arstechnica

Search URL Search Domain Scan URL

URL: https://mastodon.social/@arstechnica

Search URL Search Domain Scan URL

URL: https://www.facebook.com/arstechnica

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@arstechnica

Search URL Search Domain Scan URL

URL: https://www.instagram.com/arstechnica/

Search URL Search Domain Scan URL

URL: https://www.condenast.com/brands/ars-technica
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://www.condenast.com/user-agreement/
Title: User Agreement

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy/
Title: Privacy Policy and Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy/#california
Title: Your California Privacy Rights

Search URL Search Domain Scan URL

URL: https://www.aboutads.info/
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy
Title: More information about your privacy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://arstechnica.com/wp-content/uploads/2018/10/Dang.jpg HTTP 301
https://cdn.arstechnica.net/wp-content/uploads/2018/10/Dang.jpg

Request Chain 38

https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/unread?in_iframe=1&theme=system&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9& HTTP 303
https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9

Request Chain 58

https://sb.scorecardresearch.com/cs/6035094/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

205 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/ 129 KB
36 KB 479ms
237ms Document
text/html 3.12.231.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.12.231.112 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-12-231-112.us-east-2.compute.amazonaws.com

Software

nginx/1.25.5 / PHP/8.3.14

Resource Hash

15ac34264bc55502a642a382f4acf37ce04b9e67aa68fad6cf361ba0c0685af8

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Thu, 28 Nov 2024 03:03:16 GMT
server: nginx/1.25.5
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.3.14
x-xss-protection: 1; mode=block

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 22 KB
8 KB 101ms
36ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ade920fd5b00cd298aae7978673a9a64d0bb3fa593d23e91994ec6b6723ebace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-md5: Vo/d0f3ZefkwyML/PnJnjg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD0DEC63276C13
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 84295
x-content-type-options: nosniff
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: application/javascript
last-modified: Tue, 26 Nov 2024 07:31:48 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: b1053c31-601e-003e-497d-4025ab000000
cf-ray: 8e971fbc3edf63dd-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7212
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 102ms
38ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-md5: ERttG9+iQk1LCPjR495NRw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 37451
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: application/javascript
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 04c888cf-401e-0022-13d8-2efdbc000000
cf-ray: 8e971fbc3ee063dd-LHR
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 facets-styles.css
cdn.arstechnica.net/wp-content/plugins/_composer_elasticpress/dist/css/ 5 KB
2 KB 116ms
26ms Stylesheet
text/css 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/plugins/_composer_elasticpress/dist/css/facets-styles.css?ver=7d568203f3965dc85d8a
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: e6e49883534bf2c5d17497b4b3e93d5ac8381526e670d6e620018dadf85b90ea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"6542941c-14d8"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 32587.230
content-type: text/css
x-cf-reqid: 672413653d7615f86edb6d09eb2e1adc
last-modified: Wed, 01 Nov 2023 18:08:28 GMT
x-cff: B
cf4age: 10612
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1245
x-cf-tsc: 1727882459
server: CFS 1124

GET
H2 200 highlighting-styles.css
cdn.arstechnica.net/wp-content/plugins/_composer_elasticpress/dist/css/ 78 B
378 B 116ms
27ms Stylesheet
text/css 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/plugins/_composer_elasticpress/dist/css/highlighting-styles.css?ver=252562c4ed9241547293
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 772dbcb7cbff1887e1f6c468b8060ad874e61f66de0c9b3a9016f8985800b69c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "63864dd0-4e"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 32587.223
content-type: text/css
x-cf-reqid: b7c89bd3abda7187204b17e3c4cb2c36
last-modified: Tue, 29 Nov 2022 18:22:08 GMT
x-cff: B
cf4age: 10612
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78
x-cf-tsc: 1727882459
server: CFS 1124

GET
H2 200 app.eec9eb.css
cdn.arstechnica.net/wp-content/themes/ars-v9/public/css/ 121 KB
22 KB 115ms
27ms Stylesheet
text/css 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/css/app.eec9eb.css
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: f66b92f7bc6a3c2099f3eae5d65db57dff8da16344fb1d832e3faf39cf08ef8c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673c9c9c-1e218"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 43199.363
content-type: text/css
x-cf-reqid: c84e4035d8721898aeea36776a320f58
last-modified: Tue, 19 Nov 2024 14:11:40 GMT
x-cff: B
cf4age: 0
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21704
x-cf-tsc: 1732064075
server: CFS 1124

GET
H2 200 ads.872a06.css
cdn.arstechnica.net/wp-content/themes/ars-v9/public/css/ 3 KB
1 KB 113ms
25ms Stylesheet
text/css 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/css/ads.872a06.css
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: f3f3f4017626163bf8fab984f3ac956b33ff6191863229ce8dc52f61b39e1050

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"67229f4e-a24"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 15366.756
content-type: text/css
x-cf-reqid: 4b73e7d6fce5d521da5eb8420c292231
last-modified: Wed, 30 Oct 2024 21:04:14 GMT
x-cff: B
cf4age: 27833
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 899
x-cf-tsc: 1730365499
server: CFS 1124

GET
H2 200 jquery-3.7.1.min.js Show response
cdn.arstechnica.net/wp-content/themes/ars-v9/resources/scripts/ 85 KB
34 KB 116ms
28ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars-v9/resources/scripts/jquery-3.7.1.min.js?ver=3.7.1
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"66fd099e-155ed"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 32586.969
content-type: application/javascript
x-cf-reqid: 16c79277b22596f0e5416c9747f0f8e4
last-modified: Wed, 02 Oct 2024 08:51:42 GMT
x-cff: B
cf4age: 10613
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34244
x-cf-tsc: 1727882459
server: CFS 1124

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 107 KB
33 KB 150ms
54ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6395ab128b457a9faf3d181ae654df2a19793f73e581e972afe2de7e03bc92df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: br
etag: 280 / 20055 / m202411180101 / config-hash: 2173145291705866055
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 03:03:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 33390
x-xss-protection: 0
server: cafe

GET
H2 200 ars-technica.min.js Show response
ads-static.conde.digital/production/cns/builds/ars-technica/ 149 KB
44 KB 173ms
37ms Script
application/javascript 2600:9000:225e:2e00:17:b7d9:a700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-static.conde.digital/production/cns/builds/ars-technica/ars-technica.min.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:2e00:17:b7d9:a700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24f4b1d2ff04ee7e55a032fd068a02558dc2efcfff85de3466e8cd3f4a8c24bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=900, stale-while-revalidate=3600, stale-if-error=86400
content-encoding: br
x-amz-version-id: bjBdNVZIWo4LwVOsOYE0rZHQnLLEQrqh
etag: W/"ee04a79f9a0704741afa0c308a1de616"
age: 599
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: sFJ_DwY9RDhN6GvPy2RzjzEuicX5vwkJVdZrWXbS4bU1Zp0pyHQEYA==
date: Thu, 28 Nov 2024 02:53:46 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 14:06:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256

GET
H2 200 chip-based-rootkit-300x200.jpeg
cdn.arstechnica.net/wp-content/uploads/2022/07/ 20 KB
20 KB 160ms
72ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2022/07/chip-based-rootkit-300x200.jpeg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: d99c59e796fa0696449398d384fa95ef44f3a34cd583a935180fe9ea0838d1a1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "6c8864c210d2525ce7074a6cb389e8ce"
x-amz-version-id: YEpBw..rDi00DpZz2j_.XMpsMEu_2FM0
x-cf2: H
x-cf1: 14961:fT.lon1:co:1658844290:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 43200.000
content-type: image/jpeg
x-cff: B
last-modified: Wed, 02 Oct 2024 15:12:07 GMT
x-amz-id-2: j2gFopAmarbEnQOmzXiJEhcH7YMkHuYoklPt/EighLzJsoJCX7i3NNLeSIN93J2sP9JOJUXJJ4k=
x-cf-reqid: 7097a25ddd1a3c9225f8de16d4090203
x-amz-replication-status: COMPLETED
cf4age: 0
x-cf3: M
x-amz-request-id: HVKBPJDHT7CNTSA3
accept-ranges: bytes
access-control-allow-origin: *
content-length: 20400
x-cf-tsc: 1732735306
server: CFS 1124
x-amz-server-side-encryption: AES256

GET
H2 200 chip-based-rootkit-1000x648.jpeg
cdn.arstechnica.net/wp-content/uploads/2022/07/ 126 KB
127 KB 137ms
50ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2022/07/chip-based-rootkit-1000x648.jpeg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 2e810b5d45456b3a4584ae9ce491d1e5721bf697dca92c3407c126e7575e54c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "e15f1dcd042f5e3052e2b869b912413e"
x-amz-version-id: odBEQe7b0p7IGyzwbBpyN_ATOhoYzvAe
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 43200.000
content-type: image/jpeg
x-cff: B
last-modified: Wed, 02 Oct 2024 15:12:07 GMT
x-amz-id-2: SfmJ+YtCw7Lfvtjb1NukVpHhcDbjgZeHmlXiRmuLAgnqNesd1gdg2+XbxtQmkQPsZ9M5MSuZdo0=
x-cf-reqid: 6794b45b2184618e9a0c63455f07c0e5
x-amz-replication-status: COMPLETED
cf4age: 0
x-cf3: M
x-amz-request-id: CQW3FPT76BS1TPY2
accept-ranges: bytes
access-control-allow-origin: *
content-length: 128926
x-cf-tsc: 1732499746
server: CFS 1124
x-amz-server-side-encryption: AES256

GET
H2

200

Dang.jpg
cdn.arstechnica.net/wp-content/uploads/2018/10/
Redirect Chain

https://arstechnica.com/wp-content/uploads/2018/10/Dang.jpg
https://cdn.arstechnica.net/wp-content/uploads/2018/10/Dang.jpg

90 KB
91 KB

33ms
33ms

Image
image/jpeg

205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2018/10/Dang.jpg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "03e5fec9e7ca5f8064d945bd791bd4c3"
x-amz-version-id: null
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 36298.691
content-type: image/jpeg
x-cff: B
last-modified: Sat, 21 Dec 2019 01:48:48 GMT
x-amz-id-2: wlGcGatN2IhnLGOdbgPcHT2NyOV+h6y+t3MLHZsk6ZrDaJjYb35sVIPE8vr0xATS9ql/UAj1oVA=
x-cf-reqid: 3a2d61418804b8fd6a38e747dc517aa6
cf4age: 26605197
x-cf3: H
x-amz-request-id: CHENVSNA2FXBBA1N
accept-ranges: bytes
access-control-allow-origin: *
content-length: 92486
x-cf-tsc: 1729114966
server: CFS 1124

Redirect headers

location: https://cdn.arstechnica.net:443/wp-content/uploads/2018/10/Dang.jpg
content-length: 134
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: text/html
server: awselb/2.0

GET
H2 200 firework-loader.75ab30.gif
arstechnica.com/wp-content/themes/ars-v9/public/images/ 2 KB
3 KB 129ms
124ms Image
image/gif 3.12.231.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://arstechnica.com/wp-content/themes/ars-v9/public/images/firework-loader.75ab30.gif

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.12.231.112 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-12-231-112.us-east-2.compute.amazonaws.com

Software

nginx/1.25.5 /

Resource Hash

c7de05106ddaf060dd7f667c1b31d2318d0ef6727ac95872cbcaeb788961cf1b

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/

Response headers

content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
etag: "67446f24-972"
x-content-type-options: nosniff
accept-ranges: bytes
content-length: 2418
x-xss-protection: 1; mode=block
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: image/gif
last-modified: Mon, 25 Nov 2024 12:35:48 GMT
server: nginx/1.25.5
x-frame-options: SAMEORIGIN

GET
H2 200 100098X1555750.skimlinks.js Show response
s.skimresources.com/js/ 39 KB
15 KB 117ms
33ms Script
text/javascript 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Skimlinks V9.0 /
Resource Hash: beceddcf01a352e1f352a8551cb8cf96357cc63c4be19588c1d0f2ef0dd46fd3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

cache-control: public, max-age=3600
content-encoding: gzip
x-amz-version-id: oTQ6qTtU1OKhpL2h8pT9arDNzYBUCcPn
etag: "fd00a579e065369804bd56ee509580f3"
accept-ranges: bytes
x-cache: HIT
p3p: policyref="https://s.skimresources.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 15059
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: text/javascript
x-served-by: cache-lhr-egll1980040-LHR
server: Skimlinks V9.0
x-cache-hits: 1
vary: Accept-Encoding

GET
H2 200 main-1-0-4.js Show response
cdn.arstechnica.net/wp-content/mu-plugins/ars-snowplow/ars-snowplow-js/dist/ 123 KB
44 KB 28ms
24ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/mu-plugins/ars-snowplow/ars-snowplow-js/dist/main-1-0-4.js?ver=1.0.4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 37b8a9d44db101c3da81f2ab84efa20585268846a952ad2da7f20d92a129e2c2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"66fdd574-1eded"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 43196.750
content-type: application/javascript
x-cf-reqid: f2670f140ffcf9c34c5c8904d331b7af
last-modified: Wed, 02 Oct 2024 23:21:24 GMT
x-cff: B
cf4age: 3
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44304
x-cf-tsc: 1727925677
server: CFS 1124

GET
H2 200 iframe-resizer.parent.js Show response
cdn.arstechnica.net/wp-content/plugins/article-forum-connect/public/js/ 16 KB
8 KB 35ms
31ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/plugins/article-forum-connect/public/js/iframe-resizer.parent.js?ver=5.3.1
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 3d95eb8eb17aa8742eaa4cd7377f7557090200e026e8630ab99480bd6add07e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"670063fe-40ea"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 43199.738
content-type: application/javascript
x-cf-reqid: 308126c52f1409e65ea999345b9ef0ac
last-modified: Fri, 04 Oct 2024 21:54:06 GMT
x-cff: B
cf4age: 0
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7368
x-cf-tsc: 1728121368
server: CFS 1124

GET
H2 200 iframe.js Show response
cdn.arstechnica.net/wp-content/plugins/article-forum-connect/public/js/ 6 KB
2 KB 30ms
26ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/plugins/article-forum-connect/public/js/iframe.js?ver=1.2.4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 3faef86389800bee05434bc130ec8161138e926144ccbc56135b90a910c3795a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"670413fe-19ba"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 43198.105
content-type: application/javascript
x-cf-reqid: cb98fda5aa961664a264e6d29d294739
last-modified: Mon, 07 Oct 2024 17:01:50 GMT
x-cff: B
cf4age: 1
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1844
x-cf-tsc: 1728338733
server: CFS 1124

GET
H2 200 app.2f0f0b.js Show response
cdn.arstechnica.net/wp-content/themes/ars-v9/public/js/ 175 KB
64 KB 31ms
27ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/js/app.2f0f0b.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 99b08e01cd8b41f8fe8e51014e31c386f919dc8df226ef3c582ee245f396ecda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"67446f24-2bd62"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 43197.633
content-type: application/javascript
x-cf-reqid: a9c5e293c2120af9747c628c761166b5
last-modified: Mon, 25 Nov 2024 12:35:48 GMT
x-cff: B
cf4age: 2
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 64642
x-cf-tsc: 1732560256
server: CFS 1124

GET
H2 200 ads.b1f8e1.js Show response
cdn.arstechnica.net/wp-content/themes/ars-v9/public/js/ 781 B
1 KB 35ms
32ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/js/ads.b1f8e1.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: a01326fde0625b5a7c0f515ae98407632b8bf2b4d2efa428fdb0f7c3a80bb34a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "67214afc-30d"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 43200.000
content-type: application/javascript
x-cf-reqid: c61f0bb2cca380e29a3676fa1d1bb769
last-modified: Tue, 29 Oct 2024 20:52:12 GMT
x-cff: B
cf4age: 0
x-cf3: M
accept-ranges: bytes
access-control-allow-origin: *
content-length: 781
x-cf-tsc: 1730235892
server: CFS 1124

GET
H2 200 stats.ce8765.js Show response
cdn.arstechnica.net/wp-content/themes/ars-v9/public/js/ 1017 B
850 B 35ms
32ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/js/stats.ce8765.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: a55bcb87fe4e12a61f816468b8f57073d37dac04a05762a1fa4599fdf252ac35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"67214afc-3f9"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 43181.992
content-type: application/javascript
x-cf-reqid: 0ee6dc68788d0ace8e63e25d28fed16f
last-modified: Tue, 29 Oct 2024 20:52:12 GMT
x-cff: B
cf4age: 18
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 523
x-cf-tsc: 1730235892
server: CFS 1124

GET
H2 200 b10882a1-8446-4e7d-bfb2-ce2c770ad910.json Show response
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/ 8 KB
3 KB 83ms
39ms XHR
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/b10882a1-8446-4e7d-bfb2-ce2c770ad910.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5e7cefd0a4fbf42448c25f351f13cd64a429efd6bf8f074b198cf332dd55c87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-md5: 5g0EvspMRvX/MrwHdjiBIQ==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCF764370AD055
age: 28064
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 29 Nov 2024 03:03:17 GMT
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: application/json
last-modified: Mon, 28 Oct 2024 15:21:37 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 33404e40-301e-002d-2137-40104a000000
cf-ray: 8e971fbcccaced0a-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2170
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 68 B
244 B 115ms
56ms Script
text/javascript 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b641e3907f528c4946b19730d7449573bac9190f6ef28b6553aaa62c3de5ee45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 8e971fbd198545a1-LHR
content-encoding: gzip
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: text/javascript
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 426 KB
128 KB 136ms
49ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37fee29a23c506ccd87223414ff3bd91a8fca9c7d2d0165998aab838bd1fe2cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Thu, 28 Nov 2024 03:03:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 129871
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/condenast1-network/ 1 MB
271 KB 113ms
33ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/condenast1-network/loader.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b60760a2343ac2f519e07d504bb1f626d45e8c4c021da8d9f4e339a6dd42de7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: "32adc4c8572028895b36c57b85612547"
x-amz-version-id: Og_sUKkaE5DY7hQOy11luAK6VZy.tgRr
age: 103
x-cache: HIT
date: Thu, 28 Nov 2024 03:03:17 GMT
last-modified: Tue, 26 Nov 2024 14:51:56 GMT
x-served-by: cache-lhr-egll1980070-LHR
x-cache-hits: 1
content-type: application/javascript; charset=utf-8
x-amz-id-2: DVMMTflRuRL0PcPlBNsXevjd9H0vniyM9WfvhMDKwLzHgMRzvlUxkrdNbore46wX1f+53+1fHsI=
vary: Accept-Encoding
x-amz-replication-status: PENDING
cache-control: private,max-age=14401
x-timer: S1732762997.314574,VS0,VE1
via: 1.1 varnish
x-amz-request-id: DZTTT19X8CQ31GFZ
accept-ranges: bytes
access-control-allow-origin: *
abp: 48
content-length: 276882
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 v2fumwIJOo-LsCB0dlG18VSTW43CpWhUEPJuKeRTzrEQdSPPlMr5GymU Show response
shiverscissors.com/ 67 KB
24 KB 178ms
42ms Script
text/javascript 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shiverscissors.com/v2fumwIJOo-LsCB0dlG18VSTW43CpWhUEPJuKeRTzrEQdSPPlMr5GymU

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1bf07d8389165905aa154b2c6623dec3c29c3558c710358626c68ee2c77623d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: br
cf-cache-status: MISS
etag: W/"bbbff6f3e9d7325d7e78cddffa51e255760760372c912e07ef413164680f0465"
x-buildname: hoothoot
x-hostname: fen-hoothoot-europe-west1-test-wtl1
alt-svc: h3=":443"; ma=86400
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding, Accept-Language
strict-transport-security: max-age=15724800; preload
cache-control: private, must-revalidate, max-age=21600
timing-allow-origin: *
x-datacenter: gce-europe-west1
via: 1.1 google
cf-ray: 8e971fbd897bef58-LHR
x-buildnumber: 1553448542
server: cloudflare

GET
DATA 200
OK truncated
/ 298 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f016d5cc01556ebf392af0925b1a0484bf0433da4cf60ebf929986b5b893095b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 nwpStKy2OAdR1K-IwhWudF-R3w8aZQ.bf9a29.woff2
cdn.arstechnica.net/wp-content/themes/ars-v9/public/fonts/ 24 KB
25 KB 106ms
59ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/fonts/nwpStKy2OAdR1K-IwhWudF-R3w8aZQ.bf9a29.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/css/app.eec9eb.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 684ec8fb1229016bcc13d9a0eac80269777bc28d756ca7a27f6717179094163f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://arstechnica.com
Referer: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/css/app.eec9eb.css

Response headers

etag: "673f744f-6188"
x-cf2: H
x-cf1: 14961:fJ.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 41235.117
content-type: font/woff2
x-cf-reqid: ffc3d96074b3564539b84a825f1bc07c
last-modified: Thu, 21 Nov 2024 17:56:31 GMT
x-cff: B
cf4age: 1964
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24968
x-cf-tsc: 1732249017
server: CFS 0215

GET
H2 200 7cHmv4okm5zmbtYoK-4.a71c5e.woff2
cdn.arstechnica.net/wp-content/themes/ars-v9/public/fonts/ 39 KB
39 KB 108ms
61ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/fonts/7cHmv4okm5zmbtYoK-4.a71c5e.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/css/app.eec9eb.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: d2f675f4572825d07c6bd49d03a2e7db7b58165f8175c0e162a1a1221dede462

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://arstechnica.com
Referer: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/css/app.eec9eb.css

Response headers

etag: "673f744f-9b5c"
x-cf2: H
x-cf1: 14961:fJ.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 40658.230
content-type: font/woff2
x-cf-reqid: 425ed9a97148ce2820e9e5c4f11a5946
last-modified: Thu, 21 Nov 2024 17:56:31 GMT
x-cff: B
cf4age: 2541
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 39772
x-cf-tsc: 1732249017
server: CFS 0215

GET
H2 200 XLYlIZPxYpJfTbZAFV-_Hcw.6df07f.woff2
cdn.arstechnica.net/wp-content/themes/ars-v9/public/fonts/ 24 KB
24 KB 82ms
36ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/fonts/XLYlIZPxYpJfTbZAFV-_Hcw.6df07f.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/css/app.eec9eb.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 6cf30bdff2b30f611cad0058f15552d8a04d2169a4ae433bba76b97a8a8f517b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://arstechnica.com
Referer: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/css/app.eec9eb.css

Response headers

etag: "673f744f-5ecc"
x-cf2: H
x-cf1: 14961:fJ.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 40658.234
content-type: font/woff2
x-cf-reqid: d66174715a82209fdd3d51fcd2b19f8b
last-modified: Thu, 21 Nov 2024 17:56:31 GMT
x-cff: B
cf4age: 2541
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24268
x-cf-tsc: 1732249017
server: CFS 0215

GET
H2 200 nwpMtKy2OAdR1K-IwhWudF-R3woqZ-LY.802cca.woff2
cdn.arstechnica.net/wp-content/themes/ars-v9/public/fonts/ 24 KB
24 KB 83ms
37ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/fonts/nwpMtKy2OAdR1K-IwhWudF-R3woqZ-LY.802cca.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/css/app.eec9eb.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1ab5d457f299a6efeaa9f27e9a4ae6fb39a4a681f9ce1a36528c505bc581afb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://arstechnica.com
Referer: https://cdn.arstechnica.net/wp-content/themes/ars-v9/public/css/app.eec9eb.css

Response headers

etag: "673f744f-6024"
x-cf2: H
x-cf1: 14961:fJ.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 39437.758
content-type: font/woff2
x-cf-reqid: eae6bcf22e2baf900edea51c11aad8c1
last-modified: Thu, 21 Nov 2024 17:56:31 GMT
x-cff: B
cf4age: 3762
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24612
x-cf-tsc: 1732249017
server: CFS 0215

GET
H2 200 bootkitty-ascii-logo.png
cdn.arstechnica.net/wp-content/uploads/2024/11/ 3 KB
3 KB 29ms
28ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2024/11/bootkitty-ascii-logo.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 91415773881a749022db67fff4be494d2fa97f1ea3d130b0f857b16c97c75395

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "0476f431afccc3d22c3c7b82ebe037e8"
x-amz-version-id: QYLP9PXGoIGY9LC1pZ924tyhPqhTdvf7
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 43194.270
content-type: image/png
x-cff: B
last-modified: Wed, 27 Nov 2024 18:42:37 GMT
x-amz-id-2: x9aGGPijbqWmLuotoEwE25SzEXc3ECRPXHj03JFAA+OZ7XY4r0nABFbWpbPpuMGTLg2zmotO44o=
x-cf-reqid: e7b8f5e284bd38380fbbdcc3f101b613
x-amz-replication-status: COMPLETED
cf4age: 5
x-cf3: H
x-amz-request-id: TXWEJ0ZNCAR0X34E
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2989
x-cf-tsc: 1732735298
server: CFS 1124
x-amz-server-side-encryption: AES256

GET
H2 200 bootkitty-execution-flow-768x1316.png
cdn.arstechnica.net/wp-content/uploads/2024/11/ 152 KB
152 KB 32ms
32ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2024/11/bootkitty-execution-flow-768x1316.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 5b405aa020a990b14ef85d9e869bfc7c73f5638e9046f9e5928fc113e2a5ac14

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "1200f65e6afe349e46fe2acc7661ca7e"
x-amz-version-id: oC1fU3eVYSbg1dEx.EdWoAdtO.L1uobL
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 43200.000
content-type: image/png
x-cff: B
last-modified: Wed, 27 Nov 2024 18:44:59 GMT
x-amz-id-2: 6BcR6uTU0JizwcKLO3xFZdoUyAyD/EVzZINQitGIrj5T/May+V6cyEVA8s92DM7zym+/hkxl2RQ=
x-cf-reqid: 0be673af0b0da721e628ff2d8bbbf163
x-amz-replication-status: COMPLETED
cf4age: 0
x-cf3: M
x-amz-request-id: CT4NASHEPBK10639
accept-ranges: bytes
access-control-allow-origin: *
content-length: 155351
x-cf-tsc: 1732735385
server: CFS 1124
x-amz-server-side-encryption: AES256

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 59 B
304 B 109ms
38ms XHR
application/json 2606:4700:4400::6812:2089
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2089 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f42ed4d0da5a75025b0e458d2242060254f11c04834e7448d7bf5e197d2a4cb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
accept: application/json
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
access-control-allow-methods: GET, OPTIONS
cf-ray: 8e971fbd897c9485-LHR
access-control-allow-origin: *
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: application/json
vary: Accept-Encoding
server: cloudflare
access-control-allow-headers: Content-Type

POST
H2 200 / Show response
r.skimresources.com/api/ 149 B
360 B 105ms
32ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.21.4.1 /

Resource Hash

7556f6a2c1621091981074c2b3ecfb2a5d83579d94965eb0e138f98cacd9cf63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: https://arstechnica.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: application/json
vary: Accept-Encoding
server: openresty/1.21.4.1

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 0D5F 0
123 B 110ms
32ms Image
text/plain 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.34609018840993366
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

via: 1.1 google
cache-control: private, no-store
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: text/plain
server: nginx

GET
H2 200 px.gif
p.skimresources.com/ 43 B
267 B 109ms
31ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=7.033191103302492
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: image/gif
server: Skimlinks Pixel 1.0

GET
H2 200 px.gif
p.skimresources.com/ 43 B
93 B 109ms
32ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=7.033191103302492
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 43
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: image/gif
server: Skimlinks Pixel 1.0

GET
H/1.1 200
OK arstechnica.js Show response
player.cnevids.com/interlude/ 123 KB
31 KB 368ms
257ms Script
text/javascript 18.173.205.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/interlude/arstechnica.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-99.fra56.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

3603d918095b7b0c05ca08ebcaffb8d514e6cbcb40cab997c74e55b137f07b69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

X-Request-Id: 710e2447-e5bc-400a-9826-4a8ada8f1f83
Content-Encoding: gzip
ETag: W/"065b8bb5883cd800c4a2199c5ec27e26"
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
Status: 200 OK
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: L5xRDt2qFQKVmlAQ0rdN9XKWw0VRKKdzyalLmrqTmB-OHxW1blrFUA==
Date: Thu, 28 Nov 2024 03:03:17 GMT
Content-Type: text/javascript; charset=utf-8
X-Backend-Node: 10.110.24.56
X-Runtime: 0.009952
Vary: Origin,Accept-Encoding
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
Content-Length: 31258
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P12
Server: nginx/1.18.0

GET
H2

200

/ Show response
arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/ Frame 0AAF
Redirect Chain

https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/unread?in_iframe=1&theme=system&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVja...
https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1...

458 KB
60 KB

257ms
256ms

Document
text/html

3.12.231.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars-v9/resources/scripts/jquery-3.7.1.min.js?ver=3.7.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.12.231.112 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-12-231-112.us-east-2.compute.amazonaws.com

Software

nginx/1.25.5 / PHP/8.0.30

Resource Hash

196a26f222d00eda411fcae8fde1bb24bd6c1d6cdd865be399abb9634175b896

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control: private, no-cache, max-age=0
content-encoding: gzip
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Thu, 28 Nov 2024 03:03:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Thu, 28 Nov 2024 03:03:17 GMT
server: nginx/1.25.5
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-powered-by: PHP/8.0.30
x-xss-protection: 1; mode=block

Redirect headers

cache-control: private, no-cache, max-age=0
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Thu, 28 Nov 2024 03:03:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Thu, 28 Nov 2024 03:03:17 GMT
location: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
server: nginx/1.25.5
x-content-type-options: nosniff nosniff
x-frame-options: SAMEORIGIN SAMEORIGIN
x-powered-by: PHP/8.0.30
x-xss-protection: 1; mode=block

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/ 457 KB
111 KB 35ms
34ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81a50b09cb85e4ff68788f763b8dcdc549414cecf42ca228a55ab77c971f1286

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-md5: Mq8sWt7aN99kE/VZ97+T8Q==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCED8C88D357E6
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 3396
x-content-type-options: nosniff
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 02:45:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: d1f3b68d-701e-006e-42a7-293aa3000000
cf-ray: 8e971fbdff5f63dd-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 113760
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/ 492 KB
152 KB 109ms
34ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411180101/pubads_impl.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: br
etag: 1421939719645060458
age: 12950
x-content-type-options: nosniff
expires: Thu, 27 Nov 2025 23:27:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date: Wed, 27 Nov 2024 23:27:27 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 155913
x-xss-protection: 0
server: cafe

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame 2E2B 0
0 65ms
22ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/condenast1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

abp: 67
accept-ranges: bytes
access-control-allow-origin: *
age: 2803
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Thu, 28 Nov 2024 03:03:17 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: 48wcMmP3sNnxreUWo7n+vd52kUP23mXYXr+Dp1o7+3v30iev/9ik7z3et3z8eOcsRm+In+WhK/M=
x-amz-replication-status: COMPLETED
x-amz-request-id: 9EK5DYBVAAD2EMHW
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 102
x-served-by: cache-lhr-egll1980094-LHR
x-timer: S1732762998.580288,VS0,VE0

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
728 B 119ms
31ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS&us_privacy=1---&gdpr=0&gdpr_consent=&gdpr_pd=

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/condenast1-network/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE Criteo Technology SAS, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000; preload;
cache-control: private, max-age=3600
content-encoding: gzip
server-processing-duration-in-ticks: 291797
expires: 60
date: Thu, 28 Nov 2024 03:03:16 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: Kestrel

GET
H2 200 iasPET.1.js Show response
static.adsafeprotected.com/ 22 KB
7 KB 163ms
47ms Script
application/javascript 2600:9000:21f3:b800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/iasPET.1.js
Requested by: Host: ads-static.conde.digital
URL: https://ads-static.conde.digital/production/cns/builds/ars-technica/ars-technica.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9823d0872c81c8e82c90402e16618a0cdf9e457822bae78a0692de1b6bafc2bf

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

vary: Accept-Encoding
x-amz-replication-status: COMPLETED
content-encoding: gzip
x-amz-version-id: bIt.tFjTDd30g9URWBswZyaJ1NsJsw2q
etag: W/"cf6b3387aa6a3743209472e160699684"
age: 38070
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: ZAmwh_PjbB8voBtUuErfiseu_7RSNQTrHT3AuDFv4hL3fqcP3XuvGg==
date: Wed, 27 Nov 2024 16:28:48 GMT
content-type: application/javascript
last-modified: Tue, 15 Oct 2024 16:02:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
x-amz-server-side-encryption: AES256

GET
H2 200 1dfc40bb-d155-4f15-970e-99450dbfa0e2-web.js Show response
cdn.permutive.app/ 2 MB
314 KB 101ms
36ms Script
application/javascript 2606:4700:4400::6812:230d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.app/1dfc40bb-d155-4f15-970e-99450dbfa0e2-web.js
Requested by: Host: ads-static.conde.digital
URL: https://ads-static.conde.digital/production/cns/builds/ars-technica/ars-technica.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:230d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c46ddb4a3af24f9e89518dd465914fa0a371756c98c0307702052791652d80a7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

x-goog-metageneration: 1
content-encoding: br
x-goog-hash: crc32c=mBMpWA==, md5=DVA35SwoTzP/f935hE6dTg==
etag: "0d5037e52c284f33ff7fddf9844e9d4e"
x-goog-meta-oid: bd1cec50-00d1-4ce9-9572-785857419a1e
cf-cache-status: HIT
age: 0
x-goog-stored-content-encoding: br
expires: Thu, 28 Nov 2024 03:18:17 GMT
x-goog-stored-content-length: 320511
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 13:07:20 GMT
vary: Accept-Encoding
x-guploader-uploadid: AFiumC6DZ3x-JUf9oCN2cMZKqtFKm-A15pKLfWl54PoxAUW0JvVhsA0j4EoM1c1KtT1-Jh8n97eIxqzpoA
cache-control: public, max-age=900
timing-allow-origin: *
x-goog-storage-class: REGIONAL
cf-ray: 8e971fbf2c3d6557-LHR
accept-ranges: bytes
x-goog-generation: 1732712840263155
content-length: 320511
server: cloudflare

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 345 KB
85 KB 147ms
46ms Script
application/javascript 108.138.3.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: ads-static.conde.digital
URL: https://ads-static.conde.digital/production/cns/builds/ars-technica/ars-technica.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=3600
content-encoding: gzip
etag: W/"f4218dbb17ff2c3421282ef9135e5375"
age: 2254
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront), 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: ikm33Q-xr5qjl41qe0mq3Q2h1wXPVrUvN0KFjmPlIicd3R283aStXg==
date: Thu, 28 Nov 2024 02:25:44 GMT
content-type: application/javascript
last-modified: Wed, 06 Nov 2024 22:51:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1, FRA56-P6
x-amz-server-side-encryption: AES256

GET
H2 200 prebid.min.js Show response
ads-static.conde.digital/production/cns/builds/ars-technica/ 336 KB
103 KB 40ms
40ms Script
application/javascript 2600:9000:225e:2e00:17:b7d9:a700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-static.conde.digital/production/cns/builds/ars-technica/prebid.min.js
Requested by: Host: ads-static.conde.digital
URL: https://ads-static.conde.digital/production/cns/builds/ars-technica/ars-technica.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:2e00:17:b7d9:a700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2acaab86c40f5c0c0abaf775113342955f17fc9d79d6c1d03f787a6cf09a0d5b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

vary: Accept-Encoding
cache-control: max-age=900
content-encoding: br
x-amz-version-id: 4Do3WU2tvrVQfayT6qb8sJkxhpla8Zy9
etag: W/"cfa245a5e29ce3cbfcd743a9249c9eb0"
age: 633
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: SZk6J50sjTFZ9RKq5DpESKC66GJMnKbRx43h_5PgdJBwE2_wjeBejw==
date: Thu, 28 Nov 2024 02:54:10 GMT
content-type: application/javascript
last-modified: Mon, 28 Oct 2024 13:46:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
480 B 146ms
47ms Image
image/gif 2600:9000:21f3:b800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?adspot_id=lmixf_728x90_
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
age: 124471
x-cache: Hit from cloudfront
x-amz-cf-id: rDngkwCt_twpi9uoCb3kT2SMlZVSRKlxDSQKW5Lm7saVXIyNbPsAuw==
date: Tue, 26 Nov 2024 16:28:47 GMT
content-type: image/gif
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=315360000
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
accept-ranges: bytes
content-length: 43
x-amz-cf-pop: FRA2-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 pixelpropagate.min.js Show response
ads-static.conde.digital/production/cns/builds/condenast/ 3 KB
1 KB 66ms
65ms Script
application/javascript 2600:9000:225e:2e00:17:b7d9:a700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads-static.conde.digital/production/cns/builds/condenast/pixelpropagate.min.js
Requested by: Host: ads-static.conde.digital
URL: https://ads-static.conde.digital/production/cns/builds/ars-technica/ars-technica.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:2e00:17:b7d9:a700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e87d5da08f112de24976bd93e58e9846e2074458053f3eded51570e635e7359e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

vary: Accept-Encoding
content-encoding: br
x-amz-version-id: FD1rqbFUuXF_bm9ZdUpqozOXEhySvfu4
etag: W/"7b8b7effea7d28f0aad14bdba91bc865"
age: 46611
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: F1QiLhrTFUzuUyMOVec3lsnm6jUc4CkWyLIZJdbMywbYwvnTD-Qdwg==
date: Wed, 27 Nov 2024 14:06:27 GMT
content-type: application/javascript
last-modified: Mon, 11 Sep 2023 00:30:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
x-amz-server-side-encryption: AES256

GET
H2 200 p77xzrbz9z.js Show response
globalservices.conde.digital/ 68 KB
24 KB 225ms
137ms Script
application/javascript 108.138.7.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://globalservices.conde.digital/p77xzrbz9z.js
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/mu-plugins/ars-snowplow/ars-snowplow-js/dist/main-1-0-4.js?ver=1.0.4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6b90b1407afa33e5b01ca33289cdc5c1408684ad9f4b17724eaf34d0e6cd8c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

x-amz-cf-pop: FRA56-P6
content-encoding: br
etag: W/"4ce938939a8bbf09fc208be17c038d0b"
age: 5830
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: h0nFYiapmYihfvIiTskAEKMC4LhbxeWuUPlXgyLXW3lTJaIfGBYkUQ==
date: Thu, 28 Nov 2024 01:26:08 GMT
content-type: application/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Mon, 27 May 2024 13:57:51 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 bootkitty-code-768x211.png
cdn.arstechnica.net/wp-content/uploads/2024/11/ 77 KB
78 KB 28ms
24ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2024/11/bootkitty-code-768x211.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 6ee1b89d8b8fa72650eaf6b53eebb2295997787fc4394993c4ad6cc4f8c7bcc1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "cd98fe0ecc5a5053d3ee3031c214fe86"
x-amz-version-id: vVWeLCQOSO1eOXAyLOpB.WBzhE8DksBF
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 43200.000
content-type: image/png
x-cff: B
last-modified: Wed, 27 Nov 2024 18:45:46 GMT
x-amz-id-2: LN7U2symcO8Dh0RO5SFW1ZMW6QVNtt/PYFWUS3fzZRyLrrSUbJGerbfo6hz9MDzEl+lI7nh0u38=
x-cf-reqid: fe4a9a206cecdcdf42f53c852455794b
x-amz-replication-status: COMPLETED
cf4age: 0
x-cf3: M
x-amz-request-id: HSC8KQZ0RGASZX6F
accept-ranges: bytes
access-control-allow-origin: *
content-length: 79055
x-cf-tsc: 1732735388
server: CFS 1124
x-amz-server-side-encryption: AES256

GET
H2 200 graphite-impact-shell-gis-768x432.jpg
cdn.arstechnica.net/wp-content/uploads/2024/11/ 34 KB
34 KB 25ms
22ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2024/11/graphite-impact-shell-gis-768x432.jpg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 14062ae5ef567a11e65f95aed8f4d6a45191c28eee581e0e3f1f2be9195cfc51

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "67ba4aac89c660098d95b66a9c913b95"
x-amz-version-id: a.Y8zd3fUxpwfrprVUt1Aj1u40PRJirB
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 43200.000
content-type: image/jpeg
x-cff: B
last-modified: Tue, 26 Nov 2024 18:08:49 GMT
x-amz-id-2: 7iUtet+cNvvGuiGa9P+T5qwmi+Tjk9B//UN+tbTpnS33rL4GvrI1Jt377p+xi47torzcia9YHLli63BJYup57jf2tKNqKVVc
x-cf-reqid: bc09fb0357e51e7d3f744a60a615de0e
x-amz-replication-status: COMPLETED
cf4age: 0
x-cf3: M
x-amz-request-id: 71K5R7KAQSQETRMS
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34606
x-cf-tsc: 1732645423
server: CFS 1124
x-amz-server-side-encryption: AES256

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
349 B 33ms
32ms XHR
application/javascript 35.201.67.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.11 aiohttp/3.8.6 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: text/plain
Referer: https://arstechnica.com/

Response headers

cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: https://arstechnica.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: text/plain; charset=utf-8, application/javascript
server: Python/3.11 aiohttp/3.8.6
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/01924329-4f93-7bd4-b7cf-11356bf2ed31/ 336 KB
53 KB 60ms
58ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/01924329-4f93-7bd4-b7cf-11356bf2ed31/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8369020f35a15fb3bb9f14aed22997412e2e2f0e3c4f2816159bac67d4f90f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-md5: b1MeqoHCqgRQ4rJ0zANxhg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
cf-cache-status: HIT
etag: 0x8DCF7643CAAE05B
age: 39789
x-ms-lease-status: unlocked
x-content-type-options: nosniff
x-ms-version: 2009-09-19
expires: Fri, 29 Nov 2024 03:03:17 GMT
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: application/json
last-modified: Mon, 28 Oct 2024 15:21:46 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin, cross-origin
x-ms-request-id: 2e707bab-c01e-0099-224e-291c48000000
cf-ray: 8e971fbf2eb5ed0a-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 54240
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 iab2V2Data.json Show response
cdn.cookielaw.org/vendorlist/ 596 KB
77 KB 33ms
32ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2V2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70e82838b62f8eade45692b7547518fc43c45bbd81fd95837b147610c84bd210

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-md5: 98TUsYr6wsvTaZkll3ytZw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD0E860ADADF75
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 82917
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 03:03:17 GMT
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: application/json
last-modified: Wed, 27 Nov 2024 01:51:42 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 7a5ee17c-f01e-00f7-1181-40b561000000
cf-ray: 8e971fbf2eb6ed0a-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78440
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 googleData.json Show response
cdn.cookielaw.org/vendorlist/ 65 KB
16 KB 31ms
29ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/googleData.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9eda4ae9875b12440b6484cd4cc41676529219d33fb3c59115541ecf7863f1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-md5: m4AqoYUhIaEB9uH5hR86pg==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DD0EF665717F2A
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 40639
x-content-type-options: nosniff
expires: Fri, 29 Nov 2024 03:03:17 GMT
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: application/json
last-modified: Wed, 27 Nov 2024 15:15:58 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 305bd203-201e-00fe-45e3-40afef000000
cf-ray: 8e971fbf2eb7ed0a-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16476
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/ 64 KB
18 KB 34ms
33ms Script
application/javascript 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a77ed58556547050d62efb8363841c0ef48dd9ef8b092935d5e6b1b00a9c4c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-md5: V3HXxrL+X3vub1hmBQ0Pyw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCED8C8804BAFB
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 25327
x-content-type-options: nosniff
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: application/javascript
last-modified: Wed, 16 Oct 2024 02:45:01 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: 19b9eaea-801e-00f8-6607-415897000000
cf-ray: 8e971fbf2fce63dd-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18016
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 450 B
633 B 558ms
200ms XHR
application/json 44.236.234.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=931565&slot=%7Bid:_out_of_page_0,ss:%5B1.1%5D,p:3379/conde.ars/interstitial/security/article/1,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=602952a3-bb63-3d35-0554-c1eaaa145844&url=https%253A%252F%252Farstechnica.com%252Fsecurity%252F2024%252F11%252Ffound-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux%252F%2523comments
Requested by: Host: static.adsafeprotected.com
URL: https://static.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 44.236.234.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-236-234-50.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: d6878308fb273952512edd2807386e5ff185c29b96cf53caa2b3389a2af19347

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

access-control-allow-origin: https://arstechnica.com
access-control-expose-headers: X-Server-Name
timing-allow-origin: *
date: Thu, 28 Nov 2024 03:03:18 GMT
content-type: application/json
access-control-allow-credentials: true

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6035094/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

15 KB
5 KB

39ms
39ms

Script
text/javascript

18.244.18.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Server: 18.244.18.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-244-18-27.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6d26f7668d31aaeb9a8a01ca082bfbc2d4c4ab37eeb46bc54f14bd7d7e085985

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

vary: accept-encoding
cache-control: max-age=86400
content-encoding: gzip
etag: W/"af0f9e543b8925f25674625eeef07cd5"
age: 53427
via: 1.1 5c21b2b6b5e8901cc7633407000764f0.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: _YaLnYw3iyuS3mPkiz0gJjFO4x9xKWyuQ7xpRECKcqjSQod1vMFqWw==
date: Wed, 27 Nov 2024 12:12:52 GMT
content-type: text/javascript
last-modified: Tue, 26 Nov 2024 12:10:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256

Redirect headers

location: /internal-cs/default/beacon.js
accept-ch: UA, Platform, Arch, Model, Mobile
via: 1.1 5c21b2b6b5e8901cc7633407000764f0.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: pscOrdf5C4151ssmqKbFgc6MOdZNSGkqcnQp1MbY-jgQKoCgm2CSLg==
date: Thu, 28 Nov 2024 03:03:18 GMT
x-amz-cf-pop: FRA56-P11

GET
H2 200 hotjar-1632543.js Show response
static.hotjar.com/c/ 13 KB
6 KB 147ms
41ms Script
application/javascript 18.66.102.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1632543.js?sv=6

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.102.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-51.fra56.r.cloudfront.net

Software

Resource Hash

bc7baad1aa43e75bee2d1663a5c96f99e8e9399e2ffd254a773dedb411339be6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: br
etag: W/84f4e2e22d557bb6886ee5b5a53f4be7
age: 49
x-content-type-options: nosniff
x-cache-hit: 1
x-cache: Hit from cloudfront
x-amz-cf-id: Z-QHDSpuOR8AZX_ApAahLdOgGYZPEYZz6w62Gwm_DMbfCNNSMvVytw==
date: Thu, 28 Nov 2024 03:02:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
via: 1.1 22993faf725ff29c940e58cb14ddf668.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P2

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/assets/ 9 KB
3 KB 33ms
32ms Fetch
application/json 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64aff3262c56fa48ad38b8d9d4d674a6ee3759d1ce4cb52c66865e3fc2c16d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-md5: lyqyeabK+N65BkhysA4Qvw==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-encoding: gzip
x-ms-version: 2009-09-19
etag: 0x8DCED8C858DCD2A
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 3795
x-content-type-options: nosniff
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: application/json
last-modified: Wed, 16 Oct 2024 02:44:57 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: b3d4b092-701e-00cf-7439-41f438000000
cf-ray: 8e971fc0f84bed0a-LHR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2597
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/202409.1.0/assets/ 24 KB
4 KB 32ms
31ms Fetch
text/css 2606:4700::6812:562a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/202409.1.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:562a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-md5: HyPJ72TNHxdfOI82cqKVqA==
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
cf-cache-status: HIT
age: 18577
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: text/css
last-modified: Wed, 16 Oct 2024 02:45:07 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
x-ms-request-id: ad96fca3-b01e-0096-5e16-41f1be000000
cf-ray: 8e971fc0f84eed0a-LHR
access-control-allow-origin: *
x-ms-blob-type: BlockBlob
server: cloudflare

GET
H2 200 materialdesignicons-webfont.woff2
cdn.arstechnica.net/civis/styles/ars/fonts/icons/material-icons/fonts/ Frame 0AAF 312 KB
313 KB 26ms
25ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/styles/ars/fonts/icons/material-icons/fonts/materialdesignicons-webfont.woff2?v=5.8.55
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://arstechnica.com
Referer: https://arstechnica.com/

Response headers

etag: "673f6c06-4e1f0"
x-cf2: H
x-cf1: 14961:fJ.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 40487.137
content-type: font/woff2
x-cf-reqid: 07e4a085fbe1a7c68ada3cdc35ffd91d
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 2712
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 319984
x-cf-tsc: 1732243344
server: CFS 0215

GET
H2 200 materialdesignicons.min.css
cdn.arstechnica.net/civis/styles/ars/fonts/icons/material-icons/css/ Frame 0AAF 263 KB
52 KB 23ms
22ms Stylesheet
text/css 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/styles/ars/fonts/icons/material-icons/css/materialdesignicons.min.css?d=1732214650
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 1193e835baf1666d6e589dc3bfee84e7482c8a7536c35883d10cc11abd134604

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-41c3a"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 43197.492
content-type: text/css
x-cf-reqid: 6f4cb61d03c342146a80733f36ae4b0a
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 2
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 53298
x-cf-tsc: 1732214656
server: CFS 1124

GET
H2 200 preamble.js Show response
cdn.arstechnica.net/civis/js/themehouse/styleswitch/ Frame 0AAF 7 KB
2 KB 33ms
32ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/themehouse/styleswitch/preamble.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 4a9865338eea27d217fc1bbfd00b94a876d9796e78aad912a55af44cb5e8da4a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-1d68"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 43200.000
content-type: application/javascript
x-cf-reqid: 156891aa247aea20106fc9ab3812145d
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 0
x-cf3: M
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1973
x-cf-tsc: 1732214656
server: CFS 1124

GET
H2 200 preamble.min.js Show response
cdn.arstechnica.net/civis/js/xf/ Frame 0AAF 3 KB
2 KB 33ms
32ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/xf/preamble.min.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: f8f0d5e29e4408e8ecdccee5e73a185566774f71c7f440cc50ad5c647b127ce3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-cc0"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 43200.000
content-type: application/javascript
x-cf-reqid: c5c2247e2e00c64d8c6e77884a638919
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 0
x-cf3: M
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1657
x-cf-tsc: 1732214656
server: CFS 1124

GET
H2 200 ars-open-forum.svg
cdn.arstechnica.net/civis/styles/ars/ars/ Frame 0AAF 3 KB
3 KB 32ms
31ms Image
image/svg+xml 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/civis/styles/ars/ars/ars-open-forum.svg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 569f22ab7727a62aae1e2343f455f31e48b1f1ae9f9b406480a48406980c440a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "673f6c06-b81"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:17 GMT
cf4ttl: 41279.098
content-type: image/svg+xml
x-cf-reqid: c88f5c6e6642e2f477231e29b89d6bef
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 1920
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2945
x-cf-tsc: 1732243790
server: CFS 1124

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 367 KB
122 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LRHY7JG2PW&l=dataLayer&cx=c&gtm=45He4bk0v78819567za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

85cdf1df2c54d17166f4eca12fd4119444768ec37f7c4e1dce34a08e818a00f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Thu, 28 Nov 2024 03:03:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 03:03:17 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 124149
x-xss-protection: 0
server: Google Tag Manager

OPTIONS
H2 200 yv8
c.arstechnica.com/com.condenast/ Frame 0
0 360ms
96ms Preflight 44.213.38.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.arstechnica.com/com.condenast/yv8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.213.38.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-213-38-227.compute-1.amazonaws.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,sp-anonymous
Access-Control-Request-Method: POST
Origin: https://arstechnica.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, SP-Anonymous
access-control-allow-origin: https://arstechnica.com
access-control-max-age: 600
content-length: 0
date: Thu, 28 Nov 2024 03:03:18 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 cwv-attribution.3.4.0.js Show response
globalservices.conde.digital/ 10 KB
4 KB 39ms
38ms Script
application/javascript 108.138.7.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://globalservices.conde.digital/cwv-attribution.3.4.0.js
Requested by: Host: globalservices.conde.digital
URL: https://globalservices.conde.digital/p77xzrbz9z.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-116.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a9b42e37e9d2eff9d57900b5e19454836a1c3d09ae99b1281b044803ca8d80df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

x-amz-cf-pop: FRA56-P6
content-encoding: br
etag: W/"f5b5fc67385ba13b0c57a9324d6caddd"
age: 47071
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: G0yCQRqQOLZl8imUCg6sVTDrFiVIz8p6RN0_T6e3oDR4WaegKrxB-A==
date: Wed, 27 Nov 2024 13:58:47 GMT
content-type: application/javascript
vary: accept-encoding
server: AmazonS3
last-modified: Mon, 28 Aug 2023 15:43:58 GMT
x-amz-server-side-encryption: AES256

POST
H2 200 yv8 Show response
c.arstechnica.com/com.condenast/ 2 B
182 B 291ms
96ms XHR
text/plain 44.213.38.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.arstechnica.com/com.condenast/yv8

Requested by

Host: globalservices.conde.digital
URL: https://globalservices.conde.digital/p77xzrbz9z.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.213.38.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-213-38-227.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
SP-Anonymous: *
Content-Type: application/json; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://arstechnica.com
content-length: 2
date: Thu, 28 Nov 2024 03:03:18 GMT
server: nginx
access-control-allow-credentials: true

GET
H2 200 3035 Show response
config.aps.amazon-adsystem.com/configs/ 531 B
807 B 168ms
37ms Script
application/javascript 65.9.66.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://config.aps.amazon-adsystem.com/configs/3035
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-76.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 833ea6d5bf20d2c05447c3598a05d91f49bb65b7d501428f98d32953bba6c52f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

cache-control: max-age=3600
age: 3142
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 531
x-amz-cf-id: SaLOxvsatiKgwUiZ5YpSp1kEwEKY46_43dHdFI-cph0yMAXhXbsDeg==
date: Thu, 28 Nov 2024 02:10:56 GMT
content-type: application/javascript
x-amz-cf-pop: FRA56-C1
server: CloudFront

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 921 B
1 KB 39ms
39ms XHR
application/json 108.138.3.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3035&u=https%3A%2F%2Farstechnica.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 1789d4c2fc0271f22d291a9b69b5636fbb4f4c1400be100abe2c39d669467c3a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

cache-control: max-age=21550, s-maxage=21600
age: 3746
access-control-allow-credentials: true
via: 1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
access-control-allow-origin: https://arstechnica.com
x-cache: Hit from cloudfront
content-length: 921
x-amz-cf-id: D5tNbOMkfiEetw0pvazXClW7gy_R21eUGiEcQu2snNAauKKTUjKvww==
date: Thu, 28 Nov 2024 02:00:51 GMT
content-type: application/json;charset=UTF-8
x-amz-cf-pop: FRA56-P6
server: Server

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 108ms
36ms XHR
application/javascript 108.138.3.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.3.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-3-93.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

access-control-max-age: 3000
content-encoding: gzip
x-amz-version-id: r5.lR.LJ66XEXzxUUVo7iMemjL_F_GoE
etag: W/"a4d296427fc806b21335359e398c025c"
age: 5583
access-control-allow-methods: GET
x-cache: Hit from cloudfront
x-amz-cf-id: kawvCbyxnJquAT_T2391tsS01YzvOg1UiriWM1vZ8YfncCL1Swxm4A==
date: Thu, 28 Nov 2024 01:30:16 GMT
content-type: application/javascript
vary: Origin,accept-encoding
last-modified: Thu, 29 Feb 2024 02:13:08 GMT
cache-control: public, max-age=86400
via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P6
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 sbctl
opengraph.githubassets.com/0aacd0a43b37f002df392d5d68e7f562bb101c01c5460f20770bf57384c8296d/Foxboron/ Frame 0AAF 106 KB
107 KB 149ms
28ms Image
image/png 185.199.108.154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opengraph.githubassets.com/0aacd0a43b37f002df392d5d68e7f562bb101c01c5460f20770bf57384c8296d/Foxboron/sbctl

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.108.154 Hoover, United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-108-154.github.com

Software

Resource Hash

044220bdd4f9269672869d28993e7b47ce2cd932d485f040646da05adcbda7fc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';style-src 'unsafe-inline';font-src https://github.github.com;img-src https://avatars.githubusercontent.com https://github.githubassets.com https://camo.githubusercontent.com
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

x-github-backend: Kubernetes
x-fastly-request-id: feddd7c274fe2e07df8ca07798b970f124855414
etag: W/"1a8b4-B10frr3/Fp1rAMH49uXYSl8NMO4"
age: 2745
expect-ct: max-age=0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-github-request-id: B62A:27B705:22BF162:2C059AC:67477E56
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 03:03:18 GMT
content-type: image/png
x-served-by: cache-iad-kiad7000088-IAD, cache-lhr-egll1980090-LHR
x-cache-hits: 45, 0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none';style-src 'unsafe-inline';font-src https://github.github.com;img-src https://avatars.githubusercontent.com https://github.githubassets.com https://camo.githubusercontent.com
cache-control: public, max-age=21600, immutable
x-dns-prefetch-control: off
x-ratelimit-reset: 1732739367
referrer-policy: no-referrer
x-download-options: noopen
x-ratelimit-remaining: 75
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 108724
x-xss-protection: 0
x-ratelimit-limit: 100

GET
H2 200 favicon.svg
github.githubassets.com/favicons/ Frame 0AAF 959 B
1 KB 147ms
32ms Image
image/svg+xml 185.199.108.154
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://github.githubassets.com/favicons/favicon.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.199.108.154 Hoover, United States, ASN54113 (FASTLY, US),

Reverse DNS

cdn-185-199-108-154.github.com

Software

Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

6a9577cd4f7fa6b75bde1025af85b944e9dd1388373b55ccba6e9f80ac2eae60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-md5: bYAvaN8MCaSZfP0o7q/Z/w==
x-fastly-request-id: 26c05dbe71ec0e348555ef194e58d754848d9e7a
etag: "0x8DCBC95F2647EDF"
age: 111
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 03:03:18 GMT
content-type: image/svg+xml
last-modified: Wed, 14 Aug 2024 19:18:58 GMT
x-cache-hits: 4435405, 1
x-served-by: cache-iad-kiad7000081-IAD, cache-lhr-egll1980093-LHR
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
content-length: 959
server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0

GET
H2 200 jquery-3.5.1.min.js Show response
cdn.arstechnica.net/civis/js/vendor/jquery/ Frame 0AAF 87 KB
34 KB 26ms
26ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/vendor/jquery/jquery-3.5.1.min.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-15d84"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43197.180
content-type: application/javascript
x-cf-reqid: ae251b5457ad71702d3edfc99570ea08
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 2
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34800
x-cf-tsc: 1732214656
server: CFS 1124

GET
H2 200 vendor-compiled.js Show response
cdn.arstechnica.net/civis/js/vendor/ Frame 0AAF 43 KB
14 KB 25ms
24ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/vendor/vendor-compiled.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-aab8"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43197.176
content-type: application/javascript
x-cf-reqid: dd6dcbac9451e4c6095325f6f2090cc5
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 2
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14189
x-cf-tsc: 1732214656
server: CFS 1124

GET
H2 200 core-compiled.js Show response
cdn.arstechnica.net/civis/js/xf/ Frame 0AAF 207 KB
69 KB 23ms
22ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/xf/core-compiled.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 9f12e9613ffc81683459a7891f3d764bbc642c1c1f24968838a9c7a81750cae1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-33b35"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43197.480
content-type: application/javascript
x-cf-reqid: ce5502271e4d7f7634f770f76e94a318
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 2
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 70583
x-cf-tsc: 1732214656
server: CFS 1124

GET
H2 200 global.js Show response
cdn.arstechnica.net/civis/js/themehouse/styleswitch/ Frame 0AAF 631 B
939 B 27ms
22ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/themehouse/styleswitch/global.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: d86f8c8fa0bd68f5b36a13b4f5e73c7ecdda0b806fb0887d8162d28c0ac07d91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "673f6c06-277"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43197.402
content-type: application/javascript
x-cf-reqid: 48787b14580c3d74905ee0a04c0a03d2
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 2
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 631
x-cf-tsc: 1732214656
server: CFS 1124

GET
H2 200 comment.min.js Show response
cdn.arstechnica.net/civis/js/xf/ Frame 0AAF 1 KB
930 B 28ms
24ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/xf/comment.min.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: db706a3dc7a3ad3e0bfe56eced86c0fb8791081042c81cc198b2418230e42cba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-4a9"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43200.000
content-type: application/javascript
x-cf-reqid: cf2f10e35fd212589aea6ef52f817cfe
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 0
x-cf3: M
accept-ranges: bytes
access-control-allow-origin: *
content-length: 606
x-cf-tsc: 1732214657
server: CFS 1124

GET
H2 200 vote.js Show response
cdn.arstechnica.net/civis/js/themehouse/separate-vote-scores/ Frame 0AAF 3 KB
939 B 28ms
24ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/themehouse/separate-vote-scores/vote.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: f6a0e1ce99300ab0389821defb3d150b8779ef11f82666a1b9c5e4b438c79736

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-a39"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43200.000
content-type: application/javascript
x-cf-reqid: d5ce25d62f1b7560eb18ae051e924fe8
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 0
x-cf3: M
accept-ranges: bytes
access-control-allow-origin: *
content-length: 614
x-cf-tsc: 1732214657
server: CFS 1124

GET
H2 200 hide-refresh.js Show response
cdn.arstechnica.net/civis/js/editor-manager/ Frame 0AAF 625 B
930 B 25ms
21ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/editor-manager/hide-refresh.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: d86c2fb79df7afab4531c63d5cdc59e5095e9dd8e60170f22f7ac9dac3aed32b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "673f6c06-271"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43200.000
content-type: application/javascript
x-cf-reqid: 651370992c3f9adc11ce0e4db04e1772
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 0
x-cf3: M
accept-ranges: bytes
access-control-allow-origin: *
content-length: 625
x-cf-tsc: 1732214657
server: CFS 1124

GET
H2 200 overlay.min.js Show response
cdn.arstechnica.net/civis/js/audentio/guest-prompts/ Frame 0AAF 2 KB
1 KB 27ms
22ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/audentio/guest-prompts/overlay.min.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: d9369ae13ff8f2a9679c39d11c827e7f95bfd4aa8c9072cb64b4f8c918bf1cfe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-78d"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43197.227
content-type: application/javascript
x-cf-reqid: 945029061156e6b211a65904847923ef
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 2
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 854
x-cf-tsc: 1732214657
server: CFS 1124

GET
H2 200 thread.js Show response
cdn.arstechnica.net/civis/js/audentio/wpconnect/ Frame 0AAF 11 KB
3 KB 27ms
23ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/audentio/wpconnect/thread.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 3ab2f8706952a3ef2619cf5ab2fd16e063868e1d488ad3554d88f5685dd5c279

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-2a16"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43197.211
content-type: application/javascript
x-cf-reqid: 59cd8d36e46296d3929fbba2a8efb2f6
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 2
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3110
x-cf-tsc: 1732214657
server: CFS 1124

GET
H2 200 iframe-resizer.child.js Show response
cdn.arstechnica.net/civis/js/vendor/ Frame 0AAF 18 KB
8 KB 30ms
26ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/vendor/iframe-resizer.child.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: bf74bebaf292e0ea3316e61c9a040fbc29bb6d81da597a1930560aa0fae68e9b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-4980"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43200.000
content-type: application/javascript
x-cf-reqid: 4fbaec643a1334d31f4405c15178d5aa
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 0
x-cf3: M
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8029
x-cf-tsc: 1732214657
server: CFS 1124

GET
H2 200 logincookie.min.js Show response
cdn.arstechnica.net/civis/js/audentio/logincookie/ Frame 0AAF 132 B
439 B 27ms
23ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/audentio/logincookie/logincookie.min.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: ed6d2de07f412dac6ead192a037b6784d6c5b29a7b208ac380cd1311477b2d14

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "673f6c06-84"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43197.109
content-type: application/javascript
x-cf-reqid: 6151a238a69c1c198c8b905a371d25cd
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 2
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 132
x-cf-tsc: 1732214657
server: CFS 1124

GET
H2 200 ripple.min.js Show response
cdn.arstechnica.net/civis/js/themehouse/acui/ Frame 0AAF 1 KB
1 KB 29ms
25ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/themehouse/acui/ripple.min.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: d4e14fe027197ebdbd6e9ab1f0d963379e4851fdbe85225acf84ef2f1f67558d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-58c"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43197.059
content-type: application/javascript
x-cf-reqid: 777b4f538258046070461da6ba360e22
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 2
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 701
x-cf-tsc: 1732214657
server: CFS 1124

GET
H2 200 20210125.min.js Show response
cdn.arstechnica.net/civis/js/themehouse/global/ Frame 0AAF 11 KB
4 KB 31ms
28ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/themehouse/global/20210125.min.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 7e5c23918762997e2851f5ca38481431503c5a7036e19a128035804a935c0e4e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-2b29"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43197.047
content-type: application/javascript
x-cf-reqid: 1aa1bfaba7da35d2338f250d13534c78
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 2
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4205
x-cf-tsc: 1732214657
server: CFS 1124

GET
H2 200 index.min.js Show response
cdn.arstechnica.net/civis/js/themehouse/acui/ Frame 0AAF 8 KB
3 KB 34ms
31ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/themehouse/acui/index.min.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 03e9903204561f2a2bdc85b768de9cebb2a59d97513c8e41fe32f250dc144294

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-2026"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43200.000
content-type: application/javascript
x-cf-reqid: 29889b9c594643e320f456ee521b321e
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 0
x-cf3: M
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3071
x-cf-tsc: 1732214657
server: CFS 1124

GET
H2 200 jquery.hoverIntent.min.js Show response
cdn.arstechnica.net/civis/js/themehouse/acui/vendor/hover-intent/ Frame 0AAF 2 KB
1 KB 31ms
28ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/themehouse/acui/vendor/hover-intent/jquery.hoverIntent.min.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-8c4"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43200.000
content-type: application/javascript
x-cf-reqid: 1c74482031f9eb97adb1b766b77ec252
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 0
x-cf3: M
accept-ranges: bytes
access-control-allow-origin: *
content-length: 966
x-cf-tsc: 1732214657
server: CFS 1124

GET
H2 200 defer.min.js Show response
cdn.arstechnica.net/civis/js/themehouse/acui/ Frame 0AAF 18 KB
5 KB 30ms
27ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/themehouse/acui/defer.min.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 4ca5c394b025a327b799f80fb140f4702eac4838bbcbf6d19c1c3c27dcfa26a0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-4625"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43197.055
content-type: application/javascript
x-cf-reqid: 02ac78084b316c668f4ec31bec699653
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 2
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4404
x-cf-tsc: 1732214657
server: CFS 1124

GET
H2 200 deferFab.min.js Show response
cdn.arstechnica.net/civis/js/themehouse/acui/ Frame 0AAF 3 KB
2 KB 30ms
28ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/themehouse/acui/deferFab.min.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 3bb0e231fc7fd3a5401b3159990a4718a2257c594cdba910d15b47a80f27ead3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-cec"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43197.039
content-type: application/javascript
x-cf-reqid: 1988d3a64ac16d5b2238cd4f4b1ad0ff
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 2
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1324
x-cf-tsc: 1732214657
server: CFS 1124

GET
H2 200 deferNodesCollapse.min.js Show response
cdn.arstechnica.net/civis/js/themehouse/acui/ Frame 0AAF 3 KB
2 KB 32ms
30ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/themehouse/acui/deferNodesCollapse.min.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 0740cfa18f7a531068226a5942c41a8f0624789cd2cb46597a7ca0259752295a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-b62"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43200.000
content-type: application/javascript
x-cf-reqid: 9cca5b2d76e0f0ff0691399365720f3f
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 0
x-cf3: M
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1341
x-cf-tsc: 1732214657
server: CFS 1124

GET
H2 200 deferWidthToggle.min.js Show response
cdn.arstechnica.net/civis/js/themehouse/acui/ Frame 0AAF 2 KB
1 KB 32ms
29ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/civis/js/themehouse/acui/deferWidthToggle.min.js?_v=0bff0aba
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 12a4495dcf4f799da379ec9caf3cfd5fbc675b6228d9ce5dc00eed49bfb5128c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: W/"673f6c06-94c"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43200.000
content-type: application/javascript
x-cf-reqid: c2c0629eb9177fabd8217b4cb940cc89
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 0
x-cf3: M
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1091
x-cf-tsc: 1732214657
server: CFS 1124

GET
H/1.1 200
OK 637bbbbd103e9e2dd00699f6.js Show response
player.cnevids.com/script/video/ 74 KB
24 KB 422ms
422ms Script
text/javascript 18.173.205.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/script/video/637bbbbd103e9e2dd00699f6.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=sitewideInterludeVideoOverride&recStrategy=sitewideInterludeVideoOverride&showPlaylistBar=false

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/interlude/arstechnica.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-99.fra56.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

42521a1acb28dd3a4c64265c2526128ee05edad954bb2106cb6238841c5ae0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

X-Request-Id: 4bdfad6d-0e8b-4603-b4d2-4c76613921ee
Content-Encoding: gzip
ETag: W/"2bb9898c3cee1603f96131326751f846"
X-Permitted-Cross-Domain-Policies: none
X-Content-Type-Options: nosniff
Status: 200 OK
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: eMWxUAmxVwEvHPeR62AjNQEHR3zo6idG8Hni3z-gfGuDS-FT9DPLxA==
Date: Thu, 28 Nov 2024 03:03:18 GMT
Content-Type: text/javascript; charset=utf-8
X-Backend-Node: 10.110.77.140
X-Runtime: 0.005891
Vary: Origin,Accept-Encoding
Cache-Control: max-age=0, private, must-revalidate
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Via: 1.1 ba01631fe255b1896a9e6bfd4c86a06a.cloudfront.net (CloudFront)
Content-Length: 23943
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P12
Server: nginx/1.18.0

GET
H2 200 css.php
cdn.arstechnica.net/civis/ Frame 0AAF 387 KB
71 KB 25ms
24ms Stylesheet
text/css 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.arstechnica.net/civis/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Afa.css%2Cpublic%3Aac_app.less%2Cpublic%3Aars_xf.less%2Cpublic%3Amessage.less%2Cpublic%3Astructured_list.less&s=7&l=1&d=1732214650&k=047e4a656706678318c16969b2a96b75c8fa2c02

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/civis/js/themehouse/styleswitch/preamble.js?_v=0bff0aba

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),

Reverse DNS

vip1.G-anycast1.cachefly.net

Software

CFS 1124 / PHP/8.0.30

Resource Hash

59018e7b19a09ba97a28b3d31c539020b6b9333ed3c1202c78a4bff5eb3c45c3

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
x-cf2: H
x-content-type-options: nosniff
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 31556952.000
content-type: text/css; charset=utf-8
x-cff: B
last-modified: Thu, 21 Nov 2024 18:44:16 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-cf-reqid: 70365a9d01a753189b94b0b77fc30589
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
cache-control: max-age=31556952, public
cf4age: 0
x-cf3: M
accept-ranges: bytes
access-control-allow-origin: *
content-length: 71971
x-xss-protection: 1; mode=block
x-cf-tsc: 1732214657
x-powered-by: PHP/8.0.30
server: CFS 1124

GET
H2 200 css.php
cdn.arstechnica.net/civis/ Frame 0AAF 188 KB
38 KB 25ms
25ms Stylesheet
text/css 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.arstechnica.net/civis/css.php?css=public%3Aac_app.less%2Cpublic%3Aadguest_overlay.less%2Cpublic%3Aars_pvs_post.less%2Cpublic%3Aars_xf.less%2Cpublic%3Aaud_wpconnect.less%2Cpublic%3Abb_code.less%2Cpublic%3Amessage.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Athsvs_separate_vote_scores.less%2Cpublic%3Athtt_article_post_vote.less%2Cpublic%3Athtt_vote_macros.less%2Cpublic%3Auix.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css%2Cpublic%3Astructured_list.less&s=7&l=1&d=1732214650&k=ddda17bd9f6328f68dc1cf2abe4335811aace8c1

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/civis/js/themehouse/styleswitch/preamble.js?_v=0bff0aba

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),

Reverse DNS

vip1.G-anycast1.cachefly.net

Software

CFS 1124 / PHP/8.0.30

Resource Hash

eb0f755ab9e7dbad4b21e9dbbda04ead9bd40dfa6dd47c05f579ae8be3ac9bf5

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
x-cf2: H
x-content-type-options: nosniff
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 31556952.000
content-type: text/css; charset=utf-8
x-cff: B
last-modified: Thu, 21 Nov 2024 18:44:16 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-cf-reqid: 57092e31262f56f51de33a6a4fd46f73
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
cache-control: max-age=31556952, public
cf4age: 0
x-cf3: M
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38483
x-xss-protection: 1; mode=block
x-cf-tsc: 1732214656
x-powered-by: PHP/8.0.30
server: CFS 1124

GET
H2 200 css.php
cdn.arstechnica.net/civis/ Frame 0AAF 391 KB
71 KB 36ms
34ms Stylesheet
text/css 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.arstechnica.net/civis/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Afa.css%2Cpublic%3Aac_app.less%2Cpublic%3Aars_xf.less%2Cpublic%3Amessage.less%2Cpublic%3Astructured_list.less&s=9&l=1&d=1732214650&k=047e4a656706678318c16969b2a96b75c8fa2c02

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/civis/js/themehouse/styleswitch/preamble.js?_v=0bff0aba

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),

Reverse DNS

vip1.G-anycast1.cachefly.net

Software

CFS 1124 / PHP/8.0.30

Resource Hash

76c7232ea7d6e03ffe82fa7a41e365e62ff222a9ce55dee1856f31ec000727c1

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
x-cf2: H
x-content-type-options: nosniff
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 31556952.000
content-type: text/css; charset=utf-8
x-cff: B
last-modified: Thu, 21 Nov 2024 18:44:16 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-cf-reqid: 7d057b974d94cc9a848f75c7f490dccb
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
cache-control: max-age=31556952, public
cf4age: 0
x-cf3: M
accept-ranges: bytes
access-control-allow-origin: *
content-length: 72304
x-xss-protection: 1; mode=block
x-cf-tsc: 1732214657
x-powered-by: PHP/8.0.30
server: CFS 1124

GET
H2 200 css.php
cdn.arstechnica.net/civis/ Frame 0AAF 189 KB
38 KB 31ms
29ms Stylesheet
text/css 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.arstechnica.net/civis/css.php?css=public%3Aac_app.less%2Cpublic%3Aadguest_overlay.less%2Cpublic%3Aars_pvs_post.less%2Cpublic%3Aars_xf.less%2Cpublic%3Aaud_wpconnect.less%2Cpublic%3Abb_code.less%2Cpublic%3Amessage.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Athsvs_separate_vote_scores.less%2Cpublic%3Athtt_article_post_vote.less%2Cpublic%3Athtt_vote_macros.less%2Cpublic%3Auix.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css%2Cpublic%3Astructured_list.less&s=9&l=1&d=1732214650&k=ddda17bd9f6328f68dc1cf2abe4335811aace8c1

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/civis/js/themehouse/styleswitch/preamble.js?_v=0bff0aba

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),

Reverse DNS

vip1.G-anycast1.cachefly.net

Software

CFS 1124 / PHP/8.0.30

Resource Hash

308e490b75b9b82b465f8065c7381635beee5fd76f31e54730c640aee4445f9d

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
x-cf2: H
x-content-type-options: nosniff
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 31556952.000
content-type: text/css; charset=utf-8
x-cff: B
last-modified: Thu, 21 Nov 2024 18:44:16 GMT
x-frame-options: SAMEORIGIN, SAMEORIGIN
x-cf-reqid: f25eddc02985c5b744d4eceadc48696c
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
cache-control: max-age=31556952, public
cf4age: 0
x-cf3: M
accept-ranges: bytes
access-control-allow-origin: *
content-length: 38552
x-xss-protection: 1; mode=block
x-cf-tsc: 1732214657
x-powered-by: PHP/8.0.30
server: CFS 1124

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/5fba7d47-419c-40cc-a9fa-e46027c0811b/ 8 KB
2 KB 139ms
35ms Script
text/javascript 3.160.150.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/5fba7d47-419c-40cc-a9fa-e46027c0811b/launchpad-liveramp.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.160.150.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-160-150-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9e38f5f94eee01ce469113a7cb19000fc81b1f69abba117e3101f26dd0828a08

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
x-amz-version-id: pEz7Agu8rDA8_oiYQBiW7CTPoSgk6Jui
etag: W/"816536b36a1a599456d1b2b82d65f240"
age: 4335
x-cache: Hit from cloudfront
x-amz-cf-id: 14KNMUwTcwwd9NITnHXM-ijR7K6P8BHKAMnkfN20RiJBhpXpARf9pA==
date: Thu, 28 Nov 2024 01:51:04 GMT
content-type: text/javascript
vary: accept-encoding
last-modified: Mon, 01 Jul 2024 14:11:57 GMT
content-disposition: attachment; filename="launchpad-liveramp.js"
x-amz-replication-status: COMPLETED
via: 1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P7
server: AmazonS3
x-amz-server-side-encryption: AES256

GET b0040f39-0ae7-429e-b3da-5fb73c9d0fcc
https://arstechnica.com/ Frame 0
0

GET
H2 200 collect Show response
tagging.conde.digital/g/ 65 B
566 B 130ms
59ms Fetch
text/plain 2600:1901:0:767b::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://tagging.conde.digital/g/collect?v=2&tid=G-LRHY7JG2PW&gtm=45je4bk0v898116584z878819567za200zb78819567&_p=1732762997196&gcs=G101&gcd=13q3r3q3q5l1&npa=1&dma_cps=-&dma=1&tcfd=10s5a&tag_exp=101925629~102067555~102067808~102077855~102081485&gdid=dYWJhMj&cid=892949161.1732762998&ecid=1348641268&ul=en-gb&sr=1600x1200&_fplc=0&ir=1&ur=GB-ENG&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&sst.rnd=528230246.1732762998&sst.etld=google.co.uk&sst.gcsub=region1&sst.us_privacy=1---&sst.gdpr=1&sst.gdpr_consent=CQIzPkAQIzPkAAcABBENBRFgAAAAAELAAChQAAAUvgEAA_AM-AlUBeYDBAGjATVApeAYEgSgAIAAWABUADgAHgAQQAyADUAIgATAAqgBvAD0AH4AQkAiACJAEcAMoAc4A7gB7AD9AIAARQAkQBVwC5gGKANoAcQBDoCRAFsALkAbqA4ICEIELwgAUAjgC_wGjAP3AhWOAGAAIAAuAD8ARwBAACEAEcAX-AwQBowD9wIVjoEwACwAKgAcABBADIANQAiABMACqAF0AMQAbwA9AB-gEQARIAowBlADnAHcAPYAfsBFAEWAJEAVcAuYBigDaAHEAOoAh0BF4CRAEyAKaAWwAuQBlgDdQH9kAAoACACOAMEAaMBCshASAAWADUAKoAYgA3gB6AEcAOcAdwBFACrgFzAMUAbQA6gCmgFyAP7JQFQAEAALAA4AEQAJgAVQAxQCIAIkARwAowCrgFzAMUAdQBDoCJgEXgJEAU0AtgCEJIAOABcAdwBAACOAL_AZYA_cpAjAAWABUADgAIIAZABoAEQAJgAUgAqgBiAD9AIgAiQBRgDKAHOAP0AiwBIgCrgFzAMUAbQA6gCHQETAIvASIApoBbAC5AGWAN1AcEA_sCEJQASABcARwA7gCAAMEAaMA_cCFYELy0AMAGoA7gFNFgAQBHAGjAAA.YAAACFgAAAAA&sst.tft=1732762997196&sst.ude=0&_s=1&sid=1732762998&sct=1&seg=0&dl=https%3A%2F%2Farstechnica.com%2Fsecurity%2F2024%2F11%2Ffound-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux%2F&dt=Found%20in%20the%20wild%3A%20The%20world%E2%80%99s%20first%20unkillable%20UEFI%20bootkit%20for%20Linux%20-%20Ars%20Technica&en=signals_set&_fv=1&_nsi=1&_ss=2&ep.gtm_tag_name=GA4%20-%20sGTM%20-%20Signals%20Set&tfd=1671&richsstsse

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LRHY7JG2PW&l=dataLayer&cx=c&gtm=45He4bk0v78819567za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:767b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

cache-control: no-cache
x-accel-buffering: no
access-control-allow-credentials: true
x-content-type-options: nosniff
via: 1.1 google
access-control-allow-origin: https://arstechnica.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 03:03:18 GMT
content-type: text/plain
server: Google Frontend

GET
H2 200 modules.86621fa4aeada5bcf025.js Show response
script.hotjar.com/ 222 KB
55 KB 126ms
40ms Script
application/javascript 13.33.187.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.86621fa4aeada5bcf025.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1632543.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.187.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-187-74.fra60.r.cloudfront.net

Software

Resource Hash

feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

x-robots-tag: none
content-encoding: br
etag: "ff8702986a1c41356391628a5f5d6f03"
age: 651072
x-content-type-options: nosniff
x-cache: Hit from cloudfront
x-amz-cf-id: TXcE7xTG2j-zl1Bs8wDAGnMOk3Y8ovuaV9SH9b9CyA4NNyXkV_jd0w==
date: Wed, 20 Nov 2024 14:12:06 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 20 Nov 2024 14:11:55 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000; includeSubDomains
cache-control: max-age=31536000
cross-origin-resource-policy: cross-origin
via: 1.1 4d37a80c51c1368344134f5bdf1ea92e.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 56243
x-amz-cf-pop: FRA60-P9

GET
H2 200 p.js Show response
fpa-cdn.arstechnica.com/keys/arstechnica.com/ 67 KB
22 KB 149ms
41ms Script
application/x-javascript 65.9.66.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fpa-cdn.arstechnica.com/keys/arstechnica.com/p.js
Requested by: Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/202409.1.0/otBannerSdk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-9.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6f3e2c2e77f7c59303206d11fdf97440a1e009a1571078e1595297ebdbd767b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

x-amz-cf-pop: FRA56-C1
content-encoding: gzip
etag: W/"09fd2b272fede6cd9313eba8ba8677b5"
age: 3076
via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: SViY4Ii4sh7fFEytsRGMMZaRHtVrKI7zQvsnhKeKBhg96aNleljgaQ==
date: Thu, 28 Nov 2024 02:12:03 GMT
content-type: application/x-javascript
vary: accept-encoding
server: AmazonS3
last-modified: Thu, 01 Feb 2024 17:51:21 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 pxid Show response
bd1cec50-00d1-4ce9-9572-785857419a1e.prmutv.co/v2.0/ 46 B
384 B 94ms
33ms XHR
application/json 35.241.9.51
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://bd1cec50-00d1-4ce9-9572-785857419a1e.prmutv.co/v2.0/pxid?k=3c5b06e3-9636-482d-9481-33025da5def5
Requested by: Host: cdn.permutive.app
URL: https://cdn.permutive.app/1dfc40bb-d155-4f15-970e-99450dbfa0e2-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6954169fb3a557361f39ca96fcea88fa7b0aa595215f0fdc108f6ff63a3fd029

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://arstechnica.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66
date: Thu, 28 Nov 2024 03:03:18 GMT
content-type: application/json
vary: Origin
server: Permutive

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
698 B 165ms
37ms XHR
application/json 37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.app
URL: https://cdn.permutive.app/1dfc40bb-d155-4f15-970e-99450dbfa0e2-web.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://arstechnica.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 5.187.21.108; 5.187.21.108; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://arstechnica.com
an-x-request-uuid: fb223bc0-2a91-4682-ba9a-feff636d9710
content-length: 11
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Thu, 28 Nov 2024 03:03:18 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

GET
H2 200 ars-user-reg.svg
cdn.arstechnica.net/civis/styles/ars/ars/ Frame 0AAF 371 B
675 B 32ms
31ms Image
image/svg+xml 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/civis/styles/ars/ars/ars-user-reg.svg
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/civis/css.php?css=public%3Aac_app.less%2Cpublic%3Aadguest_overlay.less%2Cpublic%3Aars_pvs_post.less%2Cpublic%3Aars_xf.less%2Cpublic%3Aaud_wpconnect.less%2Cpublic%3Abb_code.less%2Cpublic%3Amessage.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Athsvs_separate_vote_scores.less%2Cpublic%3Athtt_article_post_vote.less%2Cpublic%3Athtt_vote_macros.less%2Cpublic%3Auix.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css%2Cpublic%3Astructured_list.less&s=7&l=1&d=1732214650&k=ddda17bd9f6328f68dc1cf2abe4335811aace8c1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: f7c9f2d62460a433681dda2aba201f535c7a46b310091aca97e445e5ef6c9d39

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cdn.arstechnica.net/civis/css.php?css=public%3Aac_app.less%2Cpublic%3Aadguest_overlay.less%2Cpublic%3Aars_pvs_post.less%2Cpublic%3Aars_xf.less%2Cpublic%3Aaud_wpconnect.less%2Cpublic%3Abb_code.less%2Cpublic%3Amessage.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Athsvs_separate_vote_scores.less%2Cpublic%3Athtt_article_post_vote.less%2Cpublic%3Athtt_vote_macros.less%2Cpublic%3Auix.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css%2Cpublic%3Astructured_list.less&s=7&l=1&d=1732214650&k=ddda17bd9f6328f68dc1cf2abe4335811aace8c1

Response headers

etag: "673f6c06-173"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 43130.336
content-type: image/svg+xml
x-cf-reqid: 1cd893a0f3aef1e399214f71a722d056
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 69
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 371
x-cf-tsc: 1732246035
server: CFS 1124

GET
H2 200 ars-user-posts.svg
cdn.arstechnica.net/civis/styles/ars/ars/ Frame 0AAF 342 B
647 B 33ms
32ms Image
image/svg+xml 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/civis/styles/ars/ars/ars-user-posts.svg
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/civis/css.php?css=public%3Aac_app.less%2Cpublic%3Aadguest_overlay.less%2Cpublic%3Aars_pvs_post.less%2Cpublic%3Aars_xf.less%2Cpublic%3Aaud_wpconnect.less%2Cpublic%3Abb_code.less%2Cpublic%3Amessage.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Athsvs_separate_vote_scores.less%2Cpublic%3Athtt_article_post_vote.less%2Cpublic%3Athtt_vote_macros.less%2Cpublic%3Auix.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css%2Cpublic%3Astructured_list.less&s=7&l=1&d=1732214650&k=ddda17bd9f6328f68dc1cf2abe4335811aace8c1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 459420a98128519213144edbcd77f87c36069f067531ad192ba555b2c5e056df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cdn.arstechnica.net/civis/css.php?css=public%3Aac_app.less%2Cpublic%3Aadguest_overlay.less%2Cpublic%3Aars_pvs_post.less%2Cpublic%3Aars_xf.less%2Cpublic%3Aaud_wpconnect.less%2Cpublic%3Abb_code.less%2Cpublic%3Amessage.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Athsvs_separate_vote_scores.less%2Cpublic%3Athtt_article_post_vote.less%2Cpublic%3Athtt_vote_macros.less%2Cpublic%3Auix.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css%2Cpublic%3Astructured_list.less&s=7&l=1&d=1732214650&k=ddda17bd9f6328f68dc1cf2abe4335811aace8c1

Response headers

etag: "673f6c06-156"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 41203.426
content-type: image/svg+xml
x-cf-reqid: 1113defa7bd035ba54a4022707387d34
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 1996
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 342
x-cf-tsc: 1732248632
server: CFS 1124

GET
H2 200 ars-pro.png
cdn.arstechnica.net/civis/styles/ars/ars/ Frame 0AAF 4 KB
4 KB 32ms
32ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/civis/styles/ars/ars/ars-pro.png
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/civis/css.php?css=public%3Aac_app.less%2Cpublic%3Aadguest_overlay.less%2Cpublic%3Aars_pvs_post.less%2Cpublic%3Aars_xf.less%2Cpublic%3Aaud_wpconnect.less%2Cpublic%3Abb_code.less%2Cpublic%3Amessage.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Athsvs_separate_vote_scores.less%2Cpublic%3Athtt_article_post_vote.less%2Cpublic%3Athtt_vote_macros.less%2Cpublic%3Auix.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css%2Cpublic%3Astructured_list.less&s=7&l=1&d=1732214650&k=ddda17bd9f6328f68dc1cf2abe4335811aace8c1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 2f0b35615f0faeb004d1ceee3dab2f58347e2fb3d5ee32757eeb30364d23ce52

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cdn.arstechnica.net/civis/css.php?css=public%3Aac_app.less%2Cpublic%3Aadguest_overlay.less%2Cpublic%3Aars_pvs_post.less%2Cpublic%3Aars_xf.less%2Cpublic%3Aaud_wpconnect.less%2Cpublic%3Abb_code.less%2Cpublic%3Amessage.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Athsvs_separate_vote_scores.less%2Cpublic%3Athtt_article_post_vote.less%2Cpublic%3Athtt_vote_macros.less%2Cpublic%3Auix.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css%2Cpublic%3Astructured_list.less&s=7&l=1&d=1732214650&k=ddda17bd9f6328f68dc1cf2abe4335811aace8c1

Response headers

etag: "673f6c06-fa7"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 42429.180
content-type: image/png
x-cf-reqid: 9448d9df8064a30fa0165bbc1554352d
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 770
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4007
x-cf-tsc: 1732244772
server: CFS 1124

GET
H2 200 ars-pro-plus.png
cdn.arstechnica.net/civis/styles/ars/ars/ Frame 0AAF 4 KB
4 KB 32ms
31ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/civis/styles/ars/ars/ars-pro-plus.png
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/civis/css.php?css=public%3Aac_app.less%2Cpublic%3Aadguest_overlay.less%2Cpublic%3Aars_pvs_post.less%2Cpublic%3Aars_xf.less%2Cpublic%3Aaud_wpconnect.less%2Cpublic%3Abb_code.less%2Cpublic%3Amessage.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Athsvs_separate_vote_scores.less%2Cpublic%3Athtt_article_post_vote.less%2Cpublic%3Athtt_vote_macros.less%2Cpublic%3Auix.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css%2Cpublic%3Astructured_list.less&s=7&l=1&d=1732214650&k=ddda17bd9f6328f68dc1cf2abe4335811aace8c1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 1625da5283542d185d1e375ddcaa56b4ced1cc6c1218752602b2048e79c463bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://cdn.arstechnica.net/civis/css.php?css=public%3Aac_app.less%2Cpublic%3Aadguest_overlay.less%2Cpublic%3Aars_pvs_post.less%2Cpublic%3Aars_xf.less%2Cpublic%3Aaud_wpconnect.less%2Cpublic%3Abb_code.less%2Cpublic%3Amessage.less%2Cpublic%3Athstyleswitch.less%2Cpublic%3Athsvs_separate_vote_scores.less%2Cpublic%3Athtt_article_post_vote.less%2Cpublic%3Athtt_vote_macros.less%2Cpublic%3Auix.less%2Cpublic%3Auix_socialMedia.less%2Cpublic%3Aextra.less%2Cpublic%3Afa.css%2Cpublic%3Astructured_list.less&s=7&l=1&d=1732214650&k=ddda17bd9f6328f68dc1cf2abe4335811aace8c1

Response headers

etag: "673f6c06-fd3"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 42798.309
content-type: image/png
x-cf-reqid: f32c822f63e7410751235a5419d947fb
last-modified: Thu, 21 Nov 2024 17:21:10 GMT
x-cff: B
cf4age: 401
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4051
x-cf-tsc: 1732244772
server: CFS 1124

GET
H2 200 Exo2-SemiBold.ttf
cdn.arstechnica.net/wp-content/uploads/fonts/ Frame 0AAF 124 KB
124 KB 26ms
25ms Font
binary/octet-stream 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/uploads/fonts/Exo2-SemiBold.ttf
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/civis/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Afa.css%2Cpublic%3Aac_app.less%2Cpublic%3Aars_xf.less%2Cpublic%3Amessage.less%2Cpublic%3Astructured_list.less&s=7&l=1&d=1732214650&k=047e4a656706678318c16969b2a96b75c8fa2c02
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 9d6c210218cbc096674d0a95b392fdcb92f51d94a6c5c00af43224f5e4cf8a87

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://arstechnica.com
Referer: https://cdn.arstechnica.net/civis/css.php?css=public%3Anormalize.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less%2Cpublic%3Afa.css%2Cpublic%3Aac_app.less%2Cpublic%3Aars_xf.less%2Cpublic%3Amessage.less%2Cpublic%3Astructured_list.less&s=7&l=1&d=1732214650&k=047e4a656706678318c16969b2a96b75c8fa2c02

Response headers

etag: "dfdc4bd4fdf951faaf1e3a1928962196"
x-amz-version-id: zsKwbHU6OccrYWuZHOfa5boTuFI9btqa
x-cf2: H
x-cf1: 14961:fJ.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 31210.799
content-type: binary/octet-stream
x-cff: B
last-modified: Thu, 27 Apr 2023 20:53:38 GMT
x-amz-id-2: kGMjlv3RSzZtgnPyc/fTdZWQYR9fHLZ+3JNlt7qXWXGw7D/oOO4D2fDjMw0cQTh9XNVx46E5HhE=
x-cf-reqid: 965b553c3e1d2bc20a044c1b383c0f90
x-amz-replication-status: COMPLETED
cf4age: 13985334
x-cf3: H
x-amz-request-id: 70N2GQ1RS24FWA45
accept-ranges: bytes
access-control-allow-origin: *
content-length: 126752
x-cf-tsc: 1716495234
server: CFS 0215
x-amz-server-side-encryption: AES256

GET
H2 200 606319.jpg
cdn.arstechnica.net/civis/data/avatars/s/606/ Frame 0AAF 5 KB
5 KB 26ms
26ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/civis/data/avatars/s/606/606319.jpg?1682390076
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/civis/threads/found-in-the-wild-the-world%E2%80%99s-first-unkillable-uefi-bootkit-for-linux.1504324/?in_iframe=1&wp_data=eyJ1cmwiOiJodHRwczpcL1wvYXJzdGVjaG5pY2EuY29tXC9zZWN1cml0eVwvMjAyNFwvMTFcL2ZvdW5kLWluLXRoZS13aWxkLXRoZS13b3JsZHMtZmlyc3QtdW5raWxsYWJsZS11ZWZpLWJvb3RraXQtZm9yLWxpbnV4XC8iLCJvcGVuX2NvbW1lbnRzIjoiY29tbWVudHM9MSJ9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 3c4cc97d267e5e1a8d3397724d7c730b2dedc51cb30bc99e11f235670c5a9098

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "64473c3c-124d"
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:M
date: Thu, 28 Nov 2024 03:03:18 GMT
cf4ttl: 39817.742
content-type: image/jpeg
x-cf-reqid: 9c7c96fe14ec650a4534e8e07c48a87b
last-modified: Tue, 25 Apr 2023 02:34:36 GMT
x-cff: B
cf4age: 3382
x-cf3: H
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4685
x-cf-tsc: 1729317774
server: CFS 1124

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/latest/ 156 KB
36 KB 165ms
47ms Script
application/x-javascript 13.32.27.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/5fba7d47-419c-40cc-a9fa-e46027c0811b/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b2ac0a80c3037e36cc04e4ac63a9fd246542c3c2370504f571ebaeada10be9cc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

vary: accept-encoding
cache-control: must-revalidate,public,max-age=3600
content-encoding: br
x-amz-version-id: y2XbJrWpid16.q8WCP8QY9COtPaM7Zae
etag: W/"21442f2b8d4d10d9b3feb114c12ad42a"
age: 1641
via: 1.1 84f381696dd33e92960b92250106e464.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: QjM_HWPUbi3UH_uOb2GZND7jwhkSwY8gMyHoN9xF5trScmefZ7wr2w==
date: Thu, 28 Nov 2024 02:35:58 GMT
content-type: application/x-javascript
last-modified: Thu, 07 Nov 2024 16:41:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256

GET
H2 200 topics.html
cdn.permutive.app/ Frame DA47 0
0 101ms
37ms Document
text/html 2606:4700:4400::ac40:98f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.app/topics.html
Requested by: Host: cdn.permutive.app
URL: https://cdn.permutive.app/1dfc40bb-d155-4f15-970e-99450dbfa0e2-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::ac40:98f3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

age: 0
cache-control: max-age=86400, public
cf-cache-status: DYNAMIC
cf-ray: 8e971fc629aded0e-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 28 Nov 2024 03:03:18 GMT
etag: W/"a8522ab0dc78bd982219a29bf045ed47"
expires: Fri, 29 Nov 2024 02:25:55 GMT
last-modified: Fri, 26 Apr 2024 16:31:08 GMT
server: cloudflare
timing-allow-origin: *
x-goog-generation: 1714149068764957
x-goog-hash: crc32c=67icPw== md5=qFIqsNx4vZgiGaKb8EXtRw==
x-goog-metageneration: 1
x-goog-storage-class: REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 947
x-guploader-uploadid: AFiumC4ICdhwmCb8-DhfVRs4MwBYEgzFT1o59xi6XP-4iqHNCP4rzo7EMMP4GOF7aSVUvj18uKc

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 169ms
34ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Cache-Control: no-cache
Content-Length: 43
Date: Thu, 28 Nov 2024 03:03:18 GMT
Content-Type: image/gif
Last-Modified: Thursday, 28-Nov-2024 03:03:18 GMT
Server: nginx
Connection: keep-alive

GET
H/1.1 200
OK /
fpa-events.arstechnica.com/plogger/ 43 B
259 B 466ms
104ms Image
image/gif 52.73.123.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fpa-events.arstechnica.com/plogger/?rand=1732762998748&plid=11bc285a-3a57-4c0e-8e03-ab584e12b1f3&idsite=arstechnica.com&url=https%3A%2F%2Farstechnica.com%2Fsecurity%2F2024%2F11%2Ffound-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux%2F%23comments&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely%3Ametadata-detection%22%3A%7B%22version%22%3A0%2C%22url%22%3A%22https%3A%2F%2Farstechnica.com%2Fsecurity%2F2024%2F11%2Ffound-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux%2F%22%2C%22hash%22%3A1699688503%7D%7D&sid=1&surl=https%3A%2F%2Farstechnica.com%2Fsecurity%2F2024%2F11%2Ffound-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux%2F%23comments&sref=&sts=1732762998728&slts=0&title=Found+in+the+wild%3A+The+world%E2%80%99s+first+unkillable+UEFI+bootkit+for+Linux+-+Ars+Technica&date=Thu+Nov+28+2024+03%3A03%3A18+GMT%2B0000+(Greenwich+Mean+Time)&action=pageview&pvid=c070ec70-8aef-4213-8f74-73c1805c4c74&u=pid%3D4fb4c4fc-a9c0-4896-88ed-30698041cea0
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.73.123.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-73-123-163.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Cache-Control: no-cache
Content-Length: 43
Date: Thu, 28 Nov 2024 03:03:19 GMT
Content-Type: image/gif
Last-Modified: Thursday, 28-Nov-2024 03:03:19 GMT
Server: nginx
Connection: keep-alive

GET
DATA 200
OK truncated
/ Frame 0AAF 169 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3fe9a03f976f998f2452d02525a5ad58731b945cbe4ab28090497b51bc855d65

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

POST
H2 200 yv8 Show response
c.arstechnica.com/com.condenast/ 2 B
181 B 100ms
99ms XHR
text/plain 44.213.38.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.arstechnica.com/com.condenast/yv8

Requested by

Host: globalservices.conde.digital
URL: https://globalservices.conde.digital/p77xzrbz9z.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.213.38.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-213-38-227.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
SP-Anonymous: *
Content-Type: application/json; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://arstechnica.com
content-length: 2
date: Thu, 28 Nov 2024 03:03:18 GMT
server: nginx
access-control-allow-credentials: true

POST
H3 200 identify Show response
permutive.arstechnica.com/v2.0/ 50 B
89 B 64ms
37ms XHR
application/json 34.107.161.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://permutive.arstechnica.com/v2.0/identify?k=3c5b06e3-9636-482d-9481-33025da5def5
Requested by: Host: cdn.permutive.app
URL: https://cdn.permutive.app/1dfc40bb-d155-4f15-970e-99450dbfa0e2-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.161.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.161.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 413cdfb475c4777f504b10a2487baae77e004c8fbaa3c42c1dc0ff66ab6623dd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://arstechnica.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70
date: Thu, 28 Nov 2024 03:03:18 GMT
content-type: application/json
vary: Origin
server: Permutive

GET
H/1.1 200
OK embed-api.json Show response
player.cnevids.com/ 11 KB
5 KB 231ms
153ms Fetch
application/json 18.173.205.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/embed-api.json?videoId=637bbbbd103e9e2dd00699f6&interludeOverride=true&playerType=interlude&embedLocation=arstechnica

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/637bbbbd103e9e2dd00699f6.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=sitewideInterludeVideoOverride&recStrategy=sitewideInterludeVideoOverride&showPlaylistBar=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.173.205.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-205-99.fra56.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

8f1ea4a73a300dd974ba27cdc2e9bde61167be745e6acf88b1ca71469731a8c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Access-Control-Max-Age: 1728000
X-Request-Id: 1a7940e5-8c2d-47ec-8447-1ca943137ad9
Access-Control-Expose-Headers
Content-Encoding: gzip
ETag: W/"d4331e7df846c03a47576de1e2864e1f"
X-Permitted-Cross-Domain-Policies: none
Access-Control-Allow-Methods: GET, OPTIONS
X-Content-Type-Options: nosniff
Status: 200 OK
X-Cache: Miss from cloudfront
X-Amz-Cf-Id: H7gbVuKNp5LMyhB5QZWZvOyi4eFh24dYxEmQIlRWUuLE047_Ew03wQ==
Date: Thu, 28 Nov 2024 03:03:19 GMT
Content-Type: application/json; charset=utf-8
X-Backend-Node: 10.110.15.154
X-Runtime: 0.015533
Vary: Origin,Accept-Encoding
Cache-Control: max-age=300, public
Connection: keep-alive
Referrer-Policy: strict-origin-when-cross-origin
X-Download-Options: noopen
Via: 1.1 044b6ab929e12b48b2113c346ddcec30.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
Content-Length: 3863
X-XSS-Protection: 1; mode=block
X-Amz-Cf-Pop: FRA56-P12
Server: nginx/1.18.0

GET
H2 200 / Show response
geo.privacymanager.io/ 28 B
625 B 36ms
35ms Fetch
application/json 13.32.99.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/latest/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-59.fra60.r.cloudfront.net
Software: /
Resource Hash: a81b295b51029aa9eac46af64442efd6b08f8492104a6ca3c9bae23a58920b07

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json
Content-Type: application/json

Response headers

x-amz-apigw-id: B7mw3H3QjoEEBgQ=
age: 9586
x-amzn-trace-id: Root=1-6747b805-277ea8aa49d4a23d7f6de1ac;Parent=391009879e704e68;Sampled=0;Lineage=1:06620786:0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
x-amzn-requestid: c784ea53-fbe4-47cf-803f-b781a4e60180
via: 1.1 d60e84ebd0183f97f50eb1677fb4b7be.cloudfront.net (CloudFront), 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 28
x-amz-cf-id: 6HYsZMrGKRIt1w_QjjQBLpXQI6ClwXif2xr9hNku9cQ_mGanFGAyAA==
date: Thu, 28 Nov 2024 00:23:33 GMT
content-type: application/json
x-amz-cf-pop: FRA60-P8, FRA60-P3
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 164ms
67ms Preflight
application/json 13.32.99.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-59.fra60.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://arstechnica.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Thu, 28 Nov 2024 03:03:19 GMT
via: 1.1 102d8cf947b68167e34dd1299c206242.cloudfront.net (CloudFront), 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
x-amz-apigw-id: B7-KrExUDoEEgwQ=
x-amz-cf-id: U959KJ4NSPRGdL-8yDOeafyFfPpGnQqLZUSRG0g8aaCXNX5GbUSRFA==
x-amz-cf-pop: FRA56-P3 FRA60-P3
x-amzn-requestid: 02506874-d495-41bc-8c6c-e4c57fba4874
x-cache: Miss from cloudfront

POST
H2 200 0264e839a2f86a99c476983ba3a699723dc2e66f95 Show response
planebasin.com/create/4596af591a/ 303 B
775 B 130ms
67ms Fetch
application/json 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://planebasin.com/create/4596af591a/0264e839a2f86a99c476983ba3a699723dc2e66f95

Requested by

Host: shiverscissors.com
URL: https://shiverscissors.com/v2fumwIJOo-LsCB0dlG18VSTW43CpWhUEPJuKeRTzrEQdSPPlMr5GymU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

503609ce914f41e09e237184fdc6323ca676c2e8d33c4f4dce7b261595d1820f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://arstechnica.com/

Response headers

content-encoding: br
cf-cache-status: DYNAMIC
x-buildname: hoothoot
access-control-allow-methods: POST, OPTIONS
x-hostname: fen-hoothoot-europe-west1-test-wtl1
expires: Thu, 28 Nov 2024 03:03:18 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 28 Nov 2024 03:03:19 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security: max-age=15724800; preload
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
access-control-allow-credentials: true
x-datacenter: gce-europe-west1
via: 1.1 google
cf-ray: 8e971fc83c2d6511-LHR
access-control-allow-origin: https://arstechnica.com
x-buildnumber: 1553448542
server: cloudflare

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6F8C 424 KB
145 KB 188ms
77ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058856f2093d99fb55804a133256ce56e4db69ab1f5e7b4575776022a960008a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

cache-control: private, max-age=900, stale-while-revalidate=3600
content-encoding: gzip
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 03:03:19 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 148130
date: Thu, 28 Nov 2024 03:03:19 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H2 200 vans-adapter-google-ima.js Show response
static.adsafeprotected.com/ Frame 6F8C 19 KB
7 KB 38ms
37ms Script
application/javascript 2600:9000:21f3:b800:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/vans-adapter-google-ima.js
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/637bbbbd103e9e2dd00699f6.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=sitewideInterludeVideoOverride&recStrategy=sitewideInterludeVideoOverride&showPlaylistBar=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:b800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
x-amz-version-id: 4UvdbwUsN2CunQyNARaRw4ABpoiv.VmX
etag: W/"8ec0c211dda60907ae57f46e621bc794"
age: 124473
x-cache: Hit from cloudfront
x-amz-cf-id: wmh5KHlve1ewRhY5-KjUzh_n0LeK-O20IFLMvJY7w0wck5FkZlHCzQ==
date: Tue, 26 Nov 2024 16:28:47 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Thu, 08 Jul 2021 19:25:58 GMT
x-amz-replication-status: COMPLETED
cache-control: max-age=604800
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 107 KB
38 KB 147ms
36ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9bb1484f76b7b8ab6ebc1744375a18ef1e2aa60e1360ef404011ce948a399fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
age: 799
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 03:05:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 02:50:00 GMT
last-modified: Wed, 20 Nov 2024 19:22:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=900
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 38493
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK player-style-ea5c3f914e4a7f8b4048.css
player-frontend.cnevids.com/player/ Frame 6F8C 90 KB
13 KB 139ms
36ms Stylesheet
text/css 52.222.236.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player-frontend.cnevids.com/player/player-style-ea5c3f914e4a7f8b4048.css
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/637bbbbd103e9e2dd00699f6.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=sitewideInterludeVideoOverride&recStrategy=sitewideInterludeVideoOverride&showPlaylistBar=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-34.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8c27aa375e72aa034c2a334e79449c4d4ec14c0822813cf9a6b29cf4a46301ba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Content-Encoding: gzip
ETag: "9be0ae22782725abae052496c66204ef"
x-amz-version-id: 6vJ5h_HDSlAyWscBNwHZURf8qiDvI1jt
Age: 841015
Expires: Tue, 01 Jan 2030 00:00:00 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: U79x5RDF_RO41vU4DzL7rwCJt1udVAPcVGAnvqIN251nn2eQMh1xEA==
Date: Mon, 18 Nov 2024 09:26:25 GMT
Content-Type: text/css; charset=utf-8
Last-Modified: Mon, 18 Nov 2024 09:25:50 GMT
x-amz-replication-status: PENDING
Cache-Control: max-age=63072000, public
Connection: keep-alive
Via: 1.1 34fdfb7c7c11559df7e622af2b62f5ca.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 12987
X-Amz-Cf-Pop: FRA56-P4
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK main-bccc532368058a62b43d.js Show response
player-frontend.cnevids.com/player/ Frame 6F8C 978 KB
256 KB 141ms
38ms Script
application/javascript 52.222.236.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player-frontend.cnevids.com/player/main-bccc532368058a62b43d.js
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/637bbbbd103e9e2dd00699f6.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=sitewideInterludeVideoOverride&recStrategy=sitewideInterludeVideoOverride&showPlaylistBar=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-34.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 54f3527f2641ce9314fd126b3dffd6f5195a1e0f219e1f3665ffdf2d9951f2f1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Content-Encoding: gzip
ETag: "d2ede8dacf5fc13a3e9ac9421a66ecad"
x-amz-version-id: LjQE1NAco1hq4P9k9St2XO5Z.cgLlpsM
Age: 841015
Expires: Tue, 01 Jan 2030 00:00:00 GMT
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: N4zgBAcu5Zkq_ILznVqmgiWMbulTo1gUZCtUBZXRdiMEIxMpnqGzrg==
Date: Mon, 18 Nov 2024 09:26:25 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Mon, 18 Nov 2024 09:25:50 GMT
x-amz-replication-status: PENDING
Cache-Control: max-age=63072000, public
Connection: keep-alive
Via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Content-Length: 261715
X-Amz-Cf-Pop: FRA56-P4
Server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 200 0264e839a2f86a99c476983ba3a699723dc2e66f95 Show response
planebasin.com/4496af591a/ 3 B
71 B 49ms
47ms Fetch
application/json 2606:4700::6812:186f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://planebasin.com/4496af591a/0264e839a2f86a99c476983ba3a699723dc2e66f95

Requested by

Host: shiverscissors.com
URL: https://shiverscissors.com/v2fumwIJOo-LsCB0dlG18VSTW43CpWhUEPJuKeRTzrEQdSPPlMr5GymU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:186f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://arstechnica.com/

Response headers

cf-cache-status: DYNAMIC
x-buildname: hoothoot
access-control-allow-methods: POST, OPTIONS
x-hostname: fen-hoothoot-europe-west1-test-wtl1
expires: Thu, 28 Nov 2024 03:03:18 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 28 Nov 2024 03:03:19 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding, Origin
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
strict-transport-security: max-age=15724800; preload
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
access-control-allow-credentials: true
x-datacenter: gce-europe-west1
via: 1.1 google
cf-ray: 8e971fc8cc876511-LHR
access-control-allow-origin: https://arstechnica.com
content-length: 3
x-buildnumber: 1553448542
server: cloudflare

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
743 B 227ms
82ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613993160362&event=PermutiveSegmentEntry&ed[segment_id]=%22179802%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 816365dd058cb4535de40ab882c5e2ef
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 6765544327801594
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b17

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
765 B 225ms
82ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613942197734&event=PermutiveSegmentEntry&ed[segment_id]=%22179802%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

x-pinterest-rid-128bit: 01a6bb5310a7b6f9d05b3ec20f88e559
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=600
date: Thu, 28 Nov 2024 03:03:19 GMT
content-type: image/gif
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-cdn: akamai
referrer-policy: origin
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
akamai-grn: 0.0e6ed417.1732762999.230c8b16
x-pinterest-rid: 1501366278597488

GET
H2 403 /
ct.pinterest.com/v3/ 0
406 B 328ms
185ms Image
text/plain 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612884016232&event=PermutiveSegmentEntry&ed[segment_id]=%22179802%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
warning: Tag is disabled due to Pinterest Tag Cloning
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: 312063f8d38198117afee6e0cd66d9de
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 0
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 8862774969904847
akamai-grn: 0.0e6ed417.1732762999.230c8b19

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
746 B 325ms
183ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614456676833&event=PermutiveSegmentEntry&ed[segment_id]=%22179802%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: 0b2707e30bc7de65fa60351c3445cc59
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1804147850249855
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b1a

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
743 B 328ms
186ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613693464092&event=PermutiveSegmentEntry&ed[segment_id]=%22179802%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: d1203713504a2fa5245fd69395ab3274
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 2621049437512479
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b1b

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
742 B 227ms
85ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613412329272&event=PermutiveSegmentEntry&ed[segment_id]=%22179802%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 2a3c9484bdaa739376e7cfdfe68a11b0
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 8568045376648122
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b1c

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
742 B 178ms
175ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613974011853&event=PermutiveSegmentEntry&ed[segment_id]=%22179802%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 670e9ab7f40423a153525e83057023b7
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 6003965170063254
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b2a

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
744 B 173ms
169ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613235752889&event=PermutiveSegmentEntry&ed[segment_id]=%22179802%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: 13aea9e3f2837660e9f9dd337d153067
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1685974989324977
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b2b

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
742 B 96ms
93ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613461182346&event=PermutiveSegmentEntry&ed[segment_id]=%22179802%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: dafc538806fc5ace15f5c1fd6a7f3b28
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1582384138248207
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b30

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
740 B 188ms
185ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613268077396&event=PermutiveSegmentEntry&ed[segment_id]=%22179802%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 70116d3b79a6aea190ee55afe7592568
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1044337879990777
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b31

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
742 B 95ms
92ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612382027931&event=PermutiveSegmentEntry&ed[segment_id]=%22179802%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: 476ff5bb175905af073e90d0793e155c
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 5220138318832653
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b32

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
746 B 205ms
202ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613198264478&event=PermutiveSegmentEntry&ed[segment_id]=%22179802%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: ec2dc2d0a7be0daec61a09b319927626
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1427473263373703
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b33

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
744 B 209ms
206ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613528303813&event=PermutiveSegmentEntry&ed[segment_id]=%22179802%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 46cdbfd24483baf37ef10ed62f881fa1
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 9147108631249428
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b34

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
745 B 198ms
195ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613993160362&event=PermutiveSegmentEntry&ed[segment_id]=%22179820%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 53b948f6606fda5a41e612490f213d10
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 4748502962104515
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b35

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
742 B 200ms
198ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613412329272&event=PermutiveSegmentEntry&ed[segment_id]=%22179820%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 51f036314b35878688fa68a9b9d0a092
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 9870316611512082
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b36

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
744 B 188ms
185ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613235752889&event=PermutiveSegmentEntry&ed[segment_id]=%22179820%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: be3eac196ece89ad00ba78fa0fe171e9
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 5248736107177213
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b37

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
745 B 212ms
210ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613942197734&event=PermutiveSegmentEntry&ed[segment_id]=%22179820%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: c9fb881e17bd7065fb9b5b47ae4d6256
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1813018508833517
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b38

GET
H2 403 /
ct.pinterest.com/v3/ 0
407 B 190ms
188ms Image
text/plain 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612884016232&event=PermutiveSegmentEntry&ed[segment_id]=%22179820%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
warning: Tag is disabled due to Pinterest Tag Cloning
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 6f83af4454b2285f1da0fa521b7faa74
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 0
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 2134981453929228
akamai-grn: 0.0e6ed417.1732762999.230c8b39

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
745 B 400ms
398ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614456676833&event=PermutiveSegmentEntry&ed[segment_id]=%22179820%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 2c9e4cc3d2e3959f3b186a764ff472d6
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 4258270504058909
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b3a

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
747 B 191ms
189ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613693464092&event=PermutiveSegmentEntry&ed[segment_id]=%22179820%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 87962d2b1cc75148f071e8cae9fa0fd7
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1732588519967752
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b3b

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
745 B 193ms
190ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613974011853&event=PermutiveSegmentEntry&ed[segment_id]=%22179820%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: 94a908b498a6b2ad6e133d96c693b50e
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 7931751086515533
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b3c

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
745 B 100ms
98ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613461182346&event=PermutiveSegmentEntry&ed[segment_id]=%22179820%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 219181c58ac4bdf447c45fc79550226d
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 5171363582936359
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b3d

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
744 B 202ms
199ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613268077396&event=PermutiveSegmentEntry&ed[segment_id]=%22179820%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 6ab403a03a7c9c4b45bf4b65fd54607f
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 5025818610582708
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b3e

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
745 B 193ms
191ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612382027931&event=PermutiveSegmentEntry&ed[segment_id]=%22179820%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: bf24f676b5f1eec105e355a5b23d16b9
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 4242769600512713
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b3f

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
744 B 200ms
198ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613198264478&event=PermutiveSegmentEntry&ed[segment_id]=%22179820%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: 2fd1f7fed6a6c79f08245309671d7bde
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 5866851513148036
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b40

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
745 B 182ms
180ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613528303813&event=PermutiveSegmentEntry&ed[segment_id]=%22179820%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 2a820527843d8889f9428db53c30ed40
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1796107407344539
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b41

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
745 B 211ms
209ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613993160362&event=PermutiveSegmentEntry&ed[segment_id]=%229710%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 525ce4162aa68cf2d4f4c4f052ea1b6d
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1534510636682039
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b42

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
744 B 205ms
203ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613942197734&event=PermutiveSegmentEntry&ed[segment_id]=%229710%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: e09e8598be16cff1c1c6167f2503f13c
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1396287243004647
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b43

GET
H2 403 /
ct.pinterest.com/v3/ 0
407 B 203ms
201ms Image
text/plain 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612884016232&event=PermutiveSegmentEntry&ed[segment_id]=%229710%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
warning: Tag is disabled due to Pinterest Tag Cloning
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: 67f0f5009de22bb6c9f3ec4bc6077122
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 0
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1455223463115328
akamai-grn: 0.0e6ed417.1732762999.230c8b44

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
746 B 212ms
211ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2614456676833&event=PermutiveSegmentEntry&ed[segment_id]=%229710%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: 0c83202f640da9fad9e3579a285ad4cf
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1570048904555730
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b45

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
743 B 210ms
208ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613693464092&event=PermutiveSegmentEntry&ed[segment_id]=%229710%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 3a225f775f578a17c2dec7d9e75302f9
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1404188042689059
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b46

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
747 B 208ms
206ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613412329272&event=PermutiveSegmentEntry&ed[segment_id]=%229710%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: ebefdcd502a8d63681e3755f1247b26b
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 9359453501795054
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b47

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
743 B 207ms
205ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613974011853&event=PermutiveSegmentEntry&ed[segment_id]=%229710%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 10d40bb33b1d6a523dfeb477578ebf3d
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 4467206305061191
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b48

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
745 B 183ms
182ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613235752889&event=PermutiveSegmentEntry&ed[segment_id]=%229710%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: 727dba3883a1db12f33be1f34dadc4b4
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1752685080993895
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b49

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
743 B 400ms
399ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613461182346&event=PermutiveSegmentEntry&ed[segment_id]=%229710%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: 9dc688936eb8fc93af3c38c548ab3eb7
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1262702987521892
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b4a

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
743 B 157ms
155ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613268077396&event=PermutiveSegmentEntry&ed[segment_id]=%229710%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: 62157812e3cd6218e669406388ce3f1e
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1660287229751920
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b4b

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
741 B 201ms
200ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2612382027931&event=PermutiveSegmentEntry&ed[segment_id]=%229710%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 1
x-pinterest-rid-128bit: f8fb86da8f38aa1ab4504b3af19772fe
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1299296764149730
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b4c

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
745 B 206ms
205ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613198264478&event=PermutiveSegmentEntry&ed[segment_id]=%229710%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: 6975715ccfb5366cc253d68dbac758a2
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 1400277157063736
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b4d

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
745 B 194ms
193ms Image
image/gif 23.75.64.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613528303813&event=PermutiveSegmentEntry&ed[segment_id]=%229710%22

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.75.64.232 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-75-64-232.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
cache-control: no-cache,no-store,must-revalidate,max-age=0
pragma: no-cache
x-envoy-upstream-service-time: 0
x-pinterest-rid-128bit: 4de551da2247e1f11e828b72d58b94e0
x-cdn: akamai
referrer-policy: origin
expires: Sat, 01 Jan 2000 00:00:00 GMT
pinterest-version: 8301cfbe62c69d5ff73040047162293455502b88
access-control-allow-origin: *
content-length: 35
date: Thu, 28 Nov 2024 03:03:19 GMT
x-pinterest-rid: 2198472893435450
content-type: image/gif
akamai-grn: 0.0e6ed417.1732762999.230c8b4e

GET 1849c7c7-27ea-4925-9a98-ccea61e0d52e
https://arstechnica.com/ Frame 0
0

GET
H3 200 ima_ppub_config Show response
securepubads.g.doubleclick.net/pagead/ Frame 6F8C 212 B
106 B 52ms
51ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ima_ppub_config?ippd=https%3A%2F%2Farstechnica.com%2Fsecurity%2F2024%2F11%2Ffound-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux%2F%3Fcomments-page%3D1%23comments

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

44e6c0dd4ae3af7ef5cb42b58ba795705002eaac7cd033867103a78b69544156

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 03:03:19 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 81
date: Thu, 28 Nov 2024 03:03:19 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

POST
H2 200 yv8 Show response
c.arstechnica.com/com.condenast/ 2 B
181 B 99ms
96ms XHR
text/plain 44.213.38.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.arstechnica.com/com.condenast/yv8

Requested by

Host: globalservices.conde.digital
URL: https://globalservices.conde.digital/p77xzrbz9z.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.213.38.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-213-38-227.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
SP-Anonymous: *
Content-Type: application/json; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://arstechnica.com
content-length: 2
date: Thu, 28 Nov 2024 03:03:19 GMT
server: nginx
access-control-allow-credentials: true

GET
H/1.1 200
OK sf-ui-display-medium-webfont.woff2
player-frontend.cnevids.com/assets/fonts/ Frame 6F8C 29 KB
30 KB 488ms
417ms Font
application/font-woff2 52.222.236.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player-frontend.cnevids.com/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by: Host: player-frontend.cnevids.com
URL: https://player-frontend.cnevids.com/player/player-style-ea5c3f914e4a7f8b4048.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-34.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://arstechnica.com
Referer: https://player-frontend.cnevids.com/player/player-style-ea5c3f914e4a7f8b4048.css

Response headers

Access-Control-Max-Age: 3000
Content-Encoding: gzip
x-amz-version-id: jNwTnDrOXQCtwNbzpCCrw4_AQmswfr1J
ETag: "7d18db04f980971f2a9c5026bbc34bed"
Access-Control-Allow-Methods: GET
Expires: Tue, 01 Jan 2030 00:00:00 GMT
X-Cache: RefreshHit from cloudfront
X-Amz-Cf-Id: 6GKimky8CTDpgeqyuOVUmiq4nie-AF03REEIoJpxAv8z3innwsjC4g==
Date: Thu, 28 Nov 2024 03:03:21 GMT
Content-Type: application/font-woff2
Last-Modified: Thu, 01 Jun 2023 16:30:06 GMT
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-replication-status: COMPLETED
Cache-Control: max-age=63072000, public
Connection: keep-alive
Via: 1.1 64f5a3ab7bfb476c633b87746aced0ee.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 29632
X-Amz-Cf-Pop: FRA56-P4
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 bridge3.677.0_en.html
imasdk.googleapis.com/js/core/ Frame 4AD3 0
0 110ms
34ms Document
text/html 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.677.0_en.html?gdpr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 72378
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 257602
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Nov 2024 06:57:01 GMT
expires: Thu, 27 Nov 2025 06:57:01 GMT
last-modified: Wed, 20 Nov 2024 19:20:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 6F8C 44 KB
17 KB 157ms
45ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

cache-control: private, max-age=900
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 03:03:19 GMT
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
content-length: 16746
date: Thu, 28 Nov 2024 03:03:19 GMT
x-xss-protection: 0
content-type: text/javascript
vary: Accept-Encoding
server: sffe

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 6F8C 239 KB
61 KB 99ms
37ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: player-frontend.cnevids.com
URL: https://player-frontend.cnevids.com/player/main-bccc532368058a62b43d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-gpV8bJ9Y' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 28 Nov 2024 03:03:19 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-gpV8bJ9Y' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=36, rtx=0, c=23, mss=1232, tbw=4456, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: LNiDll7RR+EAZIPMikEUn3EX4RawMTKn3SMSist4oExSvIuL7gUKcTBJvK63mV/YIMDpNGzidvg76uTeHwrihg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D678 45 KB
15 KB 124ms
34ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

content-encoding: gzip
age: 1918
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
x-content-type-options: nosniff
expires: Thu, 28 Nov 2024 03:31:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 28 Nov 2024 02:31:21 GMT
last-modified: Tue, 19 Nov 2024 15:43:57 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=3600
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
accept-ranges: bytes
content-length: 15725
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK arstechnica_how-lighting-design-in-the-callisto-protocol-sets-a-menacing-mood.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1669131457/ Frame 6F8C 62 KB
63 KB 133ms
39ms Image
image/jpeg 3.160.156.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1669131457/arstechnica_how-lighting-design-in-the-callisto-protocol-sets-a-menacing-mood.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.160.156.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-156-42.fra60.r.cloudfront.net

Software

cloudflare /

Resource Hash

25e91617270276da78dc34ede7a31a16303103effc904e3cde3148645071c7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
ETag: "1dbc07d904c6f45af7e7dea4220c052c"
Age: 1475564
x-content-type-options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 89Fy-g_5cYy0o9wDE9n-KYyFtIKszn8Vz1hMBk4hWJTCv_QBVPDz0Q==
Date: Mon, 11 Nov 2024 01:10:35 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 22 Nov 2022 17:06:11 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=604800
Cache-Control: public, no-transform, immutable, max-age=2592000
timing-allow-origin: *
Connection: keep-alive
Via: 1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
CF-Ray: 8e0a4fec9ed61a7d-FRA
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 63549
X-Amz-Cf-Pop: FRA60-P7
Server: cloudflare

GET
H/1.1 206
Partial Content 2ad60330-9326-46ca-8d25-957162dbe214thumbs.mp4
dp8hsntg6do36.cloudfront.net/637bbbbd103e9e2dd00699f6/ Frame 6F8C 365 KB
0 127ms
35ms Media
video/mp4 18.66.147.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/637bbbbd103e9e2dd00699f6/2ad60330-9326-46ca-8d25-957162dbe214thumbs.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-111.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

ETag: "c5d48966f60c02b2ce65e93defa9b0df"
Age: 6138
Connection: keep-alive
Content-Range: bytes 0-1807325/1807326
Via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 1807326
X-Amz-Cf-Id: jUZ0itMSqeeqtn9lt-k6K1VkFapYw3jucT_PmHgWaWYKqE4Skk48QQ==
Date: Thu, 28 Nov 2024 01:26:33 GMT
Content-Type: video/mp4
Last-Modified: Mon, 21 Nov 2022 23:59:47 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P4

GET
H/1.1 206
Partial Content 2ad60330-9326-46ca-8d25-957162dbe214thumbs.mp4
dp8hsntg6do36.cloudfront.net/637bbbbd103e9e2dd00699f6/ Frame 6F8C 1 KB
0 232ms
35ms Media
video/mp4 18.66.147.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/637bbbbd103e9e2dd00699f6/2ad60330-9326-46ca-8d25-957162dbe214thumbs.mp4
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-111.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

ETag: "c5d48966f60c02b2ce65e93defa9b0df"
Age: 6138
Connection: keep-alive
Content-Range: bytes 0-1807325/1807326
Via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
Accept-Ranges: bytes
X-Cache: Hit from cloudfront
Content-Length: 1807326
X-Amz-Cf-Id: eA_2hPjPZCKng3B5rsEAgu1q45bePYMoSngIJ76QfpE3JxEjYu0Wtg==
Date: Thu, 28 Nov 2024 01:26:33 GMT
Content-Type: video/mp4
Last-Modified: Mon, 21 Nov 2022 23:59:47 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P4

POST
H2 200 yv8 Show response
c.arstechnica.com/com.condenast/ 2 B
181 B 102ms
97ms XHR
text/plain 44.213.38.227
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.arstechnica.com/com.condenast/yv8

Requested by

Host: globalservices.conde.digital
URL: https://globalservices.conde.digital/p77xzrbz9z.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.213.38.227 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-213-38-227.compute-1.amazonaws.com

Software

nginx /

Resource Hash

2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
SP-Anonymous: *
Content-Type: application/json; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: https://arstechnica.com
content-length: 2
date: Thu, 28 Nov 2024 03:03:19 GMT
server: nginx
access-control-allow-credentials: true

GET 40907fb9-903c-48ec-b0a5-e87a034d315c
https://arstechnica.com/ Frame 0
0

GET 1c36d210-eadb-4000-a678-137c4d0dcf63
https://arstechnica.com/ Frame 0
0

GET a14ff04f-a3cb-4ca0-9f71-874a651d556a
https://arstechnica.com/ Frame 0
0

GET
H/1.1 200
OK 2ad60330-9326-46ca-8d25-957162dbe214manifest-ios.m3u8 Show response
dp8hsntg6do36.cloudfront.net/637bbbbd103e9e2dd00699f6/ Frame 6F8C 918 B
1 KB 109ms
36ms XHR
application/x-mpegurl 18.66.147.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/637bbbbd103e9e2dd00699f6/2ad60330-9326-46ca-8d25-957162dbe214manifest-ios.m3u8?videoIndex=0&requester=oo
Requested by: Host: player-frontend.cnevids.com
URL: https://player-frontend.cnevids.com/player/main-bccc532368058a62b43d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-111.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c031cbb048af2b27fafb3b1f2863c168b803aaa57c2c2a1040acc9896474ba18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Access-Control-Max-Age: 3000
ETag: "d5544e1fb778abafa40784415fb460f9"
Age: 82028
Access-Control-Allow-Methods: GET, HEAD
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: Dyh0b9oAGstlRPQhBycc2GoNSo7ApwnW8R5OBgYJvJtpbsiNNCJSyQ==
Date: Wed, 27 Nov 2024 04:19:04 GMT
Content-Type: application/x-mpegURL
Last-Modified: Mon, 21 Nov 2022 23:58:19 GMT
Vary: Origin,accept-encoding
Connection: keep-alive
Via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 918
X-Amz-Cf-Pop: FRA60-P4
Server: AmazonS3

POST
H3 200 events Show response
permutive.arstechnica.com/v2.0/batch/ 101 B
131 B 33ms
32ms XHR
application/json 34.107.161.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://permutive.arstechnica.com/v2.0/batch/events?enrich=false&sdkp=true&k=3c5b06e3-9636-482d-9481-33025da5def5
Requested by: Host: cdn.permutive.app
URL: https://cdn.permutive.app/1dfc40bb-d155-4f15-970e-99450dbfa0e2-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.161.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.161.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: d3019a4d32c9fb55b8ca4fa7ee3e27828c08ae56ac3b81aef6a2f0e1a8f939aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type: text/plain
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
access-control-allow-credentials: true
via: 1.1 google
access-control-allow-origin: https://arstechnica.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
date: Thu, 28 Nov 2024 03:03:19 GMT
content-type: application/json
vary: Origin
server: Permutive

GET
H/1.1 200
OK 2ad60330-9326-46ca-8d25-957162dbe214file-1422k-128-48000-768.m3u8 Show response
dp8hsntg6do36.cloudfront.net/637bbbbd103e9e2dd00699f6/ Frame 6F8C 8 KB
1 KB 41ms
40ms XHR
application/x-mpegurl 18.66.147.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/637bbbbd103e9e2dd00699f6/2ad60330-9326-46ca-8d25-957162dbe214file-1422k-128-48000-768.m3u8
Requested by: Host: player-frontend.cnevids.com
URL: https://player-frontend.cnevids.com/player/main-bccc532368058a62b43d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-111.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e349fa6c44767db8f2764ad1ffab3ddf9fa42ba8dcbec69c320951176b1334f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Access-Control-Max-Age: 3000
Content-Encoding: gzip
ETag: W/"feb15792f5e03218e187b5ee5ba4185d"
Age: 81974
Access-Control-Allow-Methods: GET, HEAD
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: xEcXCjZg4weFlPuYdDoxbAkfAy0K3P-4eUivCZnk0q1QRh8s76Odig==
Date: Wed, 27 Nov 2024 04:17:06 GMT
Content-Type: application/x-mpegURL
Last-Modified: Tue, 22 Nov 2022 00:01:16 GMT
Vary: Origin,accept-encoding
Transfer-Encoding: chunked
Connection: keep-alive
Via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA60-P4
Server: AmazonS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: player-frontend.cnevids.com
URL: https://player-frontend.cnevids.com/player/main-bccc532368058a62b43d.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.160.156.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-156-42.fra60.r.cloudfront.net

Software

cloudflare /

Resource Hash

25e91617270276da78dc34ede7a31a16303103effc904e3cde3148645071c7e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://arstechnica.com
Referer: https://arstechnica.com/

Response headers

access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
ETag: "1dbc07d904c6f45af7e7dea4220c052c"
Age: 1475564
x-content-type-options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 89Fy-g_5cYy0o9wDE9n-KYyFtIKszn8Vz1hMBk4hWJTCv_QBVPDz0Q==
Date: Mon, 11 Nov 2024 01:10:35 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 22 Nov 2022 17:06:11 GMT
Vary: Accept-Encoding
Cache-Control: public, no-transform, immutable, max-age=2592000
timing-allow-origin: *
Via: 1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
CF-Ray: 8e0a4fec9ed61a7d-FRA
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 63549
X-Amz-Cf-Pop: FRA60-P7
Server: cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.160.156.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-160-156-42.fra60.r.cloudfront.net

Software

cloudflare /

Resource Hash

25e91617270276da78dc34ede7a31a16303103effc904e3cde3148645071c7e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,x-content-type-options
ETag: "1dbc07d904c6f45af7e7dea4220c052c"
Age: 1475564
x-content-type-options: nosniff
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: 89Fy-g_5cYy0o9wDE9n-KYyFtIKszn8Vz1hMBk4hWJTCv_QBVPDz0Q==
Date: Mon, 11 Nov 2024 01:10:35 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 22 Nov 2022 17:06:11 GMT
Vary: Accept-Encoding
Cache-Control: public, no-transform, immutable, max-age=2592000
timing-allow-origin: *
Via: 1.1 3e28473376ca49b2cafcfef86a39cf34.cloudfront.net (CloudFront)
CF-Ray: 8e0a4fec9ed61a7d-FRA
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 63549
X-Amz-Cf-Pop: FRA60-P7
Server: cloudflare

GET
H/1.1 200
OK 2ad60330-9326-46ca-8d25-957162dbe214file-1422k-128-48000-768-00001.ts Show response
dp8hsntg6do36.cloudfront.net/637bbbbd103e9e2dd00699f6/ Frame 6F8C 706 KB
694 KB 44ms
43ms XHR
application/x-mpegurl 18.66.147.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/637bbbbd103e9e2dd00699f6/2ad60330-9326-46ca-8d25-957162dbe214file-1422k-128-48000-768-00001.ts
Requested by: Host: player-frontend.cnevids.com
URL: https://player-frontend.cnevids.com/player/main-bccc532368058a62b43d.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-111.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 201d4c6126bb0ee4929eee6977820a9d0ec2a466914981abbb8660f5d622c6bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

Access-Control-Max-Age: 3000
Content-Encoding: gzip
ETag: W/"209d5af41e3d4663b25dfc4732b1a9ae"
Age: 81974
Access-Control-Allow-Methods: GET, HEAD
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: WCDs2zLWiStkR8wHewRGWh5UbwfslFfemtRFq8EzO42U1BvOsXU0wA==
Date: Wed, 27 Nov 2024 04:17:06 GMT
Content-Type: application/x-mpegURL
Last-Modified: Tue, 22 Nov 2022 00:01:14 GMT
Vary: Origin,accept-encoding
Transfer-Encoding: chunked
Connection: keep-alive
Via: 1.1 19dbc4cbbe0be3dca8e57283a83b57c6.cloudfront.net (CloudFront)
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA60-P4
Server: AmazonS3

GET
H2 200 cropped-ars-logo-512_480-60x60.png
cdn.arstechnica.net/wp-content/uploads/2016/10/ 2 KB
3 KB 24ms
23ms Other
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2016/10/cropped-ars-logo-512_480-60x60.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 1124 /
Resource Hash: 8a04b50aeb4df9b4adf64fcb72b65c2c6403a4130eb2da24d040705119c5ed70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "51d98bf817891359f846e77adaf57074"
x-amz-version-id: H8oSxtLD36yFpzqwfo_h_2GnigsCchdQ
x-cf2: H
x-cf1: 14961:fT.lon1:co:1525808045:cacheN.lon1-01:H
date: Thu, 28 Nov 2024 03:03:20 GMT
cf4ttl: 43200.000
content-type: image/png
x-cff: B
last-modified: Wed, 02 Oct 2024 20:30:51 GMT
x-amz-id-2: WR82ugwfVQX3u0X8TbQOlJgGgDLq+LXxfDkcwl5maPoIvtrnNoVXNQEIrnCrVpwrjpvQf6ghamA=
x-cf-reqid: ee272c8cba777ae8aba3f7cb98b48efe
x-amz-replication-status: PENDING
cf4age: 0
x-cf3: M
x-amz-request-id: B6443WJH98ZS5TCV
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2493
x-cf-tsc: 1727901051
server: CFS 1124
x-amz-server-side-encryption: AES256

GET
H2 200 MIN-901870.js Show response
apv-launcher.minute.ly/api/launcher/ 0
971 B 101ms
22ms Script
text/javascript 199.232.215.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://apv-launcher.minute.ly/api/launcher/MIN-901870.js

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/condenast1-network/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

199.232.215.52 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx/1.25.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

x-request-id: 24e3a0a9-2e80-4612-b699-8a33bc98c9c2
x-debug-server-name: apv-launcher.minute.ly
age: 1189342
x-permitted-cross-domain-policies: none
access-control-allow-methods: GET, POST
x-content-type-options: nosniff
x-debug-app-get: GET
expires: Thu, 14 Nov 2024 08:41:00 GMT
x-debug-req-method: GET
x-cache: HIT, HIT
date: Thu, 28 Nov 2024 03:03:22 GMT
content-type: text/javascript; charset=utf-8
x-served-by: cache-iad-kcgs7200166-IAD, cache-lcy-eglc8600021-LCY
x-runtime: 0.005236
x-cache-hits: 11225, 268
access-control-allow-headers: APP-GET,Content-Type
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
cache-control: max-age=30
x-ioriver: Fastly
x-timer: S1732763003.622141,VS0,VE0
access-control-allow-credentials: true
referrer-policy: strict-origin-when-cross-origin
x-download-options: noopen
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block
server: nginx/1.25.1

POST
H2 200 json Show response
trc.taboola.com/condenast-arstechnica/trc/3/ 14 KB
6 KB 274ms
266ms XHR
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/condenast-arstechnica/trc/3/json?llvl=2&tim=03%3A03%3A22.539&lti=trecs&pubit=n&t=1&data=%7B%22cmps%22%3A0%2C%22ga%22%3Atrue%2C%22tcs%22%3A%22CQIzPkAQIzPkAAcABBENBRFgAAAAAELAAChQAAAUvgEAA_AM-AlUBeYDBAGjATVApeAYEgSgAIAAWABUADgAHgAQQAyADUAIgATAAqgBvAD0AH4AQkAiACJAEcAMoAc4A7gB7AD9AIAARQAkQBVwC5gGKANoAcQBDoCRAFsALkAbqA4ICEIELwgAUAjgC_wGjAP3AhWOAGAAIAAuAD8ARwBAACEAEcAX-AwQBowD9wIVjoEwACwAKgAcABBADIANQAiABMACqAF0AMQAbwA9AB-gEQARIAowBlADnAHcAPYAfsBFAEWAJEAVcAuYBigDaAHEAOoAh0BF4CRAEyAKaAWwAuQBlgDdQH9kAAoACACOAMEAaMBCshASAAWADUAKoAYgA3gB6AEcAOcAdwBFACrgFzAMUAbQA6gCmgFyAP7JQFQAEAALAA4AEQAJgAVQAxQCIAIkARwAowCrgFzAMUAdQBDoCJgEXgJEAU0AtgCEJIAOABcAdwBAACOAL_AZYA_cpAjAAWABUADgAIIAZABoAEQAJgAUgAqgBiAD9AIgAiQBRgDKAHOAP0AiwBIgCrgFzAMUAbQA6gCHQETAIvASIApoBbAC5AGWAN1AcEA_sCEJQASABcARwA7gCAAMEAaMA_cCFYELy0AMAGoA7gFNFgAQBHAGjAAA.YAAACFgAAAAA%22%2C%22gwto%22%3Atrue%2C%22id%22%3A%2228345%22%2C%22sd%22%3A%22%22%2C%22ui%22%3A%22%22%2C%22ii%22%3A%22%2Fsecurity%2F2024%2F11%2Ffound-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux%22%2C%22it%22%3A%22text%22%2C%22vi%22%3A1732763002540%2C%22cv%22%3A%2220241126-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Farstechnica.com%2Fsecurity%2F2024%2F11%2Ffound-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux%2F%22%2C%22qs%22%3A%22%22%2C%22bv%22%3A%220%22%2C%22btv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22ccpa_ps%22%3A%221---%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Farstechnica.com%2Fsecurity%2F2024%2F11%2Ffound-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux%2F%3Fcomments-page%3D1%23comments%22%2C%22vpi%22%3A%22%2Fsecurity%2F2024%2F11%2Ffound-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A19596%2C%22sde%22%3A%221.000%22%2C%22lt%22%3A%22trecs%22%2C%22nsid%22%3A%22condenast1-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20-%20AT%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20-%20AT%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a-6x1%3Apub%3Dcondenast1-network%3Aabp%3D0%22%2C%22cd%22%3A13588.5%2C%22mw%22%3A1152%7D%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cacheKey%22%3A%22text%3D%2Fsecurity%2F2024%2F11%2Ffound-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux%2CBelow%20Article%20Thumbnails%20-%20AT%3Dthumbnails-a-6x1%3Apub%3Dcondenast1-network%3Aabp%3D0%22%2C%22_cn%22%3A%22tions_1%22%2C%22lbt%22%3A1732632706790%2C%22wc%22%3Atrue%2C%22pa%22%3A%7B%22en%22%3Atrue%2C%22su%22%3Atrue%7D%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/condenast1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f97047c9b7d95857ec2ebb25c5b23e2ca50ad34052ec5b000d08b467e976d086

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding: gzip
date: Thu, 28 Nov 2024 03:03:22 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-lhr-egll1980070-LHR
x-cache-hits: 0
vary: Accept-Encoding
x-fastly-to-nlb-rtt: 8587
x-timer: S1732763003.564679,VS0,VE240
x-vcl-time-ms: 240
access-control-allow-credentials: true
via: 1.1 varnish
cpu: 0.11375
accept-ranges: bytes
access-control-allow-origin: https://arstechnica.com
x-service-version: v1
server: nginx

GET
H2 200 impl.20241126-16-RELEASE.js Show response
cdn.taboola.com/libtrc/ 919 KB
185 KB 22ms
22ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20241126-16-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/condenast1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 42659f211391c1dfd3571d0b01a303b5792b46d56985f9a023fd03f97afc86bc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: br
etag: "135d6dbda9a43bdb99e993ca890608ce"
x-amz-version-id: onZ3WvjHEtIfxf8H1Ra_S9hjikHEk_SD
age: 15145
x-cache: HIT
date: Thu, 28 Nov 2024 03:03:22 GMT
last-modified: Tue, 26 Nov 2024 14:49:47 GMT
content-type: application/javascript
x-served-by: cache-lhr-egll1980070-LHR
x-cache-hits: 3846
x-amz-id-2: Uxj4E5I3/8OUF17PdvZA/QrNRa62azng8lqHvNrfeaE725cJ2DjKlLLMTTwuRyc+gbWPBGgnovuoN44rtJHy30DQhZnE5yWi
vary: Accept-Encoding
cache-control: private,max-age=31536000
x-timer: S1732763003.554651,VS0,VE0
via: 1.1 varnish
x-amz-request-id: P9JNMB51944CJFT3
accept-ranges: bytes
access-control-allow-origin: *
abp: 86
content-length: 189124
server: AmazonS3-br
x-amz-server-side-encryption: AES256

GET
H2 200 google-topics-api.20241126-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 23ms
23ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/google-topics-api.20241126-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/condenast1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9849449b5111df42d2c88d219403271384d297a49cf647a206dfdba6a6f7da0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

content-encoding: gzip
etag: "22b8fedf9808a3251a6570093afcc22c"
x-amz-version-id: _sebSY9Jn_bhlN4KecTXSy.8FHLol0_5
age: 130345
x-cache: HIT
date: Thu, 28 Nov 2024 03:03:22 GMT
last-modified: Tue, 26 Nov 2024 14:50:18 GMT
x-served-by: cache-lhr-egll1980070-LHR
x-cache-hits: 23219
content-type: application/javascript; charset=utf-8
x-amz-id-2: ju+r1M3EgWVRakfJDxvrse7VUcdt+q6ZNipwpOPigvZ6aEN+qcpUqG/BHyFpEDl6XC7C95HDlOE=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=2629743
x-timer: S1732763003.666106,VS0,VE0
via: 1.1 varnish
x-amz-request-id: S9JPYRSP63473WF2
accept-ranges: bytes
access-control-allow-origin: *
abp: 59
content-length: 1058
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 taboola-browsing-topics.html
cdn.taboola.com/libtrc/static/topics/ Frame C79B 0
0 0ms
0ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/topics/taboola-browsing-topics.html
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/google-topics-api.20241126-16-RELEASE.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

abp: 67
accept-ranges: bytes
access-control-allow-origin: *
age: 2803
cache-control: private,max-age=31536000
content-encoding: gzip
content-length: 340
content-type: text/html
date: Thu, 28 Nov 2024 03:03:17 GMT
etag: "8b140f0f0f6e1a0f986cc7d6dfd74d65"
last-modified: Tue, 13 Feb 2024 13:15:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 varnish
x-amz-id-2: 48wcMmP3sNnxreUWo7n+vd52kUP23mXYXr+Dp1o7+3v30iev/9ik7z3et3z8eOcsRm+In+WhK/M=
x-amz-replication-status: COMPLETED
x-amz-request-id: 9EK5DYBVAAD2EMHW
x-amz-server-side-encryption: AES256
x-amz-version-id: 4MpQ_aQntJKuJTBB3LGK3B7cfa8k5k0b
x-cache: HIT
x-cache-hits: 102
x-served-by: cache-lhr-egll1980094-LHR
x-timer: S1732762998.580288,VS0,VE0

POST
H2 204 / Show response
beacon.taboola.com/ 0
98 B 42ms
22ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.taboola.com/?ab=trecs&pub=condenast-arstechnica&ui=4621f21b-1cf0-4bc5-8a4e-b7414e76a3d6-tucte4162fa&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Article%20Thumbnails%20-%20AT_7000814211%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/condenast1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://arstechnica.com/

Response headers

cache-control: private, no-store
retry-after: 0
x-timer: S1732763003.898708,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://arstechnica.com
x-cache: HIT
date: Thu, 28 Nov 2024 03:03:22 GMT
content-type
x-served-by: cache-lhr-egll1980070-LHR
server: Varnish
x-cache-hits: 0

POST
H2 204 / Show response
beacon.taboola.com/ 0
45 B 42ms
23ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.taboola.com/?ab=trecs&pub=condenast-arstechnica&ui=4621f21b-1cf0-4bc5-8a4e-b7414e76a3d6-tucte4162fa&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Article%20Thumbnails%20-%20AT_7000814211%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/condenast1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://arstechnica.com/

Response headers

cache-control: private, no-store
retry-after: 0
x-timer: S1732763003.898801,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://arstechnica.com
x-cache: HIT
date: Thu, 28 Nov 2024 03:03:22 GMT
content-type
x-served-by: cache-lhr-egll1980070-LHR
server: Varnish
x-cache-hits: 0

POST
H2 204 / Show response
beacon.taboola.com/ 0
60 B 43ms
24ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.taboola.com/?ab=trecs&pub=condenast-arstechnica&ui=4621f21b-1cf0-4bc5-8a4e-b7414e76a3d6-tucte4162fa&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Article%20Thumbnails%20-%20AT_7000814211%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/condenast1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://arstechnica.com/

Response headers

cache-control: private, no-store
retry-after: 0
x-timer: S1732763003.898740,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://arstechnica.com
x-cache: HIT
date: Thu, 28 Nov 2024 03:03:22 GMT
content-type
x-served-by: cache-lhr-egll1980070-LHR
server: Varnish
x-cache-hits: 0

POST
H2 204 / Show response
beacon.taboola.com/ 0
45 B 43ms
24ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.taboola.com/?ab=trecs&pub=condenast-arstechnica&ui=4621f21b-1cf0-4bc5-8a4e-b7414e76a3d6-tucte4162fa&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Article%20Thumbnails%20-%20AT_7000814211%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/condenast1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://arstechnica.com/

Response headers

cache-control: private, no-store
retry-after: 0
x-timer: S1732763003.898771,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://arstechnica.com
x-cache: HIT
date: Thu, 28 Nov 2024 03:03:22 GMT
content-type
x-served-by: cache-lhr-egll1980070-LHR
server: Varnish
x-cache-hits: 0

POST
H2 204 / Show response
beacon.taboola.com/ 0
45 B 42ms
23ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.taboola.com/?ab=trecs&pub=condenast-arstechnica&ui=4621f21b-1cf0-4bc5-8a4e-b7414e76a3d6-tucte4162fa&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Article%20Thumbnails%20-%20AT_7000814211%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/condenast1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://arstechnica.com/

Response headers

cache-control: private, no-store
retry-after: 0
x-timer: S1732763003.898824,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://arstechnica.com
x-cache: HIT
date: Thu, 28 Nov 2024 03:03:22 GMT
content-type
x-served-by: cache-lhr-egll1980070-LHR
server: Varnish
x-cache-hits: 0

POST
H2 204 / Show response
beacon.taboola.com/ 0
85 B 43ms
25ms XHR
text/plain 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.taboola.com/?ab=trecs&pub=condenast-arstechnica&ui=4621f21b-1cf0-4bc5-8a4e-b7414e76a3d6-tucte4162fa&eventType=metrics&extraData=%7B%22placementModeGroupsId%22%3A%22Below%20Article%20Thumbnails%20-%20AT_7000814211%22%2C%22eventName%22%3A%22ResponsiveWidget-event-checking_overflowing_cards%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/condenast1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://arstechnica.com/

Response headers

cache-control: private, no-store
retry-after: 0
x-timer: S1732763003.898905,VS0,VE0
access-control-allow-credentials: true
access-control-allow-methods: GET, POST
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://arstechnica.com
x-cache: HIT
date: Thu, 28 Nov 2024 03:03:22 GMT
content-type
x-served-by: cache-lhr-egll1980070-LHR
server: Varnish
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
735 B 189ms
189ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://arstechnica.com/

Response headers

etag: "dfa7b52c86e56bd67fa4002f6ed19854"
x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
age: 0
x-cache: HIT
date: Thu, 28 Nov 2024 03:03:24 GMT
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
x-served-by: cache-lhr-egll1980070-LHR
x-cache-hits: 130222
content-type: image/png
x-amz-id-2: PAkZeLSiBYnYoiEkJNu2qjp9BTweEdh+bIIR4XppH0VXsOWOqdqWOw6+61jhIybdoN6X3ywOwhE=
x-amz-replication-status: COMPLETED
cache-control: private,max-age=31536000
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1732763004.853568,VS0,VE166
via: 1.1 varnish
x-amz-request-id: BRRW5WZ9A1FV2SD1
accept-ranges: bytes
access-control-allow-origin: *
abp: 68
content-length: 254
server: AmazonS3

POST
H2 204 bulk
trc.taboola.com/condenast-arstechnica/log/3/ 0
110 B 34ms
32ms Ping
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/condenast-arstechnica/log/3/bulk?route=AM%3AAM%3AV&lti=trecs&tvi2=16963&tvi50=15740&tvi62=18148&cv=20241126-16-RELEASE&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/condenast1-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://arstechnica.com/

Response headers

x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Thu, 28 Nov 2024 03:03:23 GMT
content-type: image/gif
x-served-by: cache-lhr-egll1980070-LHR
x-cache-hits: 0
cache-control: no-cache
x-fastly-to-nlb-rtt: 8634
pragma: no-cache
x-timer: S1732763004.876594,VS0,VE10
x-vcl-time-ms: 10
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://arstechnica.com
x-service-version: v1
server: nginx

POST
H2 204 bulk-metrics
am-trc-events.taboola.com/condenast-arstechnica/log/3/ 0
246 B 163ms
31ms Ping
text/plain 141.226.228.48

General

Check archive.org

Show headers Download Go to

Full URL: https://am-trc-events.taboola.com/condenast-arstechnica/log/3/bulk-metrics?route=AM%3AAM%3AV&lti=trecs&tvi2=16963&tvi50=15740&tvi62=18148&cv=20241126-16-RELEASE&bulkSize=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/condenast1-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://arstechnica.com/

Response headers

access-control-allow-origin: https://arstechnica.com
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Thu, 28 Nov 2024 03:03:24 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

POST yv8
c.arstechnica.com/com.condenast/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: arstechnica.com
URL: blob:https://arstechnica.com/b0040f39-0ae7-429e-b3da-5fb73c9d0fcc

Domain: arstechnica.com
URL: blob:https://arstechnica.com/1849c7c7-27ea-4925-9a98-ccea61e0d52e

Domain: arstechnica.com
URL: blob:https://arstechnica.com/40907fb9-903c-48ec-b0a5-e87a034d315c

Domain: arstechnica.com
URL: blob:https://arstechnica.com/1c36d210-eadb-4000-a678-137c4d0dcf63

Domain: arstechnica.com
URL: blob:https://arstechnica.com/a14ff04f-a3cb-4ca0-9f71-874a651d556a

Domain: c.arstechnica.com
URL: https://c.arstechnica.com/com.condenast/yv8

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
arstechnica.com/	1970-01-21 10:04:58	Name: usprivacy Value: 1---
.arstechnica.com/	1969-12-31 23:59:59	Name: xf_session Value: 0v5eLVZkHIA6_E4OvDubN_8f_26okT1k
.criteo.com/	1970-01-21 10:40:58	Name: cto_bundle Value: lNmF6F90SHpIcGFkelhTWjYxUmJRbjVTUmltVXF3ak5FbDUzRGlsZUJkUkRPZXM1JTJGV2tPNUpBa1hqUHk4UEcxb2NjQ1pJVDNxMVFHb0o5T3E4bGVpQ3FRdDJXdFByWkxPZjhxY1U1ZXA1Zm1hRHhHb2o4M2RkOWtHa3FLblJCMzEySjI2
.criteo.com/	1970-01-21 10:40:58	Name: receive-cookie-deprecation Value: 1
.arstechnica.com/	1969-12-31 23:59:59	Name: xf_csrf Value: eAkD3l_oCQcXFpHW
arstechnica.com/	1970-01-21 01:23:31	Name: CN_visits_m Value: 1733011200900%26vn%3D1
arstechnica.com/	1970-01-21 01:19:24	Name: CN_in_visit_m Value: true
arstechnica.com/	1970-01-21 10:04:58	Name: OneTrustWPCCPAGoogleOptOut Value: true
.arstechnica.com/	1970-01-21 05:39:57	Name: permutive-id Value: 788b7dcc-51e2-45cb-bf78-6fcb68b537ca
.arstechnica.com/	1970-01-21 10:55:22	Name: _ga_LRHY7JG2PW Value: GS1.1.1732762998.1.0.1732762998.0.0.1348641268
.arstechnica.com/	1970-01-21 10:55:22	Name: _ga Value: GA1.1.892949161.1732762998
.arstechnica.com/	1970-01-21 10:04:58	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Thu+Nov+28+2024+03%3A03%3A18+GMT%2B0000+(Greenwich+Mean+Time)&version=202409.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=9afc0c00-fa04-45dc-a412-598a02c2fd24&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Farstechnica.com%2Fsecurity%2F2024%2F11%2Ffound-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux%2F%23comments&groups=C0003%3A0%2CC0002%3A1%2CC0004%3A0%2CC0005%3A0%2CC0001%3A1%2CC0009%3A1%2CV2STACK42%3A0
.bd1cec50-00d1-4ce9-9572-785857419a1e.prmutv.co/	1970-01-21 03:31:51	Name: pxid Value: d07c9ab8-7785-450d-844a-6b6a8f73e91f
.adnxs.com/	1970-01-21 10:55:22	Name: receive-cookie-deprecation Value: 1
.arstechnica.com/	1970-01-21 10:04:58	Name: _hjSessionUser_1632543 Value: eyJpZCI6ImMzOGFhY2FkLTUwYTgtNTJjNi04NzhlLThlZGYzZmVhNDUxNSIsImNyZWF0ZWQiOjE3MzI3NjI5OTg3MDksImV4aXN0aW5nIjp0cnVlfQ==
.arstechnica.com/	1970-01-21 01:19:24	Name: _hjSession_1632543 Value: eyJpZCI6Ijc2MDU1ODc1LWVkNTUtNDk4ZS05MmY0LTc3NjM2NjI3ZjMwMSIsImMiOjE3MzI3NjI5OTg3MTAsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=
.arstechnica.com/	1970-01-21 01:19:24	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/#comments%22%2C%22sref%22:%22%22%2C%22sts%22:1732762998728%2C%22slts%22:0}
.arstechnica.com/	1970-01-21 10:48:46	Name: _parsely_visitor Value: {%22id%22:%22pid=4fb4c4fc-a9c0-4896-88ed-30698041cea0%22%2C%22session_count%22:1%2C%22last_session_ts%22:1732762998728}
permutive.arstechnica.com/	1970-01-21 10:55:22	Name: permutive-id-HttpOnly Value: 788b7dcc-51e2-45cb-bf78-6fcb68b537ca
.arstechnica.com/	1970-01-21 01:20:06	Name: _parsely_tpa_blocked Value: {%22tpab%22:false}
.arstechnica.com/	1970-01-21 10:48:10	Name: _awl Value: 2.1732762999.5-231fdbc7d87cbff163678050daac349d-6763652d6575726f70652d7765737431-0
.pinterest.com/	1970-01-21 10:04:58	Name: ar_debug Value: 1
.ct.pinterest.com/	1970-01-21 10:04:58	Name: _pinterest_ct_ua Value: "TWc9PSZ1VzNuS3hLRUZOTVozTS9YRUhhalRwRVQ2c05QWGV0SGJPQkN1eVA0MlJuSTF5RjhKbmRJR25sbkNGZ1ZFRWhPU09ydkhPcmNvOEdwYkJGTnljZHRGME42Y1ZSTjM3TnljemRiWDBMTVltZz0maE1QZExJbCtyaHlLcGo3MHRkMFhKYVJVWVZZPQ=="

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ct.pinterest.com/v3/?tid=2612884016232&event=PermutiveSegmentEntry&ed[segment_id]=%22179802%22 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ct.pinterest.com/v3/?tid=2612884016232&event=PermutiveSegmentEntry&ed[segment_id]=%22179820%22 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ct.pinterest.com/v3/?tid=2612884016232&event=PermutiveSegmentEntry&ed[segment_id]=%229710%22 Message: Failed to load resource: the server responded with a status of 403 ()
rendering	warning	URL: https://arstechnica.com/security/2024/11/found-in-the-wild-the-worlds-first-unkillable-uefi-bootkit-for-linux/?comments-page=1 Message: [GroupMarkerNotSet(crbug.com/242999)!:A000EC01B4350000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data: blob:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads-static.conde.digital
am-trc-events.taboola.com
apv-launcher.minute.ly
arstechnica.com
bd1cec50-00d1-4ce9-9572-785857419a1e.prmutv.co
beacon.taboola.com
c.amazon-adsystem.com
c.arstechnica.com
cdn.arstechnica.net
cdn.cookielaw.org
cdn.permutive.app
cdn.taboola.com
config.aps.amazon-adsystem.com
connect.facebook.net
ct.pinterest.com
dp8hsntg6do36.cloudfront.net
dwgyu36up6iuz.cloudfront.net
fpa-cdn.arstechnica.com
fpa-events.arstechnica.com
geo.privacymanager.io
geolocation.onetrust.com
github.githubassets.com
globalservices.conde.digital
gum.criteo.com
ib.adnxs.com
imasdk.googleapis.com
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
opengraph.githubassets.com
p.skimresources.com
p1.parsely.com
pagead2.googlesyndication.com
permutive.arstechnica.com
pixel.adsafeprotected.com
planebasin.com
player-frontend.cnevids.com
player.cnevids.com
r.skimresources.com
s.skimresources.com
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
securepubads.g.doubleclick.net
shiverscissors.com
static.adsafeprotected.com
static.hotjar.com
t.skimresources.com
tagging.conde.digital
trc.taboola.com
www.googletagmanager.com
www.googletagservices.com
arstechnica.com
c.arstechnica.com
108.138.3.93
108.138.7.116
13.32.27.78
13.32.99.59
13.33.187.74
141.226.228.48
142.250.184.226
142.250.186.98
151.101.1.44
151.101.193.44
151.101.65.91
157.240.251.9
18.173.205.99
18.244.18.27
18.66.102.51
18.66.147.111
185.199.108.154
199.232.215.52
205.234.175.175
23.75.64.232
2600:1901:0:767b::
2600:9000:21f3:b800:8:48e:53c0:93a1
2600:9000:225e:2e00:17:b7d9:a700:93a1
2606:4700:4400::6812:2089
2606:4700:4400::6812:230d
2606:4700:4400::ac40:98f3
2606:4700::6812:186f
2606:4700::6812:562a
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2006
2a00:1450:4001:831::200a
2a02:2638:3::c
3.12.231.112
3.160.150.105
3.160.156.42
34.107.161.9
35.190.59.101
35.190.91.160
35.201.67.47
35.241.9.51
37.252.171.85
44.213.38.227
44.236.234.50
52.17.99.225
52.222.236.34
52.73.123.163
65.9.66.76
65.9.66.9
03e9903204561f2a2bdc85b768de9cebb2a59d97513c8e41fe32f250dc144294
044220bdd4f9269672869d28993e7b47ce2cd932d485f040646da05adcbda7fc
058856f2093d99fb55804a133256ce56e4db69ab1f5e7b4575776022a960008a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0740cfa18f7a531068226a5942c41a8f0624789cd2cb46597a7ca0259752295a
0b60760a2343ac2f519e07d504bb1f626d45e8c4c021da8d9f4e339a6dd42de7
1193e835baf1666d6e589dc3bfee84e7482c8a7536c35883d10cc11abd134604
12a4495dcf4f799da379ec9caf3cfd5fbc675b6228d9ce5dc00eed49bfb5128c
14062ae5ef567a11e65f95aed8f4d6a45191c28eee581e0e3f1f2be9195cfc51
15ac34264bc55502a642a382f4acf37ce04b9e67aa68fad6cf361ba0c0685af8
1625da5283542d185d1e375ddcaa56b4ced1cc6c1218752602b2048e79c463bb
1789d4c2fc0271f22d291a9b69b5636fbb4f4c1400be100abe2c39d669467c3a
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
196a26f222d00eda411fcae8fde1bb24bd6c1d6cdd865be399abb9634175b896
1ab5d457f299a6efeaa9f27e9a4ae6fb39a4a681f9ce1a36528c505bc581afb4
1bf07d8389165905aa154b2c6623dec3c29c3558c710358626c68ee2c77623d3
201d4c6126bb0ee4929eee6977820a9d0ec2a466914981abbb8660f5d622c6bb
24f4b1d2ff04ee7e55a032fd068a02558dc2efcfff85de3466e8cd3f4a8c24bd
25e91617270276da78dc34ede7a31a16303103effc904e3cde3148645071c7e3
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2acaab86c40f5c0c0abaf775113342955f17fc9d79d6c1d03f787a6cf09a0d5b
2e810b5d45456b3a4584ae9ce491d1e5721bf697dca92c3407c126e7575e54c2
2f0b35615f0faeb004d1ceee3dab2f58347e2fb3d5ee32757eeb30364d23ce52
308e490b75b9b82b465f8065c7381635beee5fd76f31e54730c640aee4445f9d
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
34845bb6344cdad5b3e15a37bcfee67bde497cdf5805d31c952c35a92b630e67
3507ca14c84cbffccd872e634a84d93f50882c817e66ffdf2643a7ed884a205e
3603d918095b7b0c05ca08ebcaffb8d514e6cbcb40cab997c74e55b137f07b69
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
37b8a9d44db101c3da81f2ab84efa20585268846a952ad2da7f20d92a129e2c2
37fee29a23c506ccd87223414ff3bd91a8fca9c7d2d0165998aab838bd1fe2cd
3ab2f8706952a3ef2619cf5ab2fd16e063868e1d488ad3554d88f5685dd5c279
3bb0e231fc7fd3a5401b3159990a4718a2257c594cdba910d15b47a80f27ead3
3c4cc97d267e5e1a8d3397724d7c730b2dedc51cb30bc99e11f235670c5a9098
3d95eb8eb17aa8742eaa4cd7377f7557090200e026e8630ab99480bd6add07e1
3faef86389800bee05434bc130ec8161138e926144ccbc56135b90a910c3795a
3fe9a03f976f998f2452d02525a5ad58731b945cbe4ab28090497b51bc855d65
413cdfb475c4777f504b10a2487baae77e004c8fbaa3c42c1dc0ff66ab6623dd
42521a1acb28dd3a4c64265c2526128ee05edad954bb2106cb6238841c5ae0c0
42659f211391c1dfd3571d0b01a303b5792b46d56985f9a023fd03f97afc86bc
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44e6c0dd4ae3af7ef5cb42b58ba795705002eaac7cd033867103a78b69544156
459420a98128519213144edbcd77f87c36069f067531ad192ba555b2c5e056df
4a9865338eea27d217fc1bbfd00b94a876d9796e78aad912a55af44cb5e8da4a
4ca5c394b025a327b799f80fb140f4702eac4838bbcbf6d19c1c3c27dcfa26a0
503609ce914f41e09e237184fdc6323ca676c2e8d33c4f4dce7b261595d1820f
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
52d26e14225a6ca8e783f4b2115863bd90470e2b43e739865c309cd0d91c22a1
54f3527f2641ce9314fd126b3dffd6f5195a1e0f219e1f3665ffdf2d9951f2f1
569f22ab7727a62aae1e2343f455f31e48b1f1ae9f9b406480a48406980c440a
59018e7b19a09ba97a28b3d31c539020b6b9333ed3c1202c78a4bff5eb3c45c3
5b405aa020a990b14ef85d9e869bfc7c73f5638e9046f9e5928fc113e2a5ac14
5e349fa6c44767db8f2764ad1ffab3ddf9fa42ba8dcbec69c320951176b1334f
6395ab128b457a9faf3d181ae654df2a19793f73e581e972afe2de7e03bc92df
64aff3262c56fa48ad38b8d9d4d674a6ee3759d1ce4cb52c66865e3fc2c16d2f
684ec8fb1229016bcc13d9a0eac80269777bc28d756ca7a27f6717179094163f
6954169fb3a557361f39ca96fcea88fa7b0aa595215f0fdc108f6ff63a3fd029
6a9577cd4f7fa6b75bde1025af85b944e9dd1388373b55ccba6e9f80ac2eae60
6cf30bdff2b30f611cad0058f15552d8a04d2169a4ae433bba76b97a8a8f517b
6d26f7668d31aaeb9a8a01ca082bfbc2d4c4ab37eeb46bc54f14bd7d7e085985
6ee1b89d8b8fa72650eaf6b53eebb2295997787fc4394993c4ad6cc4f8c7bcc1
6f3e2c2e77f7c59303206d11fdf97440a1e009a1571078e1595297ebdbd767b6
70e82838b62f8eade45692b7547518fc43c45bbd81fd95837b147610c84bd210
7556f6a2c1621091981074c2b3ecfb2a5d83579d94965eb0e138f98cacd9cf63
76c7232ea7d6e03ffe82fa7a41e365e62ff222a9ce55dee1856f31ec000727c1
772dbcb7cbff1887e1f6c468b8060ad874e61f66de0c9b3a9016f8985800b69c
7c2092048f21074425f3e025db78fb6505f75d6fcf2e121ced055c8d53bcb1b3
7e5c23918762997e2851f5ca38481431503c5a7036e19a128035804a935c0e4e
81a50b09cb85e4ff68788f763b8dcdc549414cecf42ca228a55ab77c971f1286
833ea6d5bf20d2c05447c3598a05d91f49bb65b7d501428f98d32953bba6c52f
8369020f35a15fb3bb9f14aed22997412e2e2f0e3c4f2816159bac67d4f90f29
844723d288a84c14a3f75ff2db1463fca5b4c4c710e3cc3a111624ed959665d9
85cdf1df2c54d17166f4eca12fd4119444768ec37f7c4e1dce34a08e818a00f7
8a04b50aeb4df9b4adf64fcb72b65c2c6403a4130eb2da24d040705119c5ed70
8c27aa375e72aa034c2a334e79449c4d4ec14c0822813cf9a6b29cf4a46301ba
8f1ea4a73a300dd974ba27cdc2e9bde61167be745e6acf88b1ca71469731a8c8
91415773881a749022db67fff4be494d2fa97f1ea3d130b0f857b16c97c75395
9823d0872c81c8e82c90402e16618a0cdf9e457822bae78a0692de1b6bafc2bf
99b08e01cd8b41f8fe8e51014e31c386f919dc8df226ef3c582ee245f396ecda
9d6c210218cbc096674d0a95b392fdcb92f51d94a6c5c00af43224f5e4cf8a87
9e38f5f94eee01ce469113a7cb19000fc81b1f69abba117e3101f26dd0828a08
9f12e9613ffc81683459a7891f3d764bbc642c1c1f24968838a9c7a81750cae1
a01326fde0625b5a7c0f515ae98407632b8bf2b4d2efa428fdb0f7c3a80bb34a
a55bcb87fe4e12a61f816468b8f57073d37dac04a05762a1fa4599fdf252ac35
a77ed58556547050d62efb8363841c0ef48dd9ef8b092935d5e6b1b00a9c4c15
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a81b295b51029aa9eac46af64442efd6b08f8492104a6ca3c9bae23a58920b07
a9849449b5111df42d2c88d219403271384d297a49cf647a206dfdba6a6f7da0
a9b42e37e9d2eff9d57900b5e19454836a1c3d09ae99b1281b044803ca8d80df
ade920fd5b00cd298aae7978673a9a64d0bb3fa593d23e91994ec6b6723ebace
b2ac0a80c3037e36cc04e4ac63a9fd246542c3c2370504f571ebaeada10be9cc
b5e7cefd0a4fbf42448c25f351f13cd64a429efd6bf8f074b198cf332dd55c87
b641e3907f528c4946b19730d7449573bac9190f6ef28b6553aaa62c3de5ee45
b69ad8b1266df233a00c8ceb99f3271488f4d383741a21981b8ce50e32e3be07
b95fe6fcb4925330bf629fda90a1362a336b4a8b87bf9573d87927d78c186062
bc7baad1aa43e75bee2d1663a5c96f99e8e9399e2ffd254a773dedb411339be6
beceddcf01a352e1f352a8551cb8cf96357cc63c4be19588c1d0f2ef0dd46fd3
bf74bebaf292e0ea3316e61c9a040fbc29bb6d81da597a1930560aa0fae68e9b
c031cbb048af2b27fafb3b1f2863c168b803aaa57c2c2a1040acc9896474ba18
c1dd93cc3f1638f369af566115ae74546e64bdafc4319d9853b5c15a3d3f4970
c46ddb4a3af24f9e89518dd465914fa0a371756c98c0307702052791652d80a7
c6b90b1407afa33e5b01ca33289cdc5c1408684ad9f4b17724eaf34d0e6cd8c9
c7de05106ddaf060dd7f667c1b31d2318d0ef6727ac95872cbcaeb788961cf1b
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3
d2f675f4572825d07c6bd49d03a2e7db7b58165f8175c0e162a1a1221dede462
d3019a4d32c9fb55b8ca4fa7ee3e27828c08ae56ac3b81aef6a2f0e1a8f939aa
d4e14fe027197ebdbd6e9ab1f0d963379e4851fdbe85225acf84ef2f1f67558d
d6878308fb273952512edd2807386e5ff185c29b96cf53caa2b3389a2af19347
d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa
d86c2fb79df7afab4531c63d5cdc59e5095e9dd8e60170f22f7ac9dac3aed32b
d86f8c8fa0bd68f5b36a13b4f5e73c7ecdda0b806fb0887d8162d28c0ac07d91
d9369ae13ff8f2a9679c39d11c827e7f95bfd4aa8c9072cb64b4f8c918bf1cfe
d99c59e796fa0696449398d384fa95ef44f3a34cd583a935180fe9ea0838d1a1
db706a3dc7a3ad3e0bfe56eced86c0fb8791081042c81cc198b2418230e42cba
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
e6e49883534bf2c5d17497b4b3e93d5ac8381526e670d6e620018dadf85b90ea
e87d5da08f112de24976bd93e58e9846e2074458053f3eded51570e635e7359e
e9bb1484f76b7b8ab6ebc1744375a18ef1e2aa60e1360ef404011ce948a399fe
e9eda4ae9875b12440b6484cd4cc41676529219d33fb3c59115541ecf7863f1a
eb0f755ab9e7dbad4b21e9dbbda04ead9bd40dfa6dd47c05f579ae8be3ac9bf5
ed6d2de07f412dac6ead192a037b6784d6c5b29a7b208ac380cd1311477b2d14
f016d5cc01556ebf392af0925b1a0484bf0433da4cf60ebf929986b5b893095b
f3f3f4017626163bf8fab984f3ac956b33ff6191863229ce8dc52f61b39e1050
f42ed4d0da5a75025b0e458d2242060254f11c04834e7448d7bf5e197d2a4cb8
f66b92f7bc6a3c2099f3eae5d65db57dff8da16344fb1d832e3faf39cf08ef8c
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6a0e1ce99300ab0389821defb3d150b8779ef11f82666a1b9c5e4b438c79736
f7c9f2d62460a433681dda2aba201f535c7a46b310091aca97e445e5ef6c9d39
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8f0d5e29e4408e8ecdccee5e73a185566774f71c7f440cc50ad5c647b127ce3
f97047c9b7d95857ec2ebb25c5b23e2ca50ad34052ec5b000d08b467e976d086
fc9a93dd241f6b045cbff0481cf4e1901becd0e12fb45166a8f17f95823f0b1a
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
feb5c0ee05ef970a3cf34bac95d465e96ccb3a3df353b3a641d9391c168e68ad

arstechnica.com Open in urlscan Pro 3.12.231.112 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

205 Requests

96 %HTTPS

27 %IPv6

31 Domains

51 Subdomains

50 IPs

5 Countries

5279 kBTransfer

16373 kBSize

23 Cookies

25 Outgoing links

Redirected requests

205 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

arstechnica.com Open in urlscan Pro
3.12.231.112 Public Scan

Screenshot
Live screenshot

Full Image

205
Requests

96 %
HTTPS

27 %
IPv6

31
Domains

51
Subdomains

50
IPs

5
Countries

5279 kB
Transfer

16373 kB
Size

23
Cookies

205 HTTP transactions
2 data transactions