urlscan.io logo urlscan.io
SecurityTrails logo

arstechnica.com Open in urlscan Pro
3.23.219.58  Public Scan

Go To Rescan Add Verdict Report
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Submission: On March 22 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 169 IPs in 8 countries across 148 domains to perform 762 HTTP transactions. The main IP is 3.23.219.58, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is arstechnica.com. The Cisco Umbrella rank of the primary domain is 34982.
TLS certificate: Issued by Amazon on November 29th 2021. Valid for: a year.
This is the only time arstechnica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3.23.219.58 16509 (AMAZON-02)
24 205.234.175.175 30081 (CACHENETW...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
4 54.192.160.42 16509 (AMAZON-02)
4 35 23.208.68.242 16625 (AKAMAI-AS)
29 23.208.69.141 16625 (AKAMAI-AS)
9 23.208.69.76 16625 (AKAMAI-AS)
5 13.225.71.56 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.139.128.11 20446 (STACKPATH...)
27 2606:2800:220... 15133 (EDGECAST)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.233.255.124 14618 (AMAZON-AES)
9 2607:f8b0:400... 15169 (GOOGLE)
2 3.223.211.32 14618 (AMAZON-AES)
1 13.225.71.77 16509 (AMAZON-02)
3 151.101.0.239 54113 (FASTLY)
1 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
19 172.217.165.130 15169 (GOOGLE)
3 23.196.181.192 16625 (AKAMAI-AS)
1 18.215.24.252 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 3.217.143.196 14618 (AMAZON-AES)
45 54.192.100.165 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 35.172.142.9 14618 (AMAZON-AES)
13 2607:f8b0:400... 15169 (GOOGLE)
1 54.192.102.45 16509 (AMAZON-02)
5 104.244.42.200 13414 (TWITTER)
1 199.232.66.132 54113 (FASTLY)
1 18.213.144.100 14618 (AMAZON-AES)
2 54.209.238.15 14618 (AMAZON-AES)
5 2607:f8b0:400... 15169 (GOOGLE)
8 54.192.100.144 16509 (AMAZON-02)
25 34.232.146.139 14618 (AMAZON-AES)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 25 3.214.48.204 14618 (AMAZON-AES)
3 7 2620:116:800b... 14618 (AMAZON-AES)
1 146.75.28.157 54113 (FASTLY)
1 13.225.71.50 16509 (AMAZON-02)
1 34.120.253.250 15169 (GOOGLE)
1 2620:112:f002... 6336 (TURN-US-ASN)
1 54.71.86.183 16509 (AMAZON-02)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
6 2a03:2880:f01... 32934 (FACEBOOK)
1 13.225.214.48 16509 (AMAZON-02)
4 23.33.238.120 20940 (AKAMAI-ASN1)
1 2600:9000:21e... 16509 (AMAZON-02)
3 8 13.225.214.45 16509 (AMAZON-02)
8 16 35.190.60.146 15169 (GOOGLE)
2 3 107.178.254.65 15169 (GOOGLE)
20 32 142.250.80.2 15169 (GOOGLE)
2 2 34.226.104.236 14618 (AMAZON-AES)
6 10 107.178.246.49 15169 (GOOGLE)
11 12 35.71.131.137 16509 (AMAZON-02)
2 72.21.195.65 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2602:803:c002... 26667 (RUBICONPR...)
2 23.199.204.79 16625 (AKAMAI-AS)
7 16 68.67.160.75 29990 (ASN-APPNEX)
4 34.236.83.94 14618 (AMAZON-AES)
2 4 35.244.159.8 15169 (GOOGLE)
2 34.107.148.139 15169 (GOOGLE)
1 66.225.223.95 3949 (NTTA-3946)
3 2607:f8b0:400... 15169 (GOOGLE)
2 54.210.222.233 14618 (AMAZON-AES)
1 1 54.166.34.166 14618 (AMAZON-AES)
18 2607:f8b0:400... 15169 (GOOGLE)
10 54.230.162.33 16509 (AMAZON-02)
1 13 209.54.177.54 16509 (AMAZON-02)
1 18.232.14.164 14618 (AMAZON-AES)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 13.107.42.14 8068 (MICROSOFT...)
1 3 104.18.101.194 13335 (CLOUDFLAR...)
1 54.230.162.17 16509 (AMAZON-02)
6 34.98.72.95 15169 (GOOGLE)
2 99.83.154.140 16509 (AMAZON-02)
1 2600:9000:21d... 16509 (AMAZON-02)
1 13.225.71.10 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
1 52.43.250.227 16509 (AMAZON-02)
1 34.213.88.197 16509 (AMAZON-02)
3 3 68.67.160.186 29990 (ASN-APPNEX)
1 10 34.216.205.19 16509 (AMAZON-02)
4 11 8.28.7.83 62713 (AS-PUBMATIC)
1 2 199.187.193.166 47043 (SMARTADSE...)
8 8 216.200.232.253 30419 (MEDIAMATH...)
10 11 199.127.204.142 26120 (RHYTHMONE)
4 5 173.223.56.123 16625 (AKAMAI-AS)
6 6 64.202.112.31 23352 (SERVERCEN...)
21 64.202.112.63 23352 (SERVERCEN...)
1 18.177.242.21 16509 (AMAZON-02)
1 34.206.26.132 14618 (AMAZON-AES)
2 3 13.225.214.90 16509 (AMAZON-02)
5 5 18.185.185.183 16509 (AMAZON-02)
13 14 35.211.178.172 15169 (GOOGLE)
2 3 52.200.205.250 14618 (AMAZON-AES)
3 4 74.119.119.150 19750 (AS-CRITEO)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
1 2 34.231.251.31 14618 (AMAZON-AES)
1 3.222.216.235 14618 (AMAZON-AES)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
8 12 69.173.151.100 26667 (RUBICONPR...)
1 2 192.132.33.46 18568 (BIDTELLECT)
3 5 52.203.157.37 14618 (AMAZON-AES)
2 3 50.16.197.56 14618 (AMAZON-AES)
2 3 192.35.249.127 11742 (SPOTX-IAD)
3 3 8.28.7.82 62713 (AS-PUBMATIC)
1 4 8.28.7.84 62713 (AS-PUBMATIC)
4 4 18.213.237.106 14618 (AMAZON-AES)
5 9 52.45.33.138 14618 (AMAZON-AES)
1 1 54.234.88.163 14618 (AMAZON-AES)
2 2 54.159.174.121 14618 (AMAZON-AES)
1 1 2600:9000:21e... 16509 (AMAZON-02)
1 1 199.187.193.182 47043 (SMARTADSE...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 3 150.136.26.45 31898 (ORACLE-BM...)
1 1 44.198.171.22 14618 (AMAZON-AES)
1 3.228.240.60 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
2 104.244.42.131 13414 (TWITTER)
1 104.244.42.197 13414 (TWITTER)
1 13.225.214.115 16509 (AMAZON-02)
9 23.57.131.216 16625 (AKAMAI-AS)
1 2 142.250.176.198 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
4 2a03:2880:f11... 32934 (FACEBOOK)
1 54.245.137.190 16509 (AMAZON-02)
1 54.224.102.47 14618 (AMAZON-AES)
1 52.73.123.163 14618 (AMAZON-AES)
5 16 34.98.64.218 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
4 23.73.244.44 16625 (AKAMAI-AS)
4 198.148.27.139 19189 (PULSEPOINT)
1 1 199.187.193.179 47043 (SMARTADSE...)
2 2 52.223.22.214 16509 (AMAZON-02)
1 2 54.84.148.13 14618 (AMAZON-AES)
9 142.250.65.226 15169 (GOOGLE)
2 34.197.191.32 14618 (AMAZON-AES)
1 54.230.162.32 16509 (AMAZON-02)
1 52.73.169.207 14618 (AMAZON-AES)
2 2 52.0.156.250 14618 (AMAZON-AES)
1 2a02:6ea0:c40... 60068 (CDN77 ^_^)
11 11 151.101.66.49 54113 (FASTLY)
1 6 2600:1f18:4e9... 14618 (AMAZON-AES)
5 5 50.19.202.79 14618 (AMAZON-AES)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 3.222.163.78 14618 (AMAZON-AES)
3 3 199.38.167.128 54312 (ROCKETFUEL)
2 54.230.162.51 16509 (AMAZON-02)
8 8 2606:ae80:147... 25751 (VALUECLICK)
4 4 216.152.140.200 13768 (COGECO-PEER1)
1 1 23.52.164.177 16625 (AKAMAI-AS)
10 34.111.8.32 15169 (GOOGLE)
4 2600:9000:21d... 16509 (AMAZON-02)
13 34.239.221.169 14618 (AMAZON-AES)
2 23.208.68.201 16625 (AKAMAI-AS)
2 3 35.207.10.239 15169 (GOOGLE)
7 52.206.255.175 14618 (AMAZON-AES)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 34.96.105.8 15169 (GOOGLE)
3 4 185.167.164.43 198622 (ADFORM)
1 1 69.166.1.10 27630 (AS-XFERNET)
2 2 63.251.114.137 12181 (INTERNAP-...)
6 2606:2800:220... 15133 (EDGECAST)
1 34.120.155.137 15169 (GOOGLE)
2 29 23.196.180.24 16625 (AKAMAI-AS)
2 151.101.129.108 54113 (FASTLY)
5 104.244.43.131 54113 (FASTLY)
1 104.36.115.113 62713 (AS-PUBMATIC)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
1 13.225.214.125 16509 (AMAZON-02)
1 13.225.214.128 16509 (AMAZON-02)
2 2620:100:a001::c 19750 (AS-CRITEO)
3 3 35.190.90.30 15169 (GOOGLE)
2 34.199.73.116 14618 (AMAZON-AES)
2 2 35.170.185.65 14618 (AMAZON-AES)
2 18 104.36.115.109 62713 (AS-PUBMATIC)
6 6 34.233.34.144 14618 (AMAZON-AES)
1 38.91.45.7 398989 (DEEPINTENT)
1 1 54.145.48.80 14618 (AMAZON-AES)
2 2 173.231.178.85 29791 (VOXEL-DOT...)
1 1 69.90.254.78 13768 (COGECO-PEER1)
3 3 104.127.64.185 16625 (AKAMAI-AS)
1 1 104.45.178.220 8075 (MICROSOFT...)
3 3 38.27.122.126 174 (COGENT-174)
2 2 169.61.103.241 36351 (SOFTLAYER)
1 1 2a04:4e42::300 54113 (FASTLY)
1 151.101.193.44 54113 (FASTLY)
1 1 52.87.79.81 14618 (AMAZON-AES)
1 18.235.203.194 14618 (AMAZON-AES)
1 2 204.2.255.233 2914 (NTT-LTD-2914)
2 2 3.208.44.45 14618 (AMAZON-AES)
1 1 67.202.105.21 32748 (STEADFAST)
3 2001:4860:480... 15169 (GOOGLE)
1 2 52.94.220.185 16509 (AMAZON-02)
2 2 52.15.47.104 16509 (AMAZON-02)
2 2 35.211.233.246 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 1 34.111.151.213 15169 (GOOGLE)
2 2 51.161.117.181 16276 (OVH)
5 13.226.26.62 16509 (AMAZON-02)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
3 18.235.85.182 14618 (AMAZON-AES)
2 2 35.190.52.204 15169 (GOOGLE)
1 1 2600:1901:0:8... 15169 (GOOGLE)
1 1 204.2.255.224 2914 (NTT-LTD-2914)
1 1 54.211.110.217 14618 (AMAZON-AES)
1 2607:ae80:128... 26558 (FREEWHEEL)
1 1 51.222.80.231 16276 (OVH)
2 2 64.58.232.179 13649 (ASN-VINS)
1 2 64.58.232.180 13649 (ASN-VINS)
762 169
3    3.23.219.58 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-23-219-58.us-east-2.compute.amazonaws.com
arstechnica.com
24    205.234.175.175 (Leesburg, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
cdn.arstechnica.net
6    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
3    2607:f8b0:4006:81e::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    54.192.160.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-160-42.ewr53.r.cloudfront.net
c.amazon-adsystem.com
35    23.208.68.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-68-242.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
29    23.208.69.141 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-69-141.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
9    23.208.69.76 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-69-76.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
5    13.225.71.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-71-56.ewr53.r.cloudfront.net
player.cnevids.com
2    2606:4700::6813:d983 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.mediavoice.com
plugin.mediavoice.com
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
s.skimresources.com
27    2606:2800:220:131d:1d30:1f1d:238b:1e56 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2607:f8b0:4006:809::2008 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    34.233.255.124 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-255-124.compute-1.amazonaws.com
segment-data.zqtk.net
9    2607:f8b0:4006:807::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.youtube.com
2    3.223.211.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-211-32.compute-1.amazonaws.com
api.cnevids.com
1    13.225.71.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-71-77.ewr53.r.cloudfront.net
cdn.memo.co
3    151.101.0.239 (United States)

ASN54113 (FASTLY, US)
pixel.condenastdigital.com
api.condenast.io
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
19    172.217.165.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s70-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
3    23.196.181.192 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-181-192.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
1    18.215.24.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-24-252.compute-1.amazonaws.com
id.sv.rkdms.com
1    2606:4700::6811:4032 (United States)

ASN13335 (CLOUDFLARENET, US)
polarcdn-terrax.com
1    3.217.143.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-143-196.compute-1.amazonaws.com
mb.moatads.com
45    54.192.100.165 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-100-165.ewr53.r.cloudfront.net
dwgyu36up6iuz.cloudfront.net
1    2607:f8b0:4006:817::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    35.172.142.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-142-9.compute-1.amazonaws.com
elsa.memoinsights.com
13    2607:f8b0:4006:81f::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    54.192.102.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-102-45.ewr53.r.cloudfront.net
z-na.associates-amazon.com
5    104.244.42.200 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    199.232.66.132 (United States)

ASN54113 (FASTLY, US)
odb.outbrain.com
1    18.213.144.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-144-100.compute-1.amazonaws.com
infinityid.condenastdigital.com
2    54.209.238.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-238-15.compute-1.amazonaws.com
4d.condenastdigital.com
5    2607:f8b0:4006:81d::200a (Queens, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
8    54.192.100.144 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-100-144.ewr53.r.cloudfront.net
d2c8v52ll5s99u.cloudfront.net
25    34.232.146.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-146-139.compute-1.amazonaws.com
capture.condenastdigital.com
4    2607:f8b0:4006:80d::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2607:f8b0:4006:81e::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
4    2607:f8b0:4006:816::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2607:f8b0:4006:80d::2006 (Queens, United States)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2607:f8b0:4006:809::200a (Queens, United States)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
4    2607:f8b0:4006:822::2004 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:81d::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2607:f8b0:4006:80d::2016 (Queens, United States)

ASN15169 (GOOGLE, US)
i.ytimg.com
25    3.214.48.204 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-48-204.compute-1.amazonaws.com
dpm.demdex.net
7    2620:116:800b:21:1d2b:ecd5:fcc0:2c58 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
1    146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    13.225.71.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-71-50.ewr53.r.cloudfront.net
ak.sail-horizon.com
1    34.120.253.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    54.71.86.183 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-86-183.us-west-2.compute.amazonaws.com
a.ad.gt
1    2600:141b:13::17d7:82d1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
6    2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    13.225.214.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-48.ewr50.r.cloudfront.net
static.hotjar.com
4    23.33.238.120 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-33-238-120.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2600:9000:21ea:5800:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-magiclinks.trackonomics.net
8    13.225.214.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-45.ewr50.r.cloudfront.net
sb.scorecardresearch.com
ads.scorecardresearch.com
16    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
3    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
32    142.250.80.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s33-in-f2.1e100.net
cm.g.doubleclick.net
2    34.226.104.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-104-236.compute-1.amazonaws.com
usermatch.krxd.net
10    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
12    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    72.21.195.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
assoc-na.associates-amazon.com
1    2607:f8b0:4006:822::200e (Queens, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
4    2602:803:c002:200::113 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    23.199.204.79 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-204-79.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
16    68.67.160.75 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
4    34.236.83.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-94.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
condenastus-d.openx.net
us-u.openx.net
u.openx.net
2    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    66.225.223.95 (United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com
mcdp-sadc1.outbrain.com
3    2607:f8b0:4006:806::2006 (Queens, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    54.210.222.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-222-233.compute-1.amazonaws.com
condenast.demdex.net
1    54.166.34.166 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-34-166.compute-1.amazonaws.com
cm.everesttech.net
18    2607:f8b0:4006:817::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    54.230.162.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-33.ewr53.r.cloudfront.net
dp8hsntg6do36.cloudfront.net
13    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    18.232.14.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-14-164.compute-1.amazonaws.com
pbs.getpublica.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
3    104.18.101.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    54.230.162.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-17.ewr53.r.cloudfront.net
script.hotjar.com
6    34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
1    2600:9000:21dd:400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    13.225.71.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-71-10.ewr53.r.cloudfront.net
fpa-cdn.arstechnica.com
2    2607:f8b0:4004:c08::9c (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    52.43.250.227 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-250-227.us-west-2.compute.amazonaws.com
aufp.io
1    34.213.88.197 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-88-197.us-west-2.compute.amazonaws.com
p.ad.gt
3    68.67.160.186 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
10    34.216.205.19 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-205-19.us-west-2.compute.amazonaws.com
ids.ad.gt
11    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    199.187.193.166 (Canada)

ASN47043 (SMARTADSERVER, CA)
sync.smartadserver.com
8    216.200.232.253 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
11    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
5    173.223.56.123 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-56-123.deploy.static.akamaitechnologies.com
tags.bluekai.com
x.dlx.addthis.com
stags.bluekai.com
6    64.202.112.31 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
21    64.202.112.63 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    18.177.242.21 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-242-21.ap-northeast-1.compute.amazonaws.com
sync-jp.im-apps.net
1    34.206.26.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-26-132.compute-1.amazonaws.com
beacon.krxd.net
3    13.225.214.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-90.ewr50.r.cloudfront.net
aa.agkn.com
5    18.185.185.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-185-183.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
14    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
3    52.200.205.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-205-250.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
4    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    34.231.251.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-251-31.compute-1.amazonaws.com
ps.eyeota.net
1    3.222.216.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-216-235.compute-1.amazonaws.com
id.geistm.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
12    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
token.rubiconproject.com
2    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
5    52.203.157.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-157-37.compute-1.amazonaws.com
sync.crwdcntrl.net
bcp.crwdcntrl.net
3    50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com
loadus.exelator.com
3    192.35.249.127 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
3    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
4    8.28.7.84 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
4    18.213.237.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-237-106.compute-1.amazonaws.com
pixel.advertising.com
9    52.45.33.138 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    54.234.88.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-88-163.compute-1.amazonaws.com
cs.emxdgt.com
2    54.159.174.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-159-174-121.compute-1.amazonaws.com
ice.360yield.com
1    2600:9000:21ea:1800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
1    199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    44.198.171.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-171-22.compute-1.amazonaws.com
sync.hgrtb.com
1    3.228.240.60 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-240-60.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    2607:f8b0:4006:823::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.197 (United States)

ASN13414 (TWITTER, US)
t.co
1    13.225.214.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-115.ewr50.r.cloudfront.net
vars.hotjar.com
9    23.57.131.216 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-57-131-216.deploy.static.akamaitechnologies.com
publish.responsiveads.com
2    142.250.176.198 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f6.1e100.net
ad.doubleclick.net
2    2607:f8b0:4006:806::200e (Queens, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
4    2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    54.245.137.190 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-245-137-190.us-west-2.compute.amazonaws.com
pixels.ad.gt
1    54.224.102.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-102-47.compute-1.amazonaws.com
srv-1970-01-01-00.pixel.parsely.com
1    52.73.123.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-123-163.compute-1.amazonaws.com
fpa-events.arstechnica.com
16    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
us-u.openx.net
7    2607:f8b0:4006:822::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
4    23.73.244.44 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-244-44.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    199.187.193.179 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
2    52.223.22.214 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    54.84.148.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-84-148-13.compute-1.amazonaws.com
fw.adsafeprotected.com
9    142.250.65.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s73-in-f2.1e100.net
googleads4.g.doubleclick.net
ade.googlesyndication.com
2    34.197.191.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-191-32.compute-1.amazonaws.com
pixel.adsafeprotected.com
1    54.230.162.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-32.ewr53.r.cloudfront.net
choices.truste.com
1    52.73.169.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-169-207.compute-1.amazonaws.com
verizon.demdex.net
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadm.exelator.com
1    2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
11    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
6    2600:1f18:4e9:5a07:56c0:bbbc:18e0:97e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
5    50.19.202.79 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-202-79.compute-1.amazonaws.com
pm.w55c.net
3    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    3.222.163.78 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-163-78.compute-1.amazonaws.com
sync.extend.tv
3    199.38.167.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    54.230.162.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-162-51.ewr53.r.cloudfront.net
check.analytics.rlcdn.com
8    2606:ae80:1471:17::1050 (United States)

ASN25751 (VALUECLICK, US)
pulsepoint-match.dotomi.com
medianet-match.dotomi.com
pubmatic-match.dotomi.com
4    216.152.140.200 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    23.52.164.177 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-164-177.deploy.static.akamaitechnologies.com
su.addthis.com
10    34.111.8.32 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
events.bouncex.net
dfp.bouncex.net
4    2600:9000:21dd:7200:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
13    34.239.221.169 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-221-169.compute-1.amazonaws.com
dt.adsafeprotected.com
2    23.208.68.201 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-68-201.deploy.static.akamaitechnologies.com
ads.pubmatic.com
3    35.207.10.239 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 239.10.207.35.bc.googleusercontent.com
ssp.behave.com
7    52.206.255.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-255-175.compute-1.amazonaws.com
analytics.responsiveads.com
1    2606:4700::6812:fd7 (United States)

ASN13335 (CLOUDFLARENET, US)
video2.responsiveads.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
4    185.167.164.43 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    69.166.1.10 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    63.251.114.137 (United States)

ASN12181 (INTERNAP-2BLK, US)
ap.lijit.com
6    2606:2800:220:1410:489:141e:20bb:12f6 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
pbs.twimg.com
1    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
29    23.196.180.24 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-196-180-24.deploy.static.akamaitechnologies.com
contextual.media.net
hbx.media.net
cs.media.net
c21lg-d.media.net
2    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
5    104.244.43.131 (United States)

ASN54113 (FASTLY, US)
abs-0.twimg.com
1    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    13.225.214.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-125.ewr50.r.cloudfront.net
fr-actions.trackonomics.net
1    13.225.214.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-128.ewr50.r.cloudfront.net
trx-hub.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
3    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
2    34.199.73.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-73-116.compute-1.amazonaws.com
dmp.adblade.com
2    35.170.185.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-185-65.compute-1.amazonaws.com
ads.avct.cloud
18    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
6    34.233.34.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-233-34-144.compute-1.amazonaws.com
match.prod.bidr.io
1    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
1    54.145.48.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-48-80.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    173.231.178.85 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
3    104.127.64.185 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-64-185.deploy.static.akamaitechnologies.com
px.owneriq.net
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
3    38.27.122.126 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
2    169.61.103.241 (Brooklyn, United States)

ASN36351 (SOFTLAYER, US)
PTR: f1.67.3da9.ip4.static.sl-reverse.com
um.simpli.fi
1    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    52.87.79.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-87-79-81.compute-1.amazonaws.com
sync.ipredictive.com
1    18.235.203.194 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-203-194.compute-1.amazonaws.com
rtb.adentifi.com
2    204.2.255.233 (Newark, United States)

ASN2914 (NTT-LTD-2914, US)
pmp.mxptint.net
2    3.208.44.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-44-45.compute-1.amazonaws.com
ads.creative-serving.com
1    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
dp2.33across.com
3    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
2    52.94.220.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    52.15.47.104 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-47-104.us-east-2.compute.amazonaws.com
sync.adotmob.com
2    35.211.233.246 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 246.233.211.35.bc.googleusercontent.com
a.sportradarserving.com
1    2607:f8b0:4006:80d::200e (Queens, United States)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2607:f8b0:4006:33::b (Queens, United States)

ASN15169 (GOOGLE, US)
r5---sn-ab5szn7e.c.2mdn.net
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    51.161.117.181 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns572509.ip-51-161-117.net
gu.dyntrk.com
5    13.226.26.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-26-62.ewr53.r.cloudfront.net
choices.trustarc.com
1    2606:4700::6812:b4f (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
3    18.235.85.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-85-182.compute-1.amazonaws.com
secure-gg.imrworldwide.com
2    35.190.52.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.52.190.35.bc.googleusercontent.com
tag.yieldoptimizer.com
1    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
1    204.2.255.224 (Newark, United States)

ASN2914 (NTT-LTD-2914, US)
abp.mxptint.net
1    54.211.110.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-110-217.compute-1.amazonaws.com
aorta.clickagy.com
1    2607:ae80:128:1::49 (United States)

ASN26558 (FREEWHEEL, US)
dmp.v.fwmrm.net
1    51.222.80.231 (Canada)

ASN16276 (OVH, FR)
PTR: pikafka-us-1.cloudy.ovh
pixel.onaudience.com
2    64.58.232.179 (United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
2    64.58.232.180 (United States)

ASN13649 (ASN-VINS, US)
ib.mookie1.com
Apex Domain
Subdomains		 Transfer
63 cloudfront.net
dwgyu36up6iuz.cloudfront.net
d2c8v52ll5s99u.cloudfront.net
dp8hsntg6do36.cloudfront.net
3 MB
63 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
static.doubleclick.net — Cisco Umbrella Rank: 310
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
pubads.g.doubleclick.net — Cisco Umbrella Rank: 494
ad.doubleclick.net — Cisco Umbrella Rank: 181
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
198 KB
39 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 774
image8.pubmatic.com — Cisco Umbrella Rank: 570
image4.pubmatic.com — Cisco Umbrella Rank: 765
ads.pubmatic.com — Cisco Umbrella Rank: 419
image6.pubmatic.com — Cisco Umbrella Rank: 571
simage2.pubmatic.com — Cisco Umbrella Rank: 554
simage4.pubmatic.com — Cisco Umbrella Rank: 1012
39 KB
34 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 525
syndication.twitter.com — Cisco Umbrella Rank: 769
analytics.twitter.com — Cisco Umbrella Rank: 464
830 KB
33 googlesyndication.com
3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
ade.googlesyndication.com — Cisco Umbrella Rank: 263
127 KB
32 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1068
htlb.casalemedia.com — Cisco Umbrella Rank: 409
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 476
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
dsum.casalemedia.com — Cisco Umbrella Rank: 1197
39 KB
32 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1147
widget-pixels.outbrain.com — Cisco Umbrella Rank: 1428
odb.outbrain.com — Cisco Umbrella Rank: 1329
mcdp-sadc1.outbrain.com — Cisco Umbrella Rank: 2236
sync.outbrain.com — Cisco Umbrella Rank: 720
104 KB
31 media.net
prebid.media.net — Cisco Umbrella Rank: 1081
contextual.media.net — Cisco Umbrella Rank: 469
hbx.media.net — Cisco Umbrella Rank: 1208
cs.media.net — Cisco Umbrella Rank: 1593
c21lg-d.media.net — Cisco Umbrella Rank: 1504
72 KB
30 condenastdigital.com
pixel.condenastdigital.com — Cisco Umbrella Rank: 13748
infinityid.condenastdigital.com — Cisco Umbrella Rank: 18911
4d.condenastdigital.com — Cisco Umbrella Rank: 14301
capture.condenastdigital.com — Cisco Umbrella Rank: 11566
19 KB
30 moatads.com
z.moatads.com — Cisco Umbrella Rank: 329
mb.moatads.com — Cisco Umbrella Rank: 587
px.moatads.com — Cisco Umbrella Rank: 392
510 KB
28 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
condenast.demdex.net — Cisco Umbrella Rank: 20639
verizon.demdex.net — Cisco Umbrella Rank: 7974
32 KB
24 arstechnica.net
cdn.arstechnica.net — Cisco Umbrella Rank: 45436
3 MB
21 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 660
pixel.adsafeprotected.com — Cisco Umbrella Rank: 521
static.adsafeprotected.com — Cisco Umbrella Rank: 500
dt.adsafeprotected.com — Cisco Umbrella Rank: 458
190 KB
21 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
secure.adnxs.com — Cisco Umbrella Rank: 359
acdn.adnxs.com — Cisco Umbrella Rank: 523
57 KB
20 openx.net
condenastus-d.openx.net — Cisco Umbrella Rank: 23184
us-u.openx.net — Cisco Umbrella Rank: 323
u.openx.net — Cisco Umbrella Rank: 621
3 KB
20 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 412
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 942
eus.rubiconproject.com — Cisco Umbrella Rank: 503
pixel.rubiconproject.com — Cisco Umbrella Rank: 289
token.rubiconproject.com — Cisco Umbrella Rank: 595
33 KB
19 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 682
ups.analytics.yahoo.com — Cisco Umbrella Rank: 268
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
10 KB
19 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 281
id.rlcdn.com — Cisco Umbrella Rank: 565
check.analytics.rlcdn.com — Cisco Umbrella Rank: 3425
api.rlcdn.com — Cisco Umbrella Rank: 713
2 KB
19 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
s.amazon-adsystem.com — Cisco Umbrella Rank: 260
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1352
56 KB
17 responsiveads.com
publish.responsiveads.com — Cisco Umbrella Rank: 30170
analytics.responsiveads.com — Cisco Umbrella Rank: 31937
video2.responsiveads.com — Cisco Umbrella Rank: 55852
3 MB
14 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 257
6 KB
13 ad.gt
a.ad.gt — Cisco Umbrella Rank: 4610
p.ad.gt — Cisco Umbrella Rank: 5220
ids.ad.gt — Cisco Umbrella Rank: 4157
pixels.ad.gt — Cisco Umbrella Rank: 5088
17 KB
13 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
23 KB
12 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 878
sync-tm.everesttech.net — Cisco Umbrella Rank: 490
2 KB
12 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 293
6 KB
11 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 1236
abs-0.twimg.com — Cisco Umbrella Rank: 2298
pbs.twimg.com — Cisco Umbrella Rank: 615
66 KB
11 google.com
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
ampcid.google.com — Cisco Umbrella Rank: 1737
analytics.google.com — Cisco Umbrella Rank: 785
16 KB
10 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 365
4 KB
9 bounceexchange.com
tag.bounceexchange.com — Cisco Umbrella Rank: 1907
assets.bounceexchange.com — Cisco Umbrella Rank: 1725
api.bounceexchange.com — Cisco Umbrella Rank: 2211
259 KB
9 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 399
jnn-pa.googleapis.com — Cisco Umbrella Rank: 1708
683 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 88
730 KB
8 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 1611
dfp.bouncex.net — Cisco Umbrella Rank: 2940
979 B
8 dotomi.com
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 3936
medianet-match.dotomi.com — Cisco Umbrella Rank: 8241
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2572
3 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 384
5 KB
8 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 125
ads.scorecardresearch.com — Cisco Umbrella Rank: 1731
3 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 491
5 KB
7 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 839
pixel.quantserve.com — Cisco Umbrella Rank: 381
12 KB
7 cnevids.com
player.cnevids.com — Cisco Umbrella Rank: 17396
api.cnevids.com — Cisco Umbrella Rank: 94022
99 KB
6 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 462
2 KB
6 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1202
loadm.exelator.com — Cisco Umbrella Rank: 950
load77.exelator.com — Cisco Umbrella Rank: 3015
5 KB
6 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 617
gum.criteo.com — Cisco Umbrella Rank: 347
2 KB
6 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 528
4 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 434
www.linkedin.com — Cisco Umbrella Rank: 609
px4.ads.linkedin.com — Cisco Umbrella Rank: 5153
4 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
341 KB
6 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
34 KB
6 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 2789
r.skimresources.com — Cisco Umbrella Rank: 2662
t.skimresources.com — Cisco Umbrella Rank: 2825
p.skimresources.com — Cisco Umbrella Rank: 3627
15 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 450
115 KB
5 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 658
16 KB
5 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 794
ib.mookie1.com — Cisco Umbrella Rank: 1553
4 KB
5 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 730
4 KB
5 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 628
bcp.crwdcntrl.net — Cisco Umbrella Rank: 691
2 KB
5 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 744
3 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
gcdn.2mdn.net — Cisco Umbrella Rank: 924
r5---sn-ab5szn7e.c.2mdn.net — Cisco Umbrella Rank: 110552
135 KB
5 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 604
19 KB
5 arstechnica.com
arstechnica.com — Cisco Umbrella Rank: 34982
sstats.arstechnica.com Failed
fpa-cdn.arstechnica.com — Cisco Umbrella Rank: 132279
fpa-events.arstechnica.com — Cisco Umbrella Rank: 77919
36 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 524
2 KB
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 557
3 KB
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 517
4 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
582 B
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
1 KB
4 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 404
stags.bluekai.com — Cisco Umbrella Rank: 437
3 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 829
2 KB
4 smartadserver.com
sync.smartadserver.com — Cisco Umbrella Rank: 1358
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1266
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6983
1 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1084
71 KB
4 turn.com
d.turn.com — Cisco Umbrella Rank: 652
ad.turn.com — Cisco Umbrella Rank: 690
1 KB
3 imrworldwide.com
secure-gg.imrworldwide.com — Cisco Umbrella Rank: 2586
2 KB
3 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 3751
abp.mxptint.net — Cisco Umbrella Rank: 17044
2 KB
3 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1498
2 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 825
2 KB
3 behave.com
ssp.behave.com — Cisco Umbrella Rank: 2357
1 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 631
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 697
s.tribalfusion.com — Cisco Umbrella Rank: 1995
2 KB
3 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1024
2 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 480
2 KB
3 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1190
1001 B
3 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 393
2 KB
3 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 499
539 B
3 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 975
beacon.krxd.net — Cisco Umbrella Rank: 375
675 B
3 pippio.com
pippio.com — Cisco Umbrella Rank: 663
1 KB
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 573
script.hotjar.com — Cisco Umbrella Rank: 719
vars.hotjar.com — Cisco Umbrella Rank: 874
66 KB
3 associates-amazon.com
z-na.associates-amazon.com — Cisco Umbrella Rank: 5223
assoc-na.associates-amazon.com — Cisco Umbrella Rank: 2941
4 KB
3 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 3759
images.outbrainimg.com — Cisco Umbrella Rank: 1845
1 MB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
100 KB
2 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1360
941 B
2 yieldoptimizer.com
tag.yieldoptimizer.com — Cisco Umbrella Rank: 4322
972 B
2 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1112
1 KB
2 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2159
931 B
2 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1385
1 KB
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3287
1 KB
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 562
match.taboola.com — Cisco Umbrella Rank: 1843
654 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 707
1 KB
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1282
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2494
894 B
2 adblade.com
dmp.adblade.com — Cisco Umbrella Rank: 5754
458 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 594
1 KB
2 addthis.com
su.addthis.com — Cisco Umbrella Rank: 2256
x.dlx.addthis.com — Cisco Umbrella Rank: 980
694 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 346
736 B
2 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 1381
759 B
2 bttrack.com
bttrack.com — Cisco Umbrella Rank: 659
1 KB
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 614
712 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 899
1 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2409
498 B
2 trackonomics.net
cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 5689
fr-actions.trackonomics.net — Cisco Umbrella Rank: 10349
28 KB
2 memoinsights.com
elsa.memoinsights.com — Cisco Umbrella Rank: 26833
1 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 727
823 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
182 KB
2 mediavoice.com
cdn.mediavoice.com — Cisco Umbrella Rank: 36282
plugin.mediavoice.com — Cisco Umbrella Rank: 28103
139 KB
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1868
248 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 10111
335 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2039
942 B
1 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2308
305 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 1824
624 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1624
318 B
1 33across.com
dp2.33across.com — Cisco Umbrella Rank: 7948
498 B
1 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 956
47 B
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 880
522 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3039
347 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 970
674 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 781
617 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 813
222 B
1 trx-hub.com
trx-hub.com — Cisco Umbrella Rank: 6811
446 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 843
874 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2593
173 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1459
546 B
1 truste.com
choices.truste.com — Cisco Umbrella Rank: 647
8 KB
1 parsely.com
srv-1970-01-01-00.pixel.parsely.com
258 B
1 t.co
t.co — Cisco Umbrella Rank: 448
336 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3721
1 hgrtb.com
sync.hgrtb.com — Cisco Umbrella Rank: 1641
323 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 193
666 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 698
584 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 806
484 B
1 geistm.com
id.geistm.com — Cisco Umbrella Rank: 4206
158 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1438
452 B
1 im-apps.net
sync-jp.im-apps.net — Cisco Umbrella Rank: 2566
203 B
1 aufp.io
aufp.io — Cisco Umbrella Rank: 5789
6 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 792
2 KB
1 getpublica.com
pbs.getpublica.com — Cisco Umbrella Rank: 12777
390 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 799
3 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2526
43 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 531
6 KB
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 107
26 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 214
3 KB
1 condenast.io
api.condenast.io — Cisco Umbrella Rank: 20188
6 KB
1 polarcdn-terrax.com
polarcdn-terrax.com — Cisco Umbrella Rank: 7913
502 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 3832
348 B
1 memo.co
cdn.memo.co — Cisco Umbrella Rank: 31896
5 KB
1 zqtk.net
segment-data.zqtk.net — Cisco Umbrella Rank: 8284
549 B
762 148
Domain Requested by
45 dwgyu36up6iuz.cloudfront.net arstechnica.com
d2c8v52ll5s99u.cloudfront.net
32 cm.g.doubleclick.net 20 redirects arstechnica.com
googleads.g.doubleclick.net
u.openx.net
3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
eus.rubiconproject.com
27 platform.twitter.com arstechnica.com
platform.twitter.com
25 dpm.demdex.net 1 redirects arstechnica.com
widgets.outbrain.com
25 capture.condenastdigital.com arstechnica.com
24 px.moatads.com arstechnica.com
24 cdn.arstechnica.net arstechnica.com
cdn.arstechnica.net
21 sync.outbrain.com widgets.outbrain.com
20 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
18 simage2.pubmatic.com 2 redirects ads.pubmatic.com
arstechnica.com
18 pagead2.googlesyndication.com srcdoc
3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
arstechnica.com
securepubads.g.doubleclick.net
17 contextual.media.net cdn.arstechnica.net
contextual.media.net
16 ib.adnxs.com 7 redirects cdn.arstechnica.net
widgets.outbrain.com
googleads.g.doubleclick.net
acdn.adnxs.com
15 us-u.openx.net 5 redirects u.openx.net
cdn.arstechnica.net
us-u.openx.net
14 x.bidswitch.net 13 redirects contextual.media.net
13 dt.adsafeprotected.com 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
arstechnica.com
13 s.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
ssum-sec.casalemedia.com
bh.contextweb.com
us-u.openx.net
13 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
arstechnica.com
12 match.adsrvr.org 11 redirects cdn.arstechnica.net
11 sync-tm.everesttech.net 11 redirects
11 pubads.g.doubleclick.net d2c8v52ll5s99u.cloudfront.net
imasdk.googleapis.com
arstechnica.com
11 image2.pubmatic.com 4 redirects ads.pubmatic.com
arstechnica.com
10 ids.ad.gt 1 redirects arstechnica.com
10 dp8hsntg6do36.cloudfront.net arstechnica.com
d2c8v52ll5s99u.cloudfront.net
10 pixel.tapad.com 6 redirects arstechnica.com
us-u.openx.net
10 idsync.rlcdn.com 5 redirects widgets.outbrain.com
condenast.demdex.net
us-u.openx.net
arstechnica.com
9 publish.responsiveads.com arstechnica.com
publish.responsiveads.com
9 ups.analytics.yahoo.com 5 redirects us-u.openx.net
contextual.media.net
9 www.youtube.com arstechnica.com
www.youtube.com
8 sync.mathtag.com 8 redirects
8 d2c8v52ll5s99u.cloudfront.net player.cnevids.com
d2c8v52ll5s99u.cloudfront.net
8 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
arstechnica.com
8 widgets.outbrain.com arstechnica.com
widgets.outbrain.com
7 analytics.responsiveads.com arstechnica.com
7 events.bouncex.net arstechnica.com
7 tpc.googlesyndication.com 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
7 sync.1rx.io 7 redirects
7 sb.scorecardresearch.com 2 redirects arstechnica.com
6 ade.googlesyndication.com arstechnica.com
6 match.prod.bidr.io 6 redirects
6 cs.media.net 2 redirects contextual.media.net
6 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
6 pr-bh.ybp.yahoo.com 1 redirects u.openx.net
arstechnica.com
ssum-sec.casalemedia.com
6 pixel.quantserve.com 3 redirects arstechnica.com
6 id.rlcdn.com 3 redirects contextual.media.net
eus.rubiconproject.com
6 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
6 b1sync.zemanta.com 6 redirects
6 assets.bounceexchange.com tag.bounceexchange.com
assets.bounceexchange.com
cdn.arstechnica.net
arstechnica.com
6 connect.facebook.net arstechnica.com
d2c8v52ll5s99u.cloudfront.net
connect.facebook.net
6 cdn.cookielaw.org arstechnica.com
cdn.cookielaw.org
5 choices.trustarc.com choices.truste.com
arstechnica.com
5 abs-0.twimg.com arstechnica.com
platform.twitter.com
5 token.rubiconproject.com 5 redirects
5 pm.w55c.net 5 redirects
5 rtb.mfadsrvr.com 5 redirects
5 imasdk.googleapis.com player.cnevids.com
imasdk.googleapis.com
5 syndication.twitter.com platform.twitter.com
arstechnica.com
5 player.cnevids.com arstechnica.com
cdn.arstechnica.net
player.cnevids.com
5 z.moatads.com arstechnica.com
d2c8v52ll5s99u.cloudfront.net
securepubads.g.doubleclick.net
5 js-sec.indexww.com arstechnica.com
cdn.arstechnica.net
ssum-sec.casalemedia.com
4 c21lg-d.media.net contextual.media.net
4 medianet-match.dotomi.com 4 redirects
4 pbs.twimg.com arstechnica.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 static.adsafeprotected.com 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
pixel.adsafeprotected.com
4 pixel-sync.sitescout.com 4 redirects
4 bh.contextweb.com s.amazon-adsystem.com
bh.contextweb.com
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
cdn.arstechnica.net
4 www.facebook.com arstechnica.com
4 pixel.advertising.com 4 redirects
4 dis.criteo.com 3 redirects widgets.outbrain.com
4 sync.targeting.unrulymedia.com 3 redirects widgets.outbrain.com
4 px.ads.linkedin.com 3 redirects eus.rubiconproject.com
4 c2shb.ssp.yahoo.com cdn.arstechnica.net
4 fastlane.rubiconproject.com cdn.arstechnica.net
4 analytics.tiktok.com arstechnica.com
analytics.tiktok.com
4 www.google.com www.youtube.com
arstechnica.com
3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 jnn-pa.googleapis.com www.youtube.com
4 googleads.g.doubleclick.net 1 redirects www.youtube.com
3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
arstechnica.com
4 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
4 c.amazon-adsystem.com arstechnica.com
c.amazon-adsystem.com
3 secure-gg.imrworldwide.com blank
3 dsum.casalemedia.com ssum-sec.casalemedia.com
3 csi.gstatic.com imasdk.googleapis.com
3 match.bnmla.com 3 redirects
3 px.owneriq.net 3 redirects
3 odr.mookie1.com 3 redirects
3 ad.turn.com 3 redirects
3 ssp.behave.com 2 redirects arstechnica.com
3 p.rfihub.com 3 redirects
3 googleads4.g.doubleclick.net googleads.g.doubleclick.net
arstechnica.com
3 sync.technoratimedia.com 3 redirects
3 u.openx.net 2 redirects s.amazon-adsystem.com
3 image4.pubmatic.com 1 redirects arstechnica.com
3 image8.pubmatic.com 3 redirects
3 sync.search.spotxchange.com 2 redirects
3 loadus.exelator.com 2 redirects widgets.outbrain.com
3 sync.crwdcntrl.net 1 redirects widgets.outbrain.com
ssum-sec.casalemedia.com
3 beacon.lynx.cognitivlabs.com 2 redirects ads.pubmatic.com
3 aa.agkn.com 2 redirects widgets.outbrain.com
3 secure.adnxs.com 3 redirects
3 p.adsymptotic.com 1 redirects arstechnica.com
3 s0.2mdn.net imasdk.googleapis.com
3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
3 pippio.com 2 redirects arstechnica.com
3 www.googletagservices.com arstechnica.com
securepubads.g.doubleclick.net
3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
3 arstechnica.com cdn.arstechnica.net
pixel.condenastdigital.com
2 ib.mookie1.com 1 redirects
2 global.ib-ibi.com 2 redirects
2 tag.yieldoptimizer.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 a.sportradarserving.com 2 redirects
2 sync.adotmob.com 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects eus.rubiconproject.com
2 ads.creative-serving.com 2 redirects
2 pmp.mxptint.net 1 redirects arstechnica.com
2 pubmatic-match.dotomi.com 2 redirects
2 um.simpli.fi 2 redirects
2 bcp.crwdcntrl.net 2 redirects
2 cm.adgrx.com 2 redirects
2 ads.avct.cloud 2 redirects
2 dmp.adblade.com contextual.media.net
2 stags.bluekai.com 2 redirects
2 gum.criteo.com contextual.media.net
2 hbx.media.net contextual.media.net
2 acdn.adnxs.com cdn.arstechnica.net
2 cdn.syndication.twimg.com platform.twitter.com
2 ap.lijit.com 2 redirects
2 ads.pubmatic.com assets.bounceexchange.com
arstechnica.com
2 api.bounceexchange.com assets.bounceexchange.com
2 pulsepoint-match.dotomi.com 2 redirects
2 check.analytics.rlcdn.com cdn.arstechnica.net
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 loadm.exelator.com 2 redirects
2 pixel.adsafeprotected.com googleads.g.doubleclick.net
3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
2 fw.adsafeprotected.com 1 redirects googleads.g.doubleclick.net
2 eb2.3lift.com 2 redirects
2 analytics.google.com www.googletagmanager.com
2 ad.doubleclick.net 1 redirects arstechnica.com
2 analytics.twitter.com static.ads-twitter.com
arstechnica.com
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 ice.360yield.com 2 redirects
2 bttrack.com 1 redirects widgets.outbrain.com
2 creativecdn.com 2 redirects
2 ps.eyeota.net 1 redirects widgets.outbrain.com
2 tags.bluekai.com 1 redirects widgets.outbrain.com
2 sync.smartadserver.com 1 redirects arstechnica.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 api.sail-personalize.com ak.sail-horizon.com
2 condenast.demdex.net arstechnica.com
2 images.outbrainimg.com arstechnica.com
2 prebid.media.net cdn.arstechnica.net
2 condenastus-d.openx.net cdn.arstechnica.net
2 htlb.casalemedia.com cdn.arstechnica.net
2 assoc-na.associates-amazon.com z-na.associates-amazon.com
2 usermatch.krxd.net 2 redirects
2 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 4d.condenastdigital.com pixel.condenastdigital.com
2 elsa.memoinsights.com cdn.memo.co
2 p.skimresources.com arstechnica.com
2 t.skimresources.com arstechnica.com
s.skimresources.com
2 pixel.condenastdigital.com arstechnica.com
2 api.cnevids.com cdn.arstechnica.net
2 geolocation.onetrust.com cdn.cookielaw.org
2 www.googletagmanager.com arstechnica.com
www.googletagmanager.com
1 pixel.onaudience.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 dmp.v.fwmrm.net
1 aorta.clickagy.com 1 redirects
1 abp.mxptint.net 1 redirects
1 ads.scorecardresearch.com 1 redirects
1 fei.pro-market.net 1 redirects
1 idpix.media6degrees.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 r5---sn-ab5szn7e.c.2mdn.net arstechnica.com
1 gcdn.2mdn.net 1 redirects
1 dp2.33across.com 1 redirects
1 rtb.adentifi.com arstechnica.com
1 sync.ipredictive.com 1 redirects
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 trx-hub.com arstechnica.com
1 fr-actions.trackonomics.net cdn-magiclinks.trackonomics.net
1 dfp.bouncex.net cdn.arstechnica.net
1 x.dlx.addthis.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 api.rlcdn.com cdn.arstechnica.net
1 sync.go.sonobi.com 1 redirects
1 tr.blismedia.com 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
1 video2.responsiveads.com arstechnica.com
1 su.addthis.com 1 redirects
1 sync.extend.tv 1 redirects
1 s.tribalfusion.com 1 redirects
1 load77.exelator.com arstechnica.com
1 verizon.demdex.net 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
1 choices.truste.com googleads.g.doubleclick.net
1 ssbsync-us.smartadserver.com 1 redirects
1 fpa-events.arstechnica.com arstechnica.com
1 srv-1970-01-01-00.pixel.parsely.com arstechnica.com
1 pixels.ad.gt p.ad.gt
1 vars.hotjar.com static.hotjar.com
1 t.co arstechnica.com
1 cs-server-s2s.yellowblue.io widgets.outbrain.com
1 sync.hgrtb.com 1 redirects
1 c.bing.com widgets.outbrain.com
1 ssbsync.smartadserver.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 cs.emxdgt.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 id.geistm.com widgets.outbrain.com
1 dsp.adfarm1.adition.com 1 redirects
1 beacon.krxd.net widgets.outbrain.com
1 sync-jp.im-apps.net widgets.outbrain.com
1 p.ad.gt a.ad.gt
1 aufp.io a.ad.gt
1 fpa-cdn.arstechnica.com cdn.cookielaw.org
1 rules.quantcount.com secure.quantserve.com
1 script.hotjar.com static.hotjar.com
1 px4.ads.linkedin.com 1 redirects
1 www.linkedin.com 1 redirects
1 pbs.getpublica.com player.cnevids.com
1 cm.everesttech.net 1 redirects
1 mcdp-sadc1.outbrain.com widgets.outbrain.com
1 ampcid.google.com www.google-analytics.com
1 cdn-magiclinks.trackonomics.net arstechnica.com
1 static.hotjar.com arstechnica.com
1 snap.licdn.com arstechnica.com
1 a.ad.gt www.googletagmanager.com
1 d.turn.com arstechnica.com
1 tag.bounceexchange.com arstechnica.com
1 ak.sail-horizon.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 infinityid.condenastdigital.com pixel.condenastdigital.com
1 odb.outbrain.com widgets.outbrain.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 z-na.associates-amazon.com www.googletagmanager.com
1 fonts.gstatic.com www.youtube.com
1 api.condenast.io player.cnevids.com
1 mb.moatads.com z.moatads.com
1 polarcdn-terrax.com cdn.mediavoice.com
1 plugin.mediavoice.com cdn.mediavoice.com
1 id.sv.rkdms.com js-sec.indexww.com
1 widget-pixels.outbrain.com arstechnica.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 r.skimresources.com s.skimresources.com
1 cdn.memo.co arstechnica.com
1 segment-data.zqtk.net cdn.arstechnica.net
1 s.skimresources.com arstechnica.com
1 cdn.mediavoice.com arstechnica.com
0 sstats.arstechnica.com Failed arstechnica.com
762 257
Subject Issuer Validity Valid
*.arstechnica.com
Amazon		 2021-11-29 -
2022-12-27		 a year crt.sh
*.cachefly.net
GlobalSign RSA OV SSL CA 2018		 2021-10-18 -
2022-11-19		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.cnevids.com
Amazon		 2021-09-18 -
2022-10-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-16 -
2022-07-15		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.zqtk.net
Amazon		 2021-08-17 -
2022-09-15		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
cnevideos.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
memo.co
Amazon		 2021-05-27 -
2022-06-25		 a year crt.sh
*.admagazine.fr
GlobalSign Atlas R3 DV TLS CA 2020		 2021-07-22 -
2022-08-23		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
memoinsights.com
Amazon		 2021-05-27 -
2022-06-25		 a year crt.sh
z-na.associates-amazon.com
Amazon		 2021-05-21 -
2022-06-19		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
conde.io
Amazon		 2021-06-30 -
2022-07-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
ak.sail-horizon.com
Amazon		 2022-01-06 -
2023-02-02		 a year crt.sh
tag.bounceexchange.com
R3		 2022-01-22 -
2022-04-22		 3 months crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-02 -
2023-04-01		 a year crt.sh
*.ad.gt
Amazon		 2021-06-09 -
2022-07-08		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-29 -
2022-03-29		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.trackonomics.net
Go Daddy Secure Certificate Authority - G2		 2021-12-22 -
2023-01-23		 a year crt.sh
assoc-na.associates-amazon.com
Amazon		 2021-10-25 -
2022-09-30		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.getpublica.com
Amazon		 2021-07-01 -
2022-07-30		 a year crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2022-02-16 -
2022-05-17		 3 months crt.sh
api.sail-personalize.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
fpa-events.arstechnica.com
Amazon		 2021-05-26 -
2022-06-24		 a year crt.sh
aufp.io
Amazon		 2021-11-26 -
2022-12-24		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.im-apps.net
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.geistm.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-03-16 -
2022-09-16		 6 months crt.sh
*.yellowblue.io
Amazon		 2021-05-23 -
2022-06-21		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
*.responsiveads.com
DigiCert SHA2 Secure Server CA		 2021-06-21 -
2022-06-29		 a year crt.sh
*.pixel.parsely.com
R3		 2022-01-22 -
2022-04-22		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-02-28 -
2022-05-23		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
*.truste.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
analytics.rlcdn.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
*.wunderkind.co
R3		 2022-02-14 -
2022-05-15		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-04-22 -
2022-05-21		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-02-20 -
2022-05-21		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.trx-hub.com
Amazon		 2022-02-20 -
2023-03-21		 a year crt.sh
dmp.adblade.com
R3		 2022-03-06 -
2022-06-04		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2021-04-28 -
2022-05-27		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2		 2020-05-21 -
2022-07-17		 2 years crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh

This page contains 74 frames:

Primary Page: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Frame ID: 5853D5E09DDFC5BEF7ED7FAD9E3F60C2
Requests: 294 HTTP requests in this frame

Frame: https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
Frame ID: 88534BDA99AA43008AA48F02B6FF9FB5
Requests: 20 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4300934210075016
Frame ID: 22F263BA3CE1D6B99B9B4F7EA1917185
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Farstechnica.com
Frame ID: 58B0526E3523003A5797225213A2E6BE
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 4AA53A0D1ACABD42AFE1C13F2585F7AA
Requests: 26 HTTP requests in this frame

Frame: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1E07B942DBE02BCDC4229A585A9054EF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: FD8D8A17590A90635C0185D72C826F97
Requests: 39 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=0972d6d1-9a4b-40ad-b877-075e2093243e
Frame ID: 96433D44F0A701BF490D9F01BE7E996D
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 52A8ACFBD17491D9D0C9A52486FCD239
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: A59C1F1CD23BED150E97222B69C6359B
Requests: 38 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.506.0_en.html
Frame ID: 4C2747D7A1C73379FA917384FCC0228A
Requests: 2 HTTP requests in this frame

Frame: https://condenast.demdex.net/dest5.html?d_nsid=0
Frame ID: 2076F74891180E024CEC963D4CADA542
Requests: 36 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 804BDEB094A65437CC31ADE6C99130E4
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Frame ID: 1F743485CD56AC6E1E3A38AD89D45482
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 3568B9BC86477A6A3CE089CF0ED38156
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Frame ID: 80E67E9D9EEA3B90F690E45CDAFEC6AA
Requests: 20 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Frame ID: 812CF2FBBDC7D4B44124197792EBCE00
Requests: 17 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.506.0_en.html
Frame ID: C6DFDB3C61E8B4D3A272E9B5B720C6B8
Requests: 23 HTTP requests in this frame

Frame: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FB9BA6DB830B730EE3E6DEB175148957
Requests: 38 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 885B3328174D309DA9CF94B2418C908B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupI8pIPYtWdTqRH_0R3_WBhtlhZP5q7vNx-k003rV5PxrE7p32NfB4mZlRaSorBsv6rGoBijMgrQex8ZMslZ0FXc-gXNvG9TpA5edw2OBmhFPXRYDkm3WlBvZgZsIX9m9xJHApEspcpxnwiGC4od2we078fIMwR03oSe-QeEuYm5YMzkXksIa_cb3FlFX98mpfwV96A6lpmsE8km4KEbHxUv4YVT1IAezKoAuPWB4NcZr2bSN40L9mHEvOslRDXdN3km-GaPkuT-Gjpi45H15tJkCEBEw3EPh9L4CCZMn4wEsD2V7YiZAk-dYplQga6HsoTdj1aRBCdzL9SUHSxhrfZSNEgnqD_r4&sig=Cg0ArKJSzNkWscwIzLEjEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 92D65BFFBCF9D2F0EA98C7C319EC01C9
Requests: 23 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: 893BCCA46F9C4A91C19C8E24AC628383
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 4A0F3788E6556A30E2FBC88069C313A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-PEhClzM6CAhiKs5O9ATAB&v=APEucNWQQwe_CRek5v4CHLxVm7T8friZKz4ZMWKhwDADuKG8iGBWUfImarHDhOjyQpxPeePcEMkwUwXBE-rN4QIRAZWn7ROfNA
Frame ID: F8AA130803DD22322C192CBCB1881B0F
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 6B163224CC9F7A67E963E6578CC2C18E
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: F2747147B7826573BAA3BE1C948B8C49
Requests: 2 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Frame ID: 1CFE13B73A6127DFC4707463C7822A64
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1XSEgzeFc5RTJ1TGhtMW1kLk82Y2ZBY2lzUDVtTHlCN35B
Frame ID: 9577958D606E7A9A1302AAAB49C85C7D
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 2174019F8B2CB97B8E8D9605DEC192FE
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8687129380085137690&gdpr=0&gdpr_consent=
Frame ID: 5A6E3F6E201C0644E64B3F05C5B7B0E5
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=6141021567606092823&ex=appnexus.com
Frame ID: AECB78BBCB6FA670B17017687126A5C6
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2076059312112336406011
Frame ID: A39C964415ED13532EFBBFD0B9662AF0
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 045530C9469988DB9650E9AF3EC2106C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: A77DA7CBDAC03BAF5385D4B332BA5216
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 29E5138615302CF7C19EBB5CDCC7F2CA
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1EF1601683534759D9D58419A9CB5B10
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: C9AF540A076F01E1A01E9DC7FEA6A8F8
Requests: 20 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 2E1A7036CCDBA93DA416901FDB403D32
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Frame ID: 3B4BDADD11558A608272E45B2D4498C9
Requests: 17 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Frame ID: CDADA13E139081659CCD2340023B4CE9
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 70EBCBCEB96781885E51BEBEA510DA79
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 38A49AE727AE5664A503A88177360827
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Frame ID: 4B91D385FB22983C08BD50CCD15D52E4
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 2ECD97539AA8E8500D71D4940B9F339E
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 8F4E338F45436C3F079ABE327A0FF782
Requests: 1 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Frame ID: 5DFC744C9F5927368C4E31627E44963D
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F526BC5608F75B1F780F5FB7600933D9
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2909645546634886000V10&type=rkt&refUrl=&vid=79629547872909645546634886000V10&ovsid=1813050710606316317
Frame ID: 511409F67978556E811D605834D1C853
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2909645546634886000V10&type=rkt&refUrl=&vid=79629548932909645546634886000V10&ovsid=1813050710606316317
Frame ID: 56064BA5C2221B64A5E21226C8A7BED4
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C
Frame ID: 33292087A01F5C10B6A055AB88CCE987
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjnrRwAAADpnQgQL&gdpr=0&gdpr_consent=
Frame ID: F8406573FA4D02A9BF60059F756EDB2A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:81b96239-eb48-4800-8f99-27deec4d2451&gdpr=0&gdpr_consent=
Frame ID: 183A86AC10B5E21037373631FB045E49
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEsIE7Ec9cAAAz-s8TaRg
Frame ID: EEF155D4A0B03797F61A6EA6D65DA994
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 27871E934449B69D1B64A005A0682707
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: A8B95D1A6492BC1D6635E4FE7F1F09F7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=64AQATBEQPhUXTeCOAk6ZGAJ-Sw
Frame ID: 99929BC5E2357F18FE653571B5AA7BB2
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C
Frame ID: D274323AF7AF965D04AF665DE0E3749C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d4dfaa00-a9f4-11ec-a7b6-6837becf923c
Frame ID: ACBD8A9FBE9DE6E15E1E570292DC1476
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: E6BAE4D65BEDED070898D9CA763CEADD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=657826907971
Frame ID: BFA8CADE02984930852EE3F103084B6F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6N6kzBX01NwGrD5&gdpr=0&gdpr_consent=
Frame ID: 951F03A0F0B923E49077C2D99D9688AA
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005
Frame ID: E83D42391A34AAADB3604360DD5D3792
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7012493551709562395
Frame ID: 7BD4861D8F8B3AAD9A3122F851181065
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=013ca0b1-10dc-494d-bb71-056e8a93ca64
Frame ID: 2ADDB9506464B4CDA7B36022B1A0EB74
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=d99a7983-ad45-4aff-b7e3-1d6625d71961
Frame ID: D7CFC68CB3D27690E0D327C8661D1D22
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9fa89cc4-9382-4853-8b25-2117ad6ca439-tuct93370cb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: DC67E8926157B34C210ABD945B49D789
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 9D79CFB706BFD2578622CC3EA50977B7
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4813F92D16E711BCAC3AF8B3AB4700F4
Requests: 10 HTTP requests in this frame

Frame: https://secure-gg.imrworldwide.com/cgi-bin/m?ci=nlsnapi13033&am=48&ep=1&at=view&rt=banner&st=image&ca=dfp2965113109&cr=0&pc=5881677489&r=1647962954&c8=devgrp,DSK&c9=devid,&c10=plt,DSK&c13=asid,
Frame ID: D8606EEB30BD66F775FA5E7CBD549D5A
Requests: 1 HTTP requests in this frame

Frame: https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn318639&cr=crtve&ce=condenast&pc=condenast_plc0002&ci=nlsnci292&am=3&at=view&rt=banner&st=image&r=1404944459&c9=devid,&c13=asid,
Frame ID: 2EB619BECEAC2958886D810A920BBEE9
Requests: 1 HTTP requests in this frame

Frame: https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn318868&cr=138383011217&ce=21698048816&pc=5881677489_21698048816&ci=nlsnci156&am=4&at=view&rt=banner&st=image&r=1404944459&c9=devid,&c13=asid,
Frame ID: 942EE4FD6B3E84136A9542F089919CC8
Requests: 1 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: A91414BB8CD91EA6D3343C097E733FF7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 61DDAD22288014C70CB0E0B5164418DE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A3F15D96373D7B4B0CF17112D2BEBB6E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Behold, a password phishing site that can trick even savvy users | Ars Technica

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

762
Requests

78 %
HTTPS

24 %
IPv6

148
Domains

257
Subdomains

169
IPs

8
Countries

16220 kB
Transfer

36613 kB
Size

322
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 138
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 165
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035094&ns__t=1647962950412&ns_c=UTF-8&c8=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users%20%7C%20Ars%20Technica&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1647962950412&ns_c=UTF-8&c8=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users%20%7C%20Ars%20Technica&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&c9=
Request Chain 166
  • https://idsync.rlcdn.com/709387.gif?partner_uid=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&gtmcb=1726201224 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIumKxIwCiwIARCFvQkaJGQ1ZWZkNmY0LWUzN2MtNGUzNy1hMGU3LWE1YzQ4M2I4YmEzNRAAGg0IxtbnkQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ee786f5ef80dc4f98f9029aef09593022621e980fa25eba1065a64c64b1aa0cd791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBlZTc4NmY1ZWY4MGRjNGY5OGY5MDI5YWVmMDk1OTMwMjI2MjFlOTgwZmEyNWViYTEwNjVhNjRjNjRiMWFhMGNkNzkxNDI2YjU0MTdkY2UyMRAAGgwIx9bnkQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBlZTc4NmY1ZWY4MGRjNGY5OGY5MDI5YWVmMDk1OTMwMjI2MjFlOTgwZmEyNWViYTEwNjVhNjRjNjRiMWFhMGNkNzkxNDI2YjU0MTdkY2UyMRAAGgwIx9bnkQYSBAgCEABCAEoA&google_gid=CAESEHfFpTJJ5DFBc7AN2ZdUPRY&google_cver=1 HTTP 307
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity HTTP 302
  • https://pippio.com/api/sync?pid=709973&it=1&iv=Ou6QJvtA
Request Chain 167
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=undefined HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_device_id=undefined
Request Chain 168
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=648&partner_device_id=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=648&partner_device_id=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f5187042-5f14-4af5-9f23-8cb08038da53%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f5187042-5f14-4af5-9f23-8cb08038da53%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&ttd_puid=f5187042-5f14-4af5-9f23-8cb08038da53%2C
Request Chain 216
  • https://cm.everesttech.net/cm/dd?d_uuid=65416946501074486881869476194977929017 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YjnrRwAAADpnQgQL
Request Chain 226
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Request Chain 229
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1647962951352&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1647962951352&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D434737%26time%3D1647962951352%26url%3Dhttps%253A%252F%252Farstechnica.com%252Finformation-technology%252F2022%252F03%252Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1647962951352&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1647962951352&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&cookiesTest=true&liSync=true&e_ipv6=AQKPDdhSk8FzRgAAAX-yPxR2iXHJaBQBhVaSdaVTHinTKdnC6VYG0vjHPbk-fcTSG36PYw HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f81064a0-5b88-4e23-ba9c-c8be0a830f4f HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f81064a0-5b88-4e23-ba9c-c8be0a830f4f&_expected_cookie=c4187fc90b12df0aedc854c7b99b7bbf
Request Chain 248
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=df8afae4-be36-4903-9f4a-b3826d7e351f&adnxs_id=$UID HTTP 302
  • https://ids.ad.gt/api/v1/match?id=df8afae4-be36-4903-9f4a-b3826d7e351f&adnxs_id=6141021567606092823
Request Chain 249
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=df8afae4-be36-4903-9f4a-b3826d7e351f HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&id=df8afae4-be36-4903-9f4a-b3826d7e351f
Request Chain 250
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Ddf8afae4-be36-4903-9f4a-b3826d7e351f HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Ddf8afae4-be36-4903-9f4a-b3826d7e351f HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C&id=df8afae4-be36-4903-9f4a-b3826d7e351f
Request Chain 251
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=df8afae4-be36-4903-9f4a-b3826d7e351f HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=df8afae4-be36-4903-9f4a-b3826d7e351f&google_gid=CAESEEIrQz3AkMHtF3s-NavOYfM&google_cver=1&google_ula=450542624,0
Request Chain 252
  • https://ids.ad.gt/api/v1/g_hosted?id=df8afae4-be36-4903-9f4a-b3826d7e351f HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZGY4YWZhZTQtYmUzNi00OTAzLTlmNGEtYjM4MjZkN2UzNTFm
Request Chain 253
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3Ddf8afae4-be36-4903-9f4a-b3826d7e351f%26sas_uid%3D%5bsas_uid%5d HTTP 302
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=df8afae4-be36-4903-9f4a-b3826d7e351f&sas_uid=[sas_uid]&cklb=1
Request Chain 254
  • https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3Ddf8afae4-be36-4903-9f4a-b3826d7e351f HTTP 302
  • https://ids.ad.gt/api/v1/mediamath_match?user_id=81b96239-eb48-4800-8f99-27deec4d2451&id=df8afae4-be36-4903-9f4a-b3826d7e351f
Request Chain 255
  • https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Ddf8afae4-be36-4903-9f4a-b3826d7e351f%26unruly_id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Ddf8afae4-be36-4903-9f4a-b3826d7e351f%26unruly_id%3D%5BRX_UUID%5D&cb=1647962952087 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Ddf8afae4-be36-4903-9f4a-b3826d7e351f%26unruly_id%3DRX-a83b6604-2e32-49f2-bbad-627050f1e26e-005 HTTP 302
  • https://ids.ad.gt/api/v1/unruly?id=df8afae4-be36-4903-9f4a-b3826d7e351f&unruly_id=RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005
Request Chain 257
  • https://idsync.rlcdn.com/420046.gif?partner_uid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f089e44e-2a30-4d9e-974c-6ccac026b0a2
Request Chain 259
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&s=2&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=hzHZL_4QNgthsM8mf_bi&gdpr=0&us_privacy=1---
Request Chain 260
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=6141021567606092823&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Request Chain 263
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=05c5f2ba-e4d6-4fba-8f01-3cff13067e70
Request Chain 266
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=1d2bf79a-2aa2-4d4b-b6d5-7622945e46de
Request Chain 267
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=outbrain&bsw_custom_parameter=62e8ec88-d2ea-41ea-a477-629331ac8f33 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=6bafe6a2-2746-4d2e-ae06-bc0f946be187&ssp=outbrain&bsw_param=62e8ec88-d2ea-41ea-a477-629331ac8f33 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=62e8ec88-d2ea-41ea-a477-629331ac8f33&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 269
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECP2XajRBRyTq35ZHMobyac&google_cver=1 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/62e8ec88-d2ea-41ea-a477-629331ac8f33?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005
Request Chain 270
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7077946979591780497
Request Chain 271
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Request Chain 273
  • https://creativecdn.com/cm-notify?pi=outbrain HTTP 302
  • https://creativecdn.com/cm-notify?pi=outbrain&tc=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=tRXbRqn9LRjMupaJwpN2&pi=outbrain&tc=1
Request Chain 274
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L12ALATH-K-LNSR
Request Chain 277
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB HTTP 302
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&xl8blockcheck=1 HTTP 302
  • https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Request Chain 278
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&s=193091&C=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Request Chain 279
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&__user_check__=1&sync_id=d3ea2f8e-a9f4-11ec-8f7c-13d5c8140103 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=spotx&uid=d3ea2f41-a9f4-11ec-8f7c-13d5c8140103&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Request Chain 280
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB%2526uid%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDhENDAzRjktRUE5Qy00RkVDLUJCQkItRkQ4RTM4NzY0NTdD&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEMOU1AZQBDOUQFaxh0E1VLI&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB%26uid%3DD8D403F9-EA9C-4FEC-BBBB-FD8E3876457C HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&uid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C
Request Chain 281
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=openx&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&uid=155eb22f-9899-4602-ab5a-be9441061651
Request Chain 282
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UPd35c2be1-a9f4-11ec-9212-029922c6cb47 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=UPd35c2be1-a9f4-11ec-9212-029922c6cb47
Request Chain 283
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB%0A HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB%0A&b64_redirect=aHR0cHM6Ly9zeW5jLm91dGJyYWluLmNvbS9jb29raWUtc3luYz9wPWVteCZ1aWQ9JEVNWFVJRCZvYlVpZD1kRkc3OVpiWnF1WFR6TTBnb2l0cmRXOGZoaHMwQjBPd3JsMnlZejB1OGhsd1lRMjNWdjFEZEkzRmdzYXdTek9CCg==
Request Chain 284
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB HTTP 302
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=20f1281e-6524-4d23-b51a-b9052e632b0a&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Request Chain 285
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%24%7BUSER%7D%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3556592995 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/05c5f2ba-e4d6-4fba-8f01-3cff13067e70 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005?redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3DRX-a83b6604-2e32-49f2-bbad-627050f1e26e-005%26obUid%3D%24D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005&obUid=$D
Request Chain 286
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=7a674393&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Request Chain 287
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB%26gdpr%3D$GDPR_APPLIES%26gdpr_consent%3D$CONSNT_STRING HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=8687129380085137690&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
Request Chain 288
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-ZaBW8I9E2uGxsYvIiwH_q9GEHkdeo.Mc3OcTSgY-~A&gdpr=0&gdpr_consent=
Request Chain 290
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB HTTP 307
  • https://sync.outbrain.com/cookie-sync?p=synacor&uid=FCBFFBF89C1640D1A81A2F6FB803C46C&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Request Chain 291
  • https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB%26uid%3D%7BUSER_ID%7D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&uid=d676d484-7f55-4590-a5b6-0b58669cc390
Request Chain 293
  • https://id.rlcdn.com/711945.gif?cparams=obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB HTTP 307
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Request Chain 333
  • https://ad.doubleclick.net/ddm/trackimp/N223801.2573CONDNASTDIGITALWIRED/B27040065.324545478;dc_trk_aid=516629072;dc_trk_cid=163818605;ord=885225794;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N223801.2573CONDNASTDIGITALWIRED/B27040065.324545478;dc_pre=CI7Rl7OE2vYCFVZYDQodnrgFPw;dc_trk_aid=516629072;dc_trk_cid=163818605;ord=885225794;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Request Chain 366
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=65416946501074486881869476194977929017 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=214870604098008945134
Request Chain 368
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3Ddf8afae4-be36-4903-9f4a-b3826d7e351f HTTP 302
  • https://ids.ad.gt/api/v1/openx?openx_id=8c0f824d-6efb-4402-9bce-f869eec21e7e&id=0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=df8afae4-be36-4903-9f4a-b3826d7e351f
Request Chain 389
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1XSEgzeFc5RTJ1TGhtMW1kLk82Y2ZBY2lzUDVtTHlCN35B
Request Chain 391
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8687129380085137690&gdpr=0&gdpr_consent=
Request Chain 392
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=6141021567606092823&ex=appnexus.com
Request Chain 393
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2076059312112336406011
Request Chain 395
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=65416946501074486881869476194977929017&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d65416946501074486881869476194977929017 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=81b96239-eb48-4800-8f99-27deec4d2451&ddsuuid=65416946501074486881869476194977929017
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN6ZjlNc2LvDK2x3nmbRQpY&google_cver=1
Request Chain 397
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjnrSETtBJYiRIvboXIHjAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN6ZjlNc2LvDK2x3nmbRQpY&google_cver=1
Request Chain 398
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFbJp4MunEwGkDS_klPG6FM&google_cver=1
Request Chain 399
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MTAyMTU2NzYwNjA5MjgyMw%3D%3D
Request Chain 419
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=65416946501074486881869476194977929017 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 421
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YjnrRwAAADpnQgQL
Request Chain 423
  • https://match.adsrvr.org/track/cmf/openx?oxid=a54f9b28-e777-7bfe-c835-ec39f9bdd17a&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&ttd_puid=a54f9b28-e777-7bfe-c835-ec39f9bdd17a&gdpr=0&gdpr_consent=
Request Chain 425
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKOHPQp5Wv5k_lhS7BfBad0&google_cver=1
Request Chain 427
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEADn2nHyv7W9CtL1F1EWYl4&google_cver=1
Request Chain 428
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjnrSETtBJYiRIvboXIHjAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN6ZjlNc2LvDK2x3nmbRQpY&google_cver=1
Request Chain 429
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&expiration=1650554953&gdpr=0&gdpr_consent=
Request Chain 430
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=6N6kzBX01NwGrD5
Request Chain 431
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YjnrSETtBJYiRIvboXIHjAAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YjnrSETtBJYiRIvboXIHjAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662289794877202
Request Chain 432
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0d8d41f2-870c-413d-ae63-5efc0447587b
Request Chain 433
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1813050710606316317
Request Chain 439
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=RnF2MjFOdmZwMFBmTC1tcDlKaHB0Zw&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESELj1VrFNvx3dmsTmi77_UAQ&google_cver=1
Request Chain 440
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=5d3a48d7f4b108eb&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAADLCxZBg21OwM_oJzFAAAAAAA&expiration=1648049353&nuid=&is_secure=true
Request Chain 441
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253D617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553%2526gdpr_in_effect%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553%26gdpr_in_effect%3D0%26gdpr_consent%3D HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553&gdpr_in_effect=0&gdpr_consent=
Request Chain 449
  • https://su.addthis.com/red/usync?pid=16&puid=65416946501074486881869476194977929017&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D420%26dpuuid%3D%7B%7Buid%7D%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=420&dpuuid=6239eb4941a25e61
Request Chain 452
  • https://fw.adsafeprotected.com/rfw/st/897507/59604290/4.js?ias_dspID=3&ias_campId=25838044&ias_pubId=pub-3844877863303739&ias_chanId=1&ias_placementId=15714995187&bidurl=https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/&ias_dealId=&adContainerId=gcc_SOs5YoqTMbiUoPMPho6R6Ao&cbFunctionName=goog_wrapCb_SOs5YoqTMbiUoPMPho6R6Ao&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Farstechnica.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bb924dad-14b6-4a84-8fc3-b5e835ef7fc0,c:7BxZ01,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5c47ff9957-5cdc9,rg:va,pt:1-5-15,br:c,abv:na,an:n,oam:0,nbld:0,mtim:4,fm:t0PaBLC+11%7C12%7C13%7C14%7C151%7C1521%7C16%7C171%7C1721%7C18%7C19%7C1a%7C1b11%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j*.897507-59604290%7C1j1%7C1k%7C1l%7C1m,idMap:1j*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:34,oid:d3d8adf3-a9f4-11ec-b50e-e2aa94532794,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 456
  • https://idsync.rlcdn.com/365868.gif?partner_uid=65416946501074486881869476194977929017 HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=001f451012abaa9827fe20b9199bd709a5cfc66c9868f7ea5bf88f76ae73729fb0da87c991749652
Request Chain 472
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=6141021567606092823
Request Chain 479
  • https://ssp.behave.com/push_sync HTTP 302
  • https://ssp.behave.com/ul_cb/push_sync HTTP 302
  • https://x.bidswitch.net/sync?ssp=bouncex HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=bouncex&bsw_user_id=62e8ec88-d2ea-41ea-a477-629331ac8f33 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=1d2bf79a-2aa2-4d4b-b6d5-7622945e46de&ssp=bouncex HTTP 302
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=62e8ec88-d2ea-41ea-a477-629331ac8f33
Request Chain 492
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOXfPq355lWJAy9CxMD4yCE&google_cver=1&google_push=AYg5qPJ9D2EKnTkOvEAMsPlmxNeGq74iP5pZAgUkD2jqwcrihPrUBVE08tucujboSDBqrz_SvTqA8-lGWxscakZRR1oLKMdkTU0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gbliOetISACPmSfe7E0kUQ&google_push=AYg5qPJ9D2EKnTkOvEAMsPlmxNeGq74iP5pZAgUkD2jqwcrihPrUBVE08tucujboSDBqrz_SvTqA8-lGWxscakZRR1oLKMdkTU0
Request Chain 494
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM8oNe7TQhdAVDG8v5b4sVc&google_cver=1&google_push=AYg5qPImQiJG6TvEzdH6qtluQ4j8teiku89_Rnlg8rqA4k7bCFJh5QGGYCn8T5wUWaeAhffmJzSGmB-Qoxeo_CMzLuv0s6O-hXsM HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM8oNe7TQhdAVDG8v5b4sVc&google_cver=1&google_push=AYg5qPImQiJG6TvEzdH6qtluQ4j8teiku89_Rnlg8rqA4k7bCFJh5QGGYCn8T5wUWaeAhffmJzSGmB-Qoxeo_CMzLuv0s6O-hXsM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkyNzMzOTM1OTg5NzMxNTc4OQ&google_push=AYg5qPImQiJG6TvEzdH6qtluQ4j8teiku89_Rnlg8rqA4k7bCFJh5QGGYCn8T5wUWaeAhffmJzSGmB-Qoxeo_CMzLuv0s6O-hXsM
Request Chain 495
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIsRgP2K8AjeDLTlOO6FKb4&google_cver=1&google_push=AYg5qPIc585Kf4B_n8B1mEro5k9PUngDyizObsUTQFEcgQCGA41YHuWCM3W9knb5Wvx-v9irTAy-fYy4DpUZ1fbUmNMz15FTS9WP HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEyQUxBVEgtSy1MTlNS&google_push=AYg5qPIc585Kf4B_n8B1mEro5k9PUngDyizObsUTQFEcgQCGA41YHuWCM3W9knb5Wvx-v9irTAy-fYy4DpUZ1fbUmNMz15FTS9WP
Request Chain 496
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPKsN_mIUdCjd77aZ3drPCp0wpX3ldi_NzhKALk3zfUbD4RT1unKJ7RB3yOOoW1_O0jtWZ4O8h4mY78rT5Pgl06mCUKV5lXy%26google_hm%3D%5BUID%5D&google_gid=CAESEIRlTsy6ZuhJLhpE6EGwiHs&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPKsN_mIUdCjd77aZ3drPCp0wpX3ldi_NzhKALk3zfUbD4RT1unKJ7RB3yOOoW1_O0jtWZ4O8h4mY78rT5Pgl06mCUKV5lXy&google_hm=442fe751-492b-4837-8dea-3e27d117c247
Request Chain 497
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFQbJSwftDWPNr8wWMPyaaM&google_cver=1&google_push=AYg5qPK_pwuRi35CEyvXBqODdhisWVEM8b8TwfXt34XB5D7NqmBvszg1KHBH9cX_qmyQ9IY_e6IyeuNz-55BNPxSUI9HG0vzCTp_ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFQbJSwftDWPNr8wWMPyaaM&google_cver=1&google_push=AYg5qPK_pwuRi35CEyvXBqODdhisWVEM8b8TwfXt34XB5D7NqmBvszg1KHBH9cX_qmyQ9IY_e6IyeuNz-55BNPxSUI9HG0vzCTp_&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPK_pwuRi35CEyvXBqODdhisWVEM8b8TwfXt34XB5D7NqmBvszg1KHBH9cX_qmyQ9IY_e6IyeuNz-55BNPxSUI9HG0vzCTp_&google_hm=10d5e2f9f5cc70ae3f95ae6b
Request Chain 498
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEF8JtsmthTSp-JQOxhWiChQ&google_cver=1&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
Request Chain 510
  • https://token.rubiconproject.com/token?pid=6404&puid=65416946501074486881869476194977929017&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=L12ALATH-K-LNSR?gdpr=0
Request Chain 530
  • https://x.dlx.addthis.com/e/demdex_sync?na_exid=65416946501074486881869476194977929017&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022032215291400014977407446
Request Chain 534
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=8b8b18a1-3f1d-41b7-9b12-2d336e1e2513 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8b8b18a1-3f1d-41b7-9b12-2d336e1e2513&apid=UPd35c2be1-a9f4-11ec-9212-029922c6cb47
Request Chain 535
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=f089e44e-2a30-4d9e-974c-6ccac026b0a2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAw0ow8pr2Qkn9aXo_S6tHI&google_cver=1
Request Chain 536
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6141021567606092823
Request Chain 538
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4137273106857289133&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 540
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=8b8b18a1-3f1d-41b7-9b12-2d336e1e2513 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8b8b18a1-3f1d-41b7-9b12-2d336e1e2513&apid=UPd35c2be1-a9f4-11ec-9212-029922c6cb47
Request Chain 541
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=f089e44e-2a30-4d9e-974c-6ccac026b0a2 HTTP 307
  • https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D HTTP 302
  • https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=81b96239-eb48-4800-8f99-27deec4d2451
Request Chain 542
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6141021567606092823
Request Chain 544
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4137273106857289133&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 548
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=65416946501074486881869476194977929017 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=f5187042-5f14-4af5-9f23-8cb08038da53
Request Chain 557
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Drkt%26refUrl%3D%26vid%3D79629547872909645546634886000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2909645546634886000V10&type=rkt&refUrl=&vid=79629547872909645546634886000V10&ovsid=1813050710606316317
Request Chain 558
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Dcon%26refUrl%3D%26vid%3D79629547872909645546634886000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=9dd0c12359d08ed&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Dcon%26refUrl%3D%26vid%3D79629547872909645546634886000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=con&refUrl=&vid=79629547872909645546634886000V10&ovsid=AAADKxt_0Co_YQM11XjHAAAAAAA&expiration=1648049355&is_secure=true
Request Chain 559
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Dmma%26refUrl%3D%26vid%3D79629547872909645546634886000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=mma&refUrl=&vid=79629547872909645546634886000V10&ovsid=81b96239-eb48-4800-8f99-27deec4d2451
Request Chain 560
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MjkwOTY0NTU0NjYzNDg4NjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENSTd-iebpEVI5faXuEolEk&google_cver=1
Request Chain 561
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Ddxu%26refUrl%3D%26vid%3D79629547872909645546634886000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=dxu&refUrl=&vid=79629547872909645546634886000V10&ovsid=6N6kzBX01NwGrD5
Request Chain 562
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=56e72df9-e68c-42c0-9392-bf3196168128
Request Chain 563
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=62e8ec88-d2ea-41ea-a477-629331ac8f33&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10596547713675543060&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f5187042-5f14-4af5-9f23-8cb08038da53&ssp=medianet&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214870604098008945134&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10596547713675543060&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
Request Chain 564
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Dzem%26refUrl%3D%26vid%3D79629547872909645546634886000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=hzHZL_4QNgthsM8mf_bi&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLIPJEFUTC7GRIU4Z3UNBZU2ODNMZPWE2JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3TSNRSHE2TINZYG4ZDSMBZGY2DKNJUGY3DGNBYHA3DAMBQKYYTAJTWONUWIPJSHEYDSNRUGU2TINRWGM2DQOBWGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLIPJEFUTC7GRIU4Z3UNBZU2ODNMZPWE2JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3TSNRSHE2TINZYG4ZDSMBZGY2DKNJUGY3DGNBYHA3DAMBQKYYTAJTWONUWIPJSHEYDSNRUGU2TINRWGM2DQOBWGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=hzHZL_4QNgthsM8mf_bi&refUrl=&type=zem&vid=79629547872909645546634886000V10&vsid=2909645546634886000V10
Request Chain 566
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2909645546634886000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=1d2bf79a-2aa2-4d4b-b6d5-7622945e46de&cs=1
Request Chain 568
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=05c5f2ba-e4d6-4fba-8f01-3cff13067e70
Request Chain 569
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E HTTP 302
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2909645546634886000V10
Request Chain 577
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MjkwOTY0NTU0NjYzNDg4NjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENSTd-iebpEVI5faXuEolEk&google_cver=1
Request Chain 578
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Drkt%26refUrl%3D%26vid%3D79629548932909645546634886000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2909645546634886000V10&type=rkt&refUrl=&vid=79629548932909645546634886000V10&ovsid=1813050710606316317
Request Chain 579
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=56e72df9-e68c-42c0-9392-bf3196168128
Request Chain 580
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=d3257ede-eb67-416f-bb37-58f8f15ba8d6&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=62e8ec88-d2ea-41ea-a477-629331ac8f33&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 582
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2909645546634886000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=1d2bf79a-2aa2-4d4b-b6d5-7622945e46de&cs=1
Request Chain 584
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=05c5f2ba-e4d6-4fba-8f01-3cff13067e70
Request Chain 585
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E HTTP 302
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2909645546634886000V10
Request Chain 586
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Dcon%26refUrl%3D%26vid%3D79629548932909645546634886000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=7f9e922d376b08ec&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Dcon%26refUrl%3D%26vid%3D79629548932909645546634886000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=con&refUrl=&vid=79629548932909645546634886000V10&ovsid=AAADKxt_0Co_YwMgGrPDAAAAAAA&expiration=1648049355&is_secure=true
Request Chain 587
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Dmma%26refUrl%3D%26vid%3D79629548932909645546634886000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=mma&refUrl=&vid=79629548932909645546634886000V10&ovsid=81b96239-eb48-4800-8f99-27deec4d2451
Request Chain 588
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Ddxu%26refUrl%3D%26vid%3D79629548932909645546634886000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=dxu&refUrl=&vid=79629548932909645546634886000V10&ovsid=6N6kzBX01NwGrD5
Request Chain 589
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Dzem%26refUrl%3D%26vid%3D79629548932909645546634886000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=hzHZL_4QNgthsM8mf_bi&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLIPJEFUTC7GRIU4Z3UNBZU2ODNMZPWE2JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3TSNRSHE2TIOBZGMZDSMBZGY2DKNJUGY3DGNBYHA3DAMBQKYYTAJTWONUWIPJSHEYDSNRUGU2TINRWGM2DQOBWGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLIPJEFUTC7GRIU4Z3UNBZU2ODNMZPWE2JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3TSNRSHE2TIOBZGMZDSMBZGY2DKNJUGY3DGNBYHA3DAMBQKYYTAJTWONUWIPJSHEYDSNRUGU2TINRWGM2DQOBWGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=hzHZL_4QNgthsM8mf_bi&refUrl=&type=zem&vid=79629548932909645546634886000V10&vsid=2909645546634886000V10
Request Chain 591
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjnrRwAAADpnQgQL&gdpr=0&gdpr_consent=
Request Chain 592
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:81b96239-eb48-4800-8f99-27deec4d2451&gdpr=0&gdpr_consent=
Request Chain 593
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFc0lFN0VjOWNBQUF6LXM4VGFSZw&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAEsIE7Ec9cAAAz-s8TaRg&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp,sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEsIE7Ec9cAAAz-s8TaRg
Request Chain 594
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 596
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=64AQATBEQPhUXTeCOAk6ZGAJ-Sw
Request Chain 597
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=6bafe6a2-2746-4d2e-ae06-bc0f946be187&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C
Request Chain 598
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d4dfaa00-a9f4-11ec-a7b6-6837becf923c
Request Chain 600
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=657826907971
Request Chain 601
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6N6kzBX01NwGrD5&gdpr=0&gdpr_consent=
Request Chain 602
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7827955524 HTTP 302
  • https://tags.bluekai.com/site/17724?id=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553%3Fhttps%253A%252F%252Fsync.1rx.io%252Fusersync3%252Fcentro%252F1508%252F617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553%253Fzcc%253D0%2526sspret%253D1%2526rndcb%253D7827955524 HTTP 302
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553%3Fzcc%3D0%26sspret%3D1%26rndcb%3D7827955524 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553%3Fzcc%3D0%26sspret%3D1%26rndcb%3D7827955524 HTTP 302
  • https://sync.1rx.io/usersync3/centro/1508/617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553?zcc=0&sspret=1&rndcb=7827955524 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-a83b6604-2e32-49f2-bbad-627050f1e26e-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005
Request Chain 603
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7012493551709562395&uid=Q7012493551709562395&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7012493551709562395
Request Chain 604
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=013ca0b1-10dc-494d-bb71-056e8a93ca64
Request Chain 605
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=439985829DE84A8C9B5342B56A27F74A HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D HTTP 307
  • https://match.bnmla.com/usersync?dspid=170&uuid=FCBFFBF89C1640D1A81A2F6FB803C46C HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=d99a7983-ad45-4aff-b7e3-1d6625d71961
Request Chain 606
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9fa89cc4-9382-4853-8b25-2117ad6ca439-tuct93370cb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 607
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2NQD-eqcT-y7u_2OOHZFfA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 608
  • https://idsync.rlcdn.com/420486.gif?partner_uid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAw0ow8pr2Qkn9aXo_S6tHI&google_cver=1
Request Chain 609
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=81b96239-eb48-4800-8f99-27deec4d2451
Request Chain 610
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E446C6FC9B8A47FAA8BFF7595C7C81CD
Request Chain 611
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4137273106857289133&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 612
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=05c5f2ba-e4d6-4fba-8f01-3cff13067e70
Request Chain 614
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_8.CgUVE2uX5F7nltzpllehB3b9oubw-~A&gdpr=0&gdpr_consent=
Request Chain 615
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6141021567606092823&gdpr=0&gdpr_consent=
Request Chain 616
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=461325ebf99808ee&is_secure=true&networkId=17100&version=1&nuid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADK9Fl9e6oFAM28G98AAAAAAA&expiration=1648049355&nuid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 617
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=d4e8e5e2-a9f4-11ec-9a60-ab47edd9be64&gdpr=0&gdpr_consent=
Request Chain 618
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=07dFsoDnQrPIsEXogeRbs9KyQLLI4UKz1LWln4sQ
Request Chain 620
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_ED237649_36809EBA&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 621
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=62e8ec88-d2ea-41ea-a477-629331ac8f33 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=62e8ec88-d2ea-41ea-a477-629331ac8f33 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=a4a1d4c7-6fe7-47be-ba7e-456dcca1ffcf&ssp=pubmatic&expires=30&user_group=5&bsw_param=62e8ec88-d2ea-41ea-a477-629331ac8f33 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=62e8ec88-d2ea-41ea-a477-629331ac8f33&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 622
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553&gdpr=0&gdpr_consent=
Request Chain 623
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4927339359897315789
Request Chain 627
  • https://dp2.33across.com/ps/?pid=897&random=1388264777 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=601&dpuuid=77930602580799&random=1647962955
Request Chain 637
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WXjx6Hh_SIqqDgsKJmTadQ&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WXjx6Hh_SIqqDgsKJmTadQ
Request Chain 638
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTY2MTAyMjIwZjliZWFhYzFkNGZjNzFhNjZkNzg0ODQ0NDNiN2FjZQ&us_privacy=1---
Request Chain 639
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG1XLDqZ_Be1SjuF0_RCBn8&google_cver=1
Request Chain 640
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L12ALATH-K-LNSR&us_privacy=1---
Request Chain 641
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&gdpr=0&gdpr_consent=&expires=30
Request Chain 642
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/z-8MQNP61Kfn0ULpysWhJw?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8305021932469246601
Request Chain 643
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEyQUxBVEgtSy1MTlNS&us_privacy=1---
Request Chain 645
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjU0MTY5NDY1MDEwNzQ0ODY4ODE4Njk0NzYxOTQ5Nzc5MjkwMTc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMZQmC5zYRulRGm4oq-8cVY&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 650
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6141021567606092823&us_privacy=1---
Request Chain 651
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1--- HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEsIE7Ec9cAAAz-s8TaRg&expiration=1649172555
Request Chain 652
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB&gdpr_consent=&us_privacy=1---&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB
Request Chain 653
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=077222040784cc31d02957f2&expiration=[EXPIRATION]
Request Chain 654
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=pvzwovWs96O9-_D49K_uo6f59aK9qvejof4bxpzN
Request Chain 655
  • https://x.bidswitch.net/sync?ssp=index&us_privacy=1--- HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=5fa719d4-8452-4932-bbdc-f7ca46c1b25d&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=62e8ec88-d2ea-41ea-a477-629331ac8f33
Request Chain 656
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1&us_privacy=1--- HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=477a6364-4aa2-4979-a7fc-6fe14ccfc4bf
Request Chain 658
  • https://gcdn.2mdn.net/videoplayback/id/3637ac91f189b086/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791493514/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/79095ECBAF9CA600E352663B39D7F64ADA7EB23B.25CFD0592A30766C0A04B76CCA6E4ECB9F2A3C52/key/ck2/file/file.mp4?cpn=9GhTZXWBfoKgCPzB HTTP 302
  • https://r5---sn-ab5szn7e.c.2mdn.net/videoplayback/id/3637ac91f189b086/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791493514/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/960B171FFCDFF554D68BA3463993D97678316E.65788A5A28C4C5852740A5081FE0184055499D40/key/cms1/cms_redirect/yes/mh/LC/mip/2602:ffc8:2:104::7/mm/42/mn/sn-ab5szn7e/ms/onc/mt/1647962785/mv/u/mvi/5/pl/48?cpn=9GhTZXWBfoKgCPzB&file=file.mp4
Request Chain 660
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6141021567606092823&us_privacy=1---
Request Chain 661
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjnrRwAAADpnQgQL&us_privacy=1---
Request Chain 662
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1--- HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEsIE7Ec9cAAAz-s8TaRg&expiration=1649172555
Request Chain 663
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&us_privacy=1--- HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=cd08e909-f151-0518-4e49dd2b
Request Chain 664
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&us_privacy=1--- HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0772220407a3bae13afcafa3&expiration=[EXPIRATION]
Request Chain 665
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&us_privacy=1--- HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&us_privacy=1---&prevuid=04030001_6239eb4b89a0e&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_6239eb4b89a0e
Request Chain 673
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=65416946501074486881869476194977929017 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=992&dpuuid=bi9xa3sr84e8
Request Chain 682
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=7h0R4b1NFuD1GhG7vE4P4O8YFOH1Sxbg6R9OG5L4
Request Chain 709
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233 HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?tc=888708189&t=i&p=2233 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2026798750376
Request Chain 712
  • https://sb.scorecardresearch.com/c2/6035094/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 713
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=65416946501074486881869476194977929017 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=-5274598048067465905
Request Chain 719
  • https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID) HTTP 302
  • https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7012493551709562395P
Request Chain 722
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=65416946501074486881869476194977929017&rn=1647962950635&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D65416946501074486881869476194977929017 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=65416946501074486881869476194977929017
Request Chain 723
  • https://abp.mxptint.net/sn.ashx HTTP 302
  • https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_ED237649_36809EBA&redir=https://abp.mxptint.net/sn.ashx?ak=1
Request Chain 725
  • https://aorta.clickagy.com/pixel.gif?ch=124&cm=65416946501074486881869476194977929017&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=YjnrTI884vQlRsAa7ViNo8c7
Request Chain 726
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=65416946501074486881869476194977929017 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=66757?id=65416946501074486881869476194977929017&dpuuid=Ou6QJvtA
Request Chain 729
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=65416946501074486881869476194977929017?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=18e5d510535d83e400ed421cade1101f
Request Chain 733
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWpuclJ3QUFBRHBuUWdRTA==
Request Chain 734
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YjnrRwAAADpnQgQL&expires=90
Request Chain 736
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjnrRwAAADpnQgQL
Request Chain 737
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YjnrRwAAADpnQgQL
Request Chain 738
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YjnrRwAAADpnQgQL
Request Chain 740
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjnrRwAAADpnQgQL
Request Chain 741
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YjnrRwAAADpnQgQL&img=1
Request Chain 742
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YjnrRwAAADpnQgQL&t=2592000&o=0
Request Chain 748
  • https://pixel.onaudience.com/?partner=130&mapped=65416946501074486881869476194977929017&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m HTTP 302
  • https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
Request Chain 750
  • https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=65416946501074486881869476194977929017 HTTP 302
  • https://ib.mookie1.com/image.sbix?go=244346&pid=268&xid=65416946501074486881869476194977929017 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=285689&dpuuid=65416946501074486881869476194977929017&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D HTTP 302
  • https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=65416946501074486881869476194977929017 HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=65416946501074486881869476194977929017

762 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/ 		51 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.219.58 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-219-58.us-east-2.compute.amazonaws.com
Software
nginx/1.17.10 / PHP/7.3.33
Resource Hash
ca236f7d5fe2787b0e62488e7593881094efaf7c3b220621e7de82eb2141cd62
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.17.10
x-powered-by
PHP/7.3.33
link
<https://arstechnica.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
content-encoding
gzip
main-c3a3431538.css
cdn.arstechnica.net/wp-content/themes/ars/assets/css/ 		336 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
5c5dcbdd805b4603a4ac478d0e3966033767767309ac8eb2ddb6a1aea68ad2c7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
content-encoding
gzip
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fD.yyz1:co:1646256689:cacheE.yyz1-01:H
content-length
71971
x-cf-tsc
1646939488
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
W/"62222aa5-53f36"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
156078
accept-ranges
bytes
x-cf-rand
1.988
expires
Tue, 17 May 2022 15:29:08 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8305d86074fdee76ef38a7e264f3ac0bfab4051d8f13625b4bbd5396120b1fe1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Mar 2022 15:29:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
dVKVlVU+J+RB4CMcqf9NTw==
age
9931
vary
Accept-Encoding
content-length
6678
x-ms-lease-status
unlocked
last-modified
Mon, 21 Mar 2022 16:16:28 GMT
server
cloudflare
etag
0x8DA0B5627AA28F7
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
9c67e4d5-501e-0045-3141-3d0577000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6efff60d9e9dd157-BUF
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Mar 2022 15:29:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ERttG9+iQk1LCPjR495NRw==
age
64
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
caa94e35-f01e-0007-5450-282e63000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6efff60d9e9ed157-BUF
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99fb44926cfb6a14310349c6946fd5e706c5928930b568315756956b821885c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27975
x-xss-protection
0
server
sffe
etag
"1165 / 555 of 1000 / last-modified: 1647947494"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 22 Mar 2022 15:29:08 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
43935402f95c6e02452551eed170ad4ce21cd71f18dedc5efddd21ed1deca984

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 01:03:42 GMT
content-encoding
gzip
age
51925
x-cache
Hit from cloudfront
timing-allow-origin
*
server
Server
x-amz-rid
01A85C2QDQ7A3AHQ1HCW
etag
0e4876665018a306b1c42fb415cdf907
vary
Accept-Encoding
x-amz-version-id
UuYFL6_bKfCgf8RedP7ZN9_L0fyU1x_2
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
eYfK1qABs7KU7b6jfaaCGVFvbp6kOdc8EMICmpaBzUgIIziMzx8gJw==
prebid.min.js
cdn.arstechnica.net/cns/ 		273 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
f361e4e65a7a976138264bdc40a474a13f61406c5c304e5acd7ad087e487e0ef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
content-encoding
gzip
x-cf3
H
x-amz-request-id
61GX8881VCKYPF2C
x-cf1
14961:fD.yyz1:co:1525808045:cacheE.yyz1-01:H
x-cache-hits
1
content-length
82658
x-amz-id-2
sPNsxxUpgmbSCAB41WJgXTP80eJm8xDFm4soZocEzCgH+YPdF7fHZF9IsJkXuA69X1/t0K9vCkM=
x-cf-tsc
1647962603
cf4ttl
114.500
x-cf2
H
last-modified
Tue, 15 Mar 2022 15:28:59 GMT
server
CFS 0215
x-timer
S1647962584.125514,VS0,VE2
x-cff
B
etag
"479b257fb37233ab2e7f798ff861c4de"
x-served-by
cache-iad-kjyo7100042-IAD
vary
Accept-Encoding
x-amz-version-id
19R_43a_Jy0MB0e1bxTB8wr.aZLuQ7xW
access-control-allow-origin
*
cache-control
max-age=120
cf4age
25
accept-ranges
bytes
content-type
application/javascript
x-cf-rand
8.421
expires
Tue, 22 Mar 2022 15:31:08 GMT
183973-93942139695505.js
js-sec.indexww.com/ht/p/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:09 GMT
Content-Encoding
gzip
Last-Modified
Tue, 22 Mar 2022 15:10:18 GMT
Server
Apache
ETag
"9039c8-ada8-5dad002d30e7a"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2667
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
14812
Expires
Tue, 22 Mar 2022 16:13:36 GMT
moatheader.js
z.moatads.com/condenastprebidheader987326845656/ 		213 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
28e332b169942af1515d3eb1c40391556421cd1a8c56f07481e4d43a8c7a015e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 17:15:41 GMT
server
AmazonS3
x-amz-request-id
TWNYTQMM2HA0BDZ3
etag
"f5fe6918e03ccec082a97a5cd8890126"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=50474
accept-ranges
bytes
content-length
76039
x-amz-id-2
OXIRX9l6FgOlGuzXshP6YxbgxnJ6bJoddl0bu+OQ462ELBhVnp1mcGM1xSO61XdtuWsptGKTL6Q=
ars-technica.min.js
cdn.arstechnica.net/cns/ 		188 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1647962574
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
9d9c5a638d4f925cddf5ea53a4624552513d1054c033caa1c49715d1fe6e5a61

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
content-encoding
gzip
x-cf3
H
x-amz-request-id
61GRH94WD6MBRS7V
x-cf1
14961:fD.yyz1:co:1525808045:cacheE.yyz1-01:H
x-cache-hits
1
content-length
58783
x-amz-id-2
OGlZGe+1hZie0f4G1sf7oxTbCWoSXUTXYwyoP23VWO64j9qVMf0yrkTaGluEKRoWrZbhGXprBns=
x-served-by
cache-iad-kcgs7200120-IAD
cf4ttl
120.500
x-cf2
H
last-modified
Tue, 22 Mar 2022 11:46:11 GMT
server
CFS 0215
x-timer
S1647962577.622996,VS0,VE5
x-cff
B
etag
"60ca515cb0d718158aa301adc0c37233"
vary
Accept-Encoding
x-amz-version-id
orhATV6I35AYAfzFzr1ZM4ecvXuLjQcH
access-control-allow-origin
*
cache-control
max-age=120
cf4age
15
accept-ranges
bytes
content-type
application/javascript
x-cf-tsc
1647962591
expires
Tue, 22 Mar 2022 15:31:08 GMT
ars-84a4ab0802.ads.us.js
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/ars-84a4ab0802.ads.us.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
16708dda2536b4b3782313db4a6ec8456cd84da7ae0f56d7d2455e68fc9bc4f0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
content-encoding
gzip
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fD.yyz1:co:1525808045:cacheE.yyz1-01:H
content-length
1143
x-cf-tsc
1646939488
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
W/"62222aa5-bc0"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
156032
accept-ranges
bytes
expires
Tue, 17 May 2022 15:29:08 GMT
phishing-800x430.jpeg
cdn.arstechnica.net/wp-content/uploads/2022/03/ 		67 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2022/03/phishing-800x430.jpeg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
207299bf13a26f25403a2add8fd90c6bd1eac4deba70df233b1dd2ae8e4a01cd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
x-cf3
M
x-amz-request-id
JTD73ZK23A72JB4E
x-cf1
14961:fD.yyz1:co:1525808045:cacheE.yyz1-01:H
x-amz-replication-status
COMPLETED
content-length
69104
x-amz-id-2
BTZVzuaHKZnqZ1/ZdQVXnyoAHS5YndWimt49tVQfWGLLuvXDTKAiPRe1aL+2rxb4LdEmFBrnr3s=
x-cf-tsc
1647888475
cf4ttl
43200.000
x-cf2
H
last-modified
Mon, 21 Mar 2022 18:08:47 GMT
server
CFS 0215
x-cff
B
etag
"b58241e684af19b2b96e4e520aa73cb9"
x-amz-version-id
Q6E6qALhDF_CuidRc9By_SygTP3s98lu
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
content-type
image/jpeg
expires
Tue, 17 May 2022 15:29:08 GMT
canva-signin-options-640x393.jpg
cdn.arstechnica.net/wp-content/uploads/2022/03/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2022/03/canva-signin-options-640x393.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
8a0646b12ea59d7656a051907b017a14742cbdcadf125034714b1e22750a8f35

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
x-cf3
H
x-amz-request-id
NGGQNX49BEK82PG3
x-cf1
14961:fD.yyz1:co:1525808045:cacheE.yyz1-01:H
x-amz-replication-status
COMPLETED
content-length
35155
x-amz-id-2
daPuXVzOYfHPXh7pGvyaYcl87sHknaTn1eCmmUr4OwEy5J+aHr6cF21w1H33f+GySr2vE1MWglY=
x-cf-tsc
1647932344
cf4ttl
43200.000
x-cf2
H
last-modified
Mon, 21 Mar 2022 17:48:07 GMT
server
CFS 0215
x-cff
B
etag
"1011a6a46413a615fc554c364945d80a"
x-amz-version-id
rE6XsVGpf0e69iyVphbT0Z7AX1YqNeBW
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
43854
accept-ranges
bytes
content-type
image/jpeg
expires
Tue, 17 May 2022 15:29:08 GMT
canva-signin-with-google-640x397.jpg
cdn.arstechnica.net/wp-content/uploads/2022/03/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2022/03/canva-signin-with-google-640x397.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
ab02478ea267964e5a65448b48c29cdd2fd8a531e0c44b095d2bc80a4553ee88

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
x-cf3
H
x-amz-request-id
NGGMGDMYZZCEY64T
x-cf1
14961:fD.yyz1:co:1525808045:cacheA.yyz1-01:H
x-amz-replication-status
COMPLETED
content-length
34606
x-amz-id-2
O12fvLEFhKCodRCLnSH2exkiB0eXf9cdkr/NUyV+ooNSfiV8meKpMXXkd9OXtRzYNxFUH3EmW2E=
x-cf-tsc
1647932344
cf4ttl
43200.000
x-cf2
H
last-modified
Mon, 21 Mar 2022 17:48:36 GMT
server
CFS 0215
x-cff
B
etag
"7772d9d0c85683136b8bc6e15eb9de8a"
x-amz-version-id
jJY9aQvqAkMHM9ESjhDzumXP2obLxf9W
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
43854
accept-ranges
bytes
content-type
image/jpeg
x-cf-rand
1.751
expires
Tue, 17 May 2022 15:29:08 GMT
pay-with-paypal-640x833.jpg
cdn.arstechnica.net/wp-content/uploads/2022/03/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2022/03/pay-with-paypal-640x833.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
4110e794b9f0ef266dc7cd502267e9216e2f06d38ac922200e642eafd2668545

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
x-cf3
H
x-amz-request-id
NGGVFQRS8MXS59PV
x-cf1
14961:fD.yyz1:co:1525808045:cacheA.yyz1-01:H
x-amz-replication-status
COMPLETED
content-length
54085
x-amz-id-2
LCaNwrr097QUQkt4glhqT6KOhRy0sTK0zH8cIhaACufJ308PuUUShlKGVrZ/u8WzS2u1HFeH+sY=
x-cf-tsc
1647932344
cf4ttl
43200.000
x-cf2
H
last-modified
Mon, 21 Mar 2022 17:49:02 GMT
server
CFS 0215
x-cff
B
etag
"2c50e27017e0e188880c7c8d6fa9f934"
x-amz-version-id
jaNL5Kn1gcDssqkRb9YwfpO8GNT8H_Sl
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
43854
accept-ranges
bytes
content-type
image/jpeg
expires
Tue, 17 May 2022 15:29:08 GMT
browser-in-the-browser-demo.gif
cdn.arstechnica.net/wp-content/uploads/2022/03/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2022/03/browser-in-the-browser-demo.gif
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
48be07dfd1a666195c80c87418811f01201d31a9ebb9fc3cad125cda8d9772b4

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
x-cf3
M
x-amz-request-id
SYGYXSVWNTS8G0SA
x-cf1
14961:fD.yyz1:co:1525808045:cacheA.yyz1-01:H
x-amz-replication-status
COMPLETED
content-length
2188290
x-amz-id-2
03W568puSOV7yjOMFIhtHseOP/ofAnImq4UnVf5NqryXntwdvZ7fjLJvT49dUUn0UAM/3I4hpLg=
x-cf-tsc
1647933290
cf4ttl
43200.000
x-cf2
H
last-modified
Mon, 21 Mar 2022 17:50:58 GMT
server
CFS 0215
x-cff
B
etag
"c2b899d2175d71fb45e3f86a8ba80644"
x-amz-version-id
vwH_m86amIZemQ8e4pBZQYC1s_u_78Hq
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
content-type
image/gif
expires
Tue, 17 May 2022 15:29:08 GMT
steam-bitb-phish-640x273.jpg
cdn.arstechnica.net/wp-content/uploads/2022/03/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2022/03/steam-bitb-phish-640x273.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
31ec7d46cee916a8505844cc58cc3b037b78a47e01f6271be3054c75509da27b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
x-cf3
H
x-amz-request-id
NGGN9V5RDSVEX5P7
x-cf1
14961:fD.yyz1:co:1525808045:cacheE.yyz1-01:H
x-amz-replication-status
COMPLETED
content-length
31306
x-amz-id-2
8PTGJQotDRLwSJnCVWGGmmEBvkE4X7C6SVkkaJB4AzwGXE3ivJb/gLB5Bf7Ktp5R2Zx2KsL0ac0=
x-cf-tsc
1647932344
cf4ttl
43200.000
x-cf2
H
last-modified
Mon, 21 Mar 2022 18:00:02 GMT
server
CFS 0215
x-cff
B
etag
"8af094784606dc6905177b7ebab2e538"
x-amz-version-id
RIchG7z1uo2QWZmIzS_jsa3I6_ob0AeQ
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
43854
accept-ranges
bytes
content-type
image/jpeg
expires
Tue, 17 May 2022 15:29:08 GMT
outbrain.js
widgets.outbrain.com/ 		197 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.69.76 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
70826f84a0322d5b7899932c0ab411af722cb426d6eb456840149ade7140312b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 15:00:54 GMT
etag
"15-Q17oiXPTOWNIFQwNZmHwWCBVg/U"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
7da2a153228879bef5aa134ca7236c9b
timing-allow-origin
*, *
content-length
69512
main-7329c51a38.js
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 		650 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-7329c51a38.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
d574ea3f744818bf42eb39c6ae49bebf0b7134e722d9dd9c3a2c500b79672cd9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
content-encoding
gzip
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fD.yyz1:co:1646256670:cacheA.yyz1-01:H
content-length
216091
x-cf-tsc
1646939488
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
W/"62222aa5-a29cb"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
301327
accept-ranges
bytes
expires
Tue, 17 May 2022 15:29:08 GMT
arstechnica.js
player.cnevids.com/interlude/ 		107 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/interlude/arstechnica.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-56.ewr53.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
361b138d5ee8745e6d460be4dbb1c94e4bd4071bd5d224efdf11fab3ba11beaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:28:19 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Age
50
X-Cache
Hit from cloudfront
Status
200 OK
Connection
keep-alive
Content-Length
26910
X-XSS-Protection
1; mode=block
X-Request-Id
3c366ed4-70a3-4100-b91d-f5c429f8f5e8
X-Runtime
0.012320
X-Backend-Node
10.110.76.29
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
ETag
W/"f1429226e251666b6ddc64806711ec1e"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 fd6ee8ff46440f33e22da71450793e70.cloudfront.net (CloudFront)
Cache-Control
max-age=0, private, must-revalidate
X-Amz-Cf-Pop
EWR53-C1
X-Amz-Cf-Id
Uy62wI6v72UWbNXib77zh9C8nrxcjb01G8JfaMPPC7i03mb4ETwZTA==
conde-asa-polar-master.js
cdn.mediavoice.com/nativeads/script/condenastcorporate/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-ray
6efff60f0902d15b-BUF
cf-ipcountry
US
content-length
2018
via
1.1 varnish
last-modified
Tue, 22 Mar 2022 12:34:08 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
1019695171
x-country
US
cache-control
max-age=21600
accept-ranges
bytes
content-type
text/javascript
100098X1555750.skimlinks.js
s.skimresources.com/js/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/100098X1555750.skimlinks.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efc6b995a3b037727a4c8e7fe1756c192099f9658c4091ee55c61d3ba85e3920

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 10:52:15 GMT
server
AmazonS3
x-amz-request-id
3FHZMFMF4274Z4D8
etag
"cd1919c614b1a51b072d5182dda15928"
x-hw
1647962948.cds003.tr2.hn,1647962948.cds011.tr2.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
13792
x-amz-id-2
Ybq+g1C8Qb0ISGBz1lFqNziKYtRes+R8ZIjHSxXElmxeZIWyPEkzrN9IEI/WEuga33xComjYJDg=
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D05) /
Resource Hash
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:09 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
1007
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29178
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:46:17 GMT
Server
ECS (nyb/1D05)
Etag
"f7f936f48944db7f829585c4368f33ae+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
gtm.js
www.googletagmanager.com/ 		450 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f083f996f1669df92ddb29cbd4772a8f37f57a03ebbedf8fc98bcc77cbe91de5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124116
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Mar 2022 15:29:09 GMT
b10882a1-8446-4e7d-bfb2-ce2c770ad910.json
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/b10882a1-8446-4e7d-bfb2-ce2c770ad910.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1feafaa9eaf1db06371a7897b4563c43a30d6b0de9912310c0b5bc5c4c1a593f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Mar 2022 15:29:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
eUiaCaYyNGwv0JTfrZWTrA==
vary
Accept-Encoding
content-length
1518
x-ms-lease-status
unlocked
last-modified
Fri, 04 Mar 2022 19:16:05 GMT
server
cloudflare
etag
0x8D9FE136E05F48A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1efa63bb-b01e-0083-5cfc-2f784b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6efff60e7f9ad157-BUF
expires
Tue, 22 Mar 2022 19:29:08 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		166 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1e0384ee1851cd8d984d13169d84e99706bf852fd4786735f50310e4d0aaa5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6efff60f1ac7d153-BUF
condenast-amp
segment-data.zqtk.net/ 		294 B
549 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://segment-data.zqtk.net/condenast-amp?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1647962574
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.255.124 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-233-255-124.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1c5af3858adba05625b6151d8453d7fd80856cac193a614d0421e3f953237499

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:08 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
max-age=105675
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 23 Mar 2022 20:50:24 GMT
ads.js
arstechnica.com/hotzones/src/ 		0
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://arstechnica.com/hotzones/src/ads.js
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1647962574
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.219.58 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-219-58.us-east-2.compute.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Mar 2022 15:01:00 GMT
server
nginx/1.17.10
etag
"622229ac-0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		357 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
economica-bold-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-bold-otf-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fC.yyz1:co:1525808045:cacheE.yyz1-01:H
content-length
25592
x-cf-tsc
1646939489
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-63f8"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
523875
accept-ranges
bytes
expires
Tue, 17 May 2022 15:29:08 GMT
economica-regular-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-regular-otf-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fC.yyz1:co:1525808045:cacheA.yyz1-01:H
content-length
24264
x-cf-tsc
1646939489
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-5ec8"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
523919
accept-ranges
bytes
expires
Tue, 17 May 2022 15:29:08 GMT
truncated
/ 		279 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		400 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		700 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
bitter-italic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-italic-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fC.yyz1:co:1525808045:cacheA.yyz1-01:H
content-length
24212
x-cf-tsc
1646939489
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-5e94"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
156054
accept-ranges
bytes
x-cf-rand
6.679
expires
Tue, 17 May 2022 15:29:08 GMT
bitter-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-regular-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fC.yyz1:co:1525808045:cacheA.yyz1-01:H
content-length
22872
x-cf-tsc
1646939489
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-5958"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
375650
accept-ranges
bytes
x-cf-rand
3.796
expires
Tue, 17 May 2022 15:29:08 GMT
opensans-semibold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibold-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fC.yyz1:co:1525808045:cacheE.yyz1-01:H
content-length
18972
x-cf-tsc
1646939502
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-4a1c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
380950
accept-ranges
bytes
expires
Tue, 17 May 2022 15:29:08 GMT
opensans-semibolditalic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibolditalic-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fC.yyz1:co:1525808045:cacheA.yyz1-01:H
content-length
20872
x-cf-tsc
1646939502
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-5188"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
523859
accept-ranges
bytes
expires
Tue, 17 May 2022 15:29:08 GMT
opensans-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-regular-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fC.yyz1:co:1525808045:cacheA.yyz1-01:H
content-length
18824
x-cf-tsc
1646939486
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-4988"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
375648
accept-ranges
bytes
x-cf-rand
6.958
expires
Tue, 17 May 2022 15:29:08 GMT
opensans-italic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-italic-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
c46974d8f6030e4888708b18a5d9a32b25eb765a5708896e1899df449d87aab7

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:08 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fC.yyz1:co:1525808045:cacheA.yyz1-01:H
content-length
20748
x-cf-tsc
1646939489
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-510c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
467142
accept-ranges
bytes
expires
Tue, 17 May 2022 15:29:08 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		157 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f05698200dfffa9a5a6c26b895ee141e438f5b6ebd132b5388329a47397b1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6efff60f9b36d153-BUF
access-control-allow-headers
Content-Type
ntS7WHaznjI
www.youtube.com/embed/ Frame 8853 		60 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e63be51821eaa46045883265953a319988d8695814e1f433a659b672a19fe9ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

content-type
text/html; charset=utf-8
x-content-type-options
nosniff
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 22 Mar 2022 15:29:09 GMT
strict-transport-security
max-age=31536000
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to
{"group":"ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_XZXH6CdbrmjUzyTbVgxu22C8KYH7NsxKbRt94"}]}
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding
br
server
ESF
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
video_groups
api.cnevids.com/v1/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cnevids.com/v1/video_groups?filters={%22channel_key%22:%22arstechnica%22}&pagesize=20&endpoint=oo.arstechnica
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-7329c51a38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.211.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-211-32.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
cb52c9b5c6b4f30eb9580d4414ecd97d408ffb0579fc9792f379da7e9e43221c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/*
Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Status
200 OK
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
658
X-XSS-Protection
1; mode=block
X-Request-Id
add37820-9100-4d24-8350-19a246626e84
X-Runtime
0.002608
X-Backend-Node
10.110.127.157
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
X-Frame-Options
SAMEORIGIN
ETag
W/"302fee8662aae0857b8b78b7f86c0110"
X-Download-Options
noopen
Vary
Accept-Encoding, Origin
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
memo.js
cdn.memo.co/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.memo.co/js/memo.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-77.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3557e85820c5b6af8b1f10bbd07b503a8460232b8a7ba5d678c1b379b2dfb764

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
z9ABgFrjA._E2hI2fCDz0BILPiEANCh8
content-encoding
gzip
etag
W/"50238783324da6c24e044ccb9261f8e3"
last-modified
Wed, 06 May 2020 13:05:27 GMT
server
AmazonS3
x-amz-cf-pop
EWR53-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 285f391916b519587cefa0e29513e1ec.cloudfront.net (CloudFront)
cache-control
no-cache
date
Tue, 22 Mar 2022 15:29:10 GMT
x-amz-cf-id
stxtQfTLOK0V9rCYj6mRVEvAUqR41erbXVvLdF5qu70ZtCtc0Ti6Dw==
ars-technica.config.js
pixel.condenastdigital.com/config/v2/production/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.condenastdigital.com/config/v2/production/ars-technica.config.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86b1750ac3fa82df8295e51912887cc0f10833802b17dc1f76a31293f7ecf049

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:09 GMT
Content-Encoding
gzip
Age
322286
X-Cache
HIT, HIT, HIT
Connection
keep-alive
Content-Length
1280
x-amz-id-2
rqNN71fM9rNeCIAfUcVOdQPsV46N0ZZHXiA+i3xINWwfo8BaF/oNWQox5IO14VDhdnx42NqTrCE=
X-Served-By
cache-bwi5181-BWI, cache-iad-kcgs7200083-IAD, cache-ewr18156-EWR
Access-Control-Allow-Origin
*
Last-Modified
Wed, 20 Oct 2021 17:32:47 GMT
Server
AmazonS3
X-Timer
S1647962949.177007,VS0,VE0
ETag
"eb5a28e1cf7fe168b5057e3c330a277e"
Vary
Accept-Encoding
x-amz-request-id
ZBK2RTVHEENMYM36
Via
1.1 varnish, 1.1 varnish, 1.1 varnish
Expires
Thu, 18 Nov 2021 21:26:02 GMT
Cache-Control
no-cache, public, max-age=604800
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
1, 14, 462
blockquote-afedeab761.svg
cdn.arstechnica.net/wp-content/themes/ars/assets/img/ 		419 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/blockquote-afedeab761.svg
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
8edcf5bd609aef18638950de010699cd2765ef88aba3d019feb51a4271807662

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fD.yyz1:co:1525808045:cacheB.yyz1-01:H
content-length
419
x-cf-tsc
1647935169
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-1a3"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
1467921
accept-ranges
bytes
expires
Tue, 17 May 2022 15:29:09 GMT
truncated
/ 		841 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
Dang.jpg
cdn.arstechnica.net/wp-content/uploads/2018/10/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2018/10/Dang.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
x-cf3
M
x-amz-request-id
NY756PA5A6TA34FZ
x-cf1
14961:fD.yyz1:co:1525808045:cacheE.yyz1-01:H
content-length
92486
x-amz-id-2
nv/LEVXtsVmy9GJhPxFTKMlEXtadb+PoPOqxNKgvKXKcia/8WXmH7ZwRtrWP8WqWaABR+BttECc=
x-cf-tsc
1647937898
cf4ttl
43200.000
x-cf2
H
last-modified
Sat, 21 Dec 2019 01:48:48 GMT
server
CFS 0215
x-cff
B
etag
"03e5fec9e7ca5f8064d945bd791bd4c3"
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
1154480
accept-ranges
bytes
content-type
image/jpeg
x-cf-rand
5.068
expires
Tue, 17 May 2022 15:29:09 GMT
channel-ars-be7bb52ba9.png
cdn.arstechnica.net/wp-content/themes/ars/assets/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/channel-ars-be7bb52ba9.png
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fD.yyz1:co:1525808045:cacheA.yyz1-01:H
content-length
4809
x-cf-tsc
1646939501
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-12c9"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
380762
accept-ranges
bytes
x-cf-rand
2.941
expires
Tue, 17 May 2022 15:29:09 GMT
truncated
/ 		18 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
bitter-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-bold-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fC.yyz1:co:1525808045:cacheA.yyz1-01:H
content-length
22104
x-cf-tsc
1646939502
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-5658"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
523859
accept-ranges
bytes
expires
Tue, 17 May 2022 15:29:09 GMT
opensans-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-bold-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fC.yyz1:co:1525808045:cacheA.yyz1-01:H
content-length
19516
x-cf-tsc
1646939502
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-4c3c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
523992
accept-ranges
bytes
expires
Tue, 17 May 2022 15:29:09 GMT
/
r.skimresources.com/api/ 		150 B
341 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
0e8f883120821d38cd98ebbd41bf2f1f480bfad72dda5beaa07c2404b26ebec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://arstechnica.com
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
robots.txt
t.skimresources.com/api/v2/ Frame 22F2 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.4300934210075016
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=8.156478252468665
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=8.156478252468665
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.23.0/ 		312 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Mar 2022 15:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
joMckLq8BtEunD8NH/4XVA==
vary
Accept-Encoding
content-length
76366
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:11:58 GMT
server
cloudflare
etag
0x8D96DBF6CBEE741
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
77d0d0b1-c01e-0062-1d97-2e9f3e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6efff610996fd157-BUF
5b27ee7e8c1abc4e7900000f
api.cnevids.com/v1/video_groups/ 		104 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cnevids.com/v1/video_groups/5b27ee7e8c1abc4e7900000f?endpoint=oo.arstechnica
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-7329c51a38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.211.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-211-32.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
6ea921a03b41e41e09625aae3b262b6475bf7b881c2f1582bfb7d694fead1936
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/*
Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Status
200 OK
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
17001
X-XSS-Protection
1; mode=block
X-Request-Id
58f689da-2c95-42ab-89fa-44c831b07f04
X-Runtime
0.005192
X-Backend-Node
10.110.27.37
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
X-Frame-Options
SAMEORIGIN
ETag
W/"e74419d7d2f92796f4144c0e8dc8f10f"
X-Download-Options
noopen
Vary
Accept-Encoding, Origin
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
config
c.amazon-adsystem.com/cdn/prod/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3035&u=https%3A%2F%2Farstechnica.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 12:54:38 GMT
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
server
Server
age
9271
x-cache
Hit from cloudfront
access-control-allow-origin
https://arstechnica.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
g23Xr4_-LxikPCZCIBtzObBJUnrQCqu8AgWMkqgHGc8RiIhmrdWi1Q==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 02:24:11 GMT
via
1.1 977bceb85b0d96fff42219b533149c4c.cloudfront.net (CloudFront)
vary
Accept-Encoding,Origin
age
47099
x-cache
Hit from cloudfront
content-length
6482
last-modified
Thu, 17 Mar 2022 02:21:48 GMT
server
AmazonS3
etag
"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
khsXo6Z3HSo5bHNWbmb1eMp88IHhxPc.
access-control-allow-origin
*
cache-control
public, max-age=86400
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
vBndpKQgX-EpvWDHD7Jw3y0GF7IKxsCSIRVslrsiTdY9paeabLyyJA==
pubads_impl_2022031601.js
securepubads.g.doubleclick.net/gpt/ 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
sffe /
Resource Hash
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:28:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126823
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 22 Mar 2023 15:28:04 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		154 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=arstechnica.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
9325e7ffee12aa958b1d3fa602493849cd5d088b0543960badbedb73a1c89640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108
x-xss-protection
0
expires
Tue, 22 Mar 2022 15:29:09 GMT
YXJzdGVjaG5pY2EuY29t
tcheck.outbrainimg.com/tcheck/check/ 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/YXJzdGVjaG5pY2EuY29t
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.196.181.192 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-181-192.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:09 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=40067
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
3a042dc760355c363a00682ebb231a26
Content-Length
16
Expires
Wed, 23 Mar 2022 02:36:56 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=6.191669890986253
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.69.76 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Thu, 21 Apr 2022 15:29:09 GMT
/
id.sv.rkdms.com/identity/ 		66 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=CONDENAST&sv_domain=arstechnica.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.24.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-24-252.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
c60967dbe32c86d524205902b7e9f3685390d14e8f5058e118b77defcc0a6483

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://arstechnica.com
date
Tue, 22 Mar 2022 15:29:09 GMT
access-control-allow-credentials
true
server
nginx/1.20.2
content-length
66
vary
Origin
content-type
application/json
widget_iframe.a58e82e150afc25eb5372dd55a98b778.html
platform.twitter.com/widgets/ Frame 58B0 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Farstechnica.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D20) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
579216
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Mar 2022 15:29:09 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 16 Feb 2022 18:36:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D20)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
plugin.js
plugin.mediavoice.com/ 		367 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.mediavoice.com/plugin.js
Requested by
Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79976aaa95264ee9d558115794253d31d5b0039a0b6c6214f27188f69af0fbd6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
content-encoding
gzip
cf-cache-status
HIT
access-control-allow-origin
*
content-type
application/javascript
content-length
139683
timing-allow-origin
*
last-modified
Thu, 24 Feb 2022 16:49:25 GMT
server
cloudflare
etag
W/"6217b715-5bd46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-varnish
2254068395 2254004182
via
1.1 varnish
cache-control
max-age=43200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6efff611bbbad15b-BUF
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Tue, 22 Mar 2022 21:49:18 GMT
condenastcorporate
polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/ 		208 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/condenastcorporate
Requested by
Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4032 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dc40a5096530714279199bd98ffbe44f3108bf9dd183ec74d85f69705d86e25

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:09 GMT
content-encoding
gzip
server
cloudflare
etag
W/"f3cb63b5151ee861d177a2136e7d9989"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Country, CF-Ray
cache-control
max-age=3600
x-country
US
cf-ray
6efff611db06d15f-BUF
v2
mb.moatads.com/yi/ 		358 B
533 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pcode=condenastprebidheader987326845656&rx=134794783198&callback=MoatNadoAllJsonpRequest_57336892
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.143.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-143-196.compute-1.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
caea4e756c22ba0cce91e5f837ad86d7711258268004f7638877a2d3eae5434f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"e2f3d7246493724717bc788e2774aaad1a0f3c89"
content-length
358
content-type
text/html; charset=UTF-8
recommendations
api.condenast.io/v1/ 		16 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.condenast.io/v1/recommendations?applicationID=cne-interlude-arstechnica&brand=arstechnica&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&filter%5Bstrategy%5D=POPULAR&filter%5BcontentType%5D=CNEVIDEO&filter%5Blanguage%5D=en-US&page%5Bsize%5D=5
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/interlude/arstechnica.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
f5927303a36e95318f327a42fb9c64be3d93cb3833fde9642e4d333d655ef79f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:09 GMT
content-encoding
gzip
X-Backend
2SrKDXXFWNz87LdtRpzPzK--F_api_us_east_1_condenast_io
access-control-allow-origin
https://arstechnica.com
transfer-encoding
chunked
X-Cache
MISS
Connection
keep-alive
X-Served-By
cache-ewr18171-EWR
Server
nginx/1.15.8
X-Timer
S1647962950.515588,VS0,VE38
Vary
origin,accept-encoding, Accept-Encoding, Origin
Content-Type
application/json;charset=utf-8
Via
1.1 varnish
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
private, max-age=0
access-control-allow-credentials
true
Accept-Ranges
bytes
X-Cache-Hits
0
www-player.css
www.youtube.com/s/player/293baa5d/ Frame 8853 		338 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/293baa5d/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2476db472bf1df970adab62d57f3a0b552319b91459a39a728b10130ed10c817
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 14:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
89438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47168
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 00:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 21 Mar 2023 14:38:31 GMT
www-embed-player.js
www.youtube.com/s/player/293baa5d/www-embed-player.vflset/ Frame 8853 		280 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/293baa5d/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
492224013d17408b4a5b6d50d78522d194c31f80ee8488407a3a37d66093ce53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 14:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
88858
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88229
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 00:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 21 Mar 2023 14:48:11 GMT
base.js
www.youtube.com/s/player/293baa5d/player_ias.vflset/en_US/ Frame 8853 		2 MB
524 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/293baa5d/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eee0f492605d1aa4640594f1de0a26e880c9ebc6ee795b21be80f95fbc60dbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 14:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
89438
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
535818
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 00:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 21 Mar 2023 14:38:31 GMT
fetch-polyfill.js
www.youtube.com/s/player/293baa5d/fetch-polyfill.vflset/ Frame 8853 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/293baa5d/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 14:48:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
88858
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 00:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 21 Mar 2023 14:48:11 GMT
60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady63855589
player.cnevids.com/script/video/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady63855589
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-7329c51a38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-56.ewr53.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
a3ef2d596e4a421cff31af19575909b29aa4737d7b260828aee1908ad257a0c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Amz-Cf-Pop
EWR53-C1
X-Cache
Miss from cloudfront
Status
200 OK
Connection
keep-alive
Content-Length
21576
X-XSS-Protection
1; mode=block
X-Request-Id
9592f243-a453-47ba-916d-5be29c86ef8b
X-Runtime
0.005005
X-Backend-Node
10.110.120.129
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
ETag
W/"ad021ea4d954e5369f28d29f4cef4437"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 fd6ee8ff46440f33e22da71450793e70.cloudfront.net (CloudFront)
Cache-Control
max-age=0, private, must-revalidate
X-Amz-Cf-Id
xsnxNFi45fGF0zISAhnSgLDS3ua4hRTe1OoX7XNVdPPy5TmpCAdFcA==
arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1621877260/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
0396be2ab58ec30babd0838d7e37d6407475d4361be85ee7451dbac9186add57
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 1391cb3b815aa63859ec0cff5767737c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
175
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:26:24 GMT
Server-Timing
fastly;dur=2;cpu=0;start=2022-03-11T08:08:02.591Z;desc=hit,rtt;dur=3
Content-Length
11625
Last-Modified
Thu, 20 Jan 2022 21:51:37 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"0b80752552abdab1277829e7a4b2824a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
rIGiW9GIb3mFaQmK8CShEfo9CrTzYXilrO2QKEe1KCzdZ4svl5vkPQ==
arstechnica_unsolved-mysteries-unsolved-mysteries-of-the-warhammer-40k-universe-answered-by-author-dan-abnett.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1620135390/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1620135390/arstechnica_unsolved-mysteries-unsolved-mysteries-of-the-warhammer-40k-universe-answered-by-author-dan-abnett.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
a2bd43c80adc73ae26472a90ec3bd9df44a5b7d2dafb133b8660efd800c719b1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 bc5fa17d3a05da358cc5e2a45aac35c8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
175
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:26:24 GMT
Server-Timing
fastly;dur=2;cpu=0;start=2022-03-18T14:28:08.377Z;desc=hit,rtt;dur=1
Content-Length
14620
Last-Modified
Thu, 20 Jan 2022 21:51:38 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"7996e22c04be37a8677bb680607e6d12"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
o_f4_4f1VsevXglbqHiQJiJ5ZSCil9QMpqAEvZIPjwlXp7rJj8oEYQ==
arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1619531614/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1619531614/arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
85c33811c2b04e4e02babe2fd6bd7ac0035f93e95827116429bbda2cf9c6c95d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Feb 2022 08:26:22 GMT
Via
1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
2530966
X-Cache
Hit from cloudfront
Server-Timing
fastly;dur=1;cpu=0;start=2022-02-21T08:26:22.695Z;desc=hit,rtt;dur=1
Connection
keep-alive
Content-Length
5242
X-Request-Id
e74c86fa13592f608dd4e6384c2245e0
Last-Modified
Thu, 20 Jan 2022 21:49:06 GMT
Server
Cloudinary
ETag
"cfdeb1a825aca3ca1bf9ab3727325d27"
Strict-Transport-Security
max-age=604800
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control
public, no-transform, immutable, max-age=2592000
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
wHy1Ppc_6-hgQgFjzBKhVnVkzU0QfohcDMENz6dQT695If0FwJj9bA==
arstechnica_sitrep-boeing-707.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1615574323/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1615574323/arstechnica_sitrep-boeing-707.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
571479d52cd675db5573fe46973c62cba6d8224a76136fcefeb90f7dc42a6391
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Feb 2022 23:17:01 GMT
Via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
2477528
X-Cache
Hit from cloudfront
Server-Timing
fastly;dur=1;cpu=0;start=2022-02-21T23:17:01.796Z;desc=hit,rtt;dur=1
Content-Length
11899
Last-Modified
Thu, 20 Jan 2022 21:49:06 GMT
Server
Cloudinary
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"49fd6cf75b5acbe4ea95126496406585"
Strict-Transport-Security
max-age=604800
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
1Y6q7qpnYaNE9oBI83H0pCLp6arTYxKKa89qZ_3RoQAXi4dLX-T67Q==
arstechnica_steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1611089409/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1611089409/arstechnica_steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
06b33c040105224101afcdaacd82b6dfb3ea1bf9ef3d7478cf5fa163a0ad65e0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
152
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:26:46 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-17T12:48:58.681Z;desc=hit,rtt;dur=1
Content-Length
16317
Last-Modified
Thu, 20 Jan 2022 21:49:06 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"4796345150de82db7572da4e13d5fbc1"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
u4mTe7oaJOJasXveoq1CXqVu9-oXiBP-DKmCECTpQBpMopFZce2ulw==
arstechnica_modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1607984287/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1607984287/arstechnica_modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
de5e37739b5797e8ba9dba4a2dcb65f37c36a65fe839cb306162e21c74ba166e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
185
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:26:24 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-17T12:11:56.589Z;desc=hit,rtt;dur=5
Content-Length
14171
Last-Modified
Thu, 20 Jan 2022 21:51:37 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"7f2bf661d68cedfcf91542c6e1dab7c6"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
AX_vlt4AkQPUjXDMO1xkoJgnVUQ9hDOxg7_ySnzcpqsyGGQxzCNmHg==
arstechnica_war-stories-gail-tilden.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603899385/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603899385/arstechnica_war-stories-gail-tilden.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
7d91c04c657709af03f6dad61d375c3208d18ab5ff7851c2472007dc05201342
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
133
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:15 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-17T13:07:09.805Z;desc=hit,rtt;dur=1
Content-Length
15071
Last-Modified
Thu, 20 Jan 2022 21:51:38 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"1f4aa6187c59e6ed79d0c3a2a0bc19d9"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
kb8MbFLO4cfLusfE4HrLx7O6vPWeyxNnYERz_aewAKR_NdE1rcjSAA==
arstechnica_personal-history-scott-manley.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603123470/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603123470/arstechnica_personal-history-scott-manley.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
1f466b08649eef5ad16c20f6d7207bf8818cb107b6241950dbc568cdffc03d63
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Feb 2022 04:00:36 GMT
Via
1.1 bc5fa17d3a05da358cc5e2a45aac35c8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
2460513
X-Cache
Hit from cloudfront
Server-Timing
fastly;dur=2;cpu=0;start=2022-02-22T04:00:36.230Z;desc=hit,rtt;dur=1
Connection
keep-alive
Content-Length
14113
X-Request-Id
4b3d9d33245e846ef559042acf0fadbb
Last-Modified
Thu, 20 Jan 2022 21:49:06 GMT
Server
Cloudinary
ETag
"963bf0b22c745f95a06f32ee1317b872"
Strict-Transport-Security
max-age=604800
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control
public, no-transform, immutable, max-age=2592000
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
v1LHEt-QtfWFI0eDof4DK9HWX04gdUsGliOwEK1Zdp0a6rFf-ZNGhQ==
arstechnica_scare-tactics-thomas-grip.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1602524702/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1602524702/arstechnica_scare-tactics-thomas-grip.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
617e0f9fee7ef0ca891735246b4b5a61caa3622db4a4256685b061c9f43bd053
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
133
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:15 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-18T14:28:08.392Z;desc=hit,rtt;dur=3
Content-Length
15079
Last-Modified
Thu, 20 Jan 2022 21:51:38 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"d57f99149a48173e30de572cfa48ed93"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
m5cPDO_ci3raQj9Br2uCDVvpg43VyZmAe8vsNbiVsc0HRjFxMjuRtg==
arstechnica_personal-history-lgr.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1600711530/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1600711530/arstechnica_personal-history-lgr.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
29637e0647104ccc5d5583e652db29ce99e947c858c3d9502960e7ea7f1aea19
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 1391cb3b815aa63859ec0cff5767737c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
152
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:26:46 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-18T06:20:33.546Z;desc=hit,rtt;dur=2
Content-Length
14772
Last-Modified
Thu, 20 Jan 2022 21:49:06 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"4049b10cd3281951b01beb4f36134234"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
U2p6YErht0gFJfTEbQCcMBcVOsB4ffjr6UaNdkyOsr00C24_jiy93A==
arstechnica_the-f-35-s-next-tech-upgrade.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1598890591/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1598890591/arstechnica_the-f-35-s-next-tech-upgrade.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
3b0209841325362235c221628e471145726897e4e1c9b210b6e6b2217fdf2ee8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Feb 2022 00:23:12 GMT
Via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
2559957
X-Cache
Hit from cloudfront
Server-Timing
fastly;dur=2;cpu=0;start=2022-02-21T00:23:12.578Z;desc=hit,rtt;dur=1
Content-Length
3374
Last-Modified
Thu, 20 Jan 2022 21:49:06 GMT
Server
Cloudinary
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"3f16924a1fdff64e971a0491115fc147"
Strict-Transport-Security
max-age=604800
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
RjMuTdqZNt9XsqLhy8G1km2ocv_jVAM-vQToZVCKZDBKZQmbPEZiAg==
arstechnica_war-stories-diablo.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1597686086/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1597686086/arstechnica_war-stories-diablo.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
aa3b9513abbbf65a2c8483122648fce1b39b1afa2a69bdf863242f1411baba58
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
115
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:15 GMT
Server-Timing
fastly;dur=19;cpu=0;start=2022-03-17T13:07:10.028Z;desc=hit,rtt;dur=1
Content-Length
14667
Last-Modified
Thu, 20 Jan 2022 21:51:39 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"d4de63ae8b9ef5b77ad58eaae97d7d02"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
xUPtLXx_bjH7WVVkiJPRqYtYNTkz6i48rimhLTvn4ANdFzxrclo5wA==
arstechnica_unsolved-mysteries-unsolved-mysteries-mortal-kombat.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1596476950/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1596476950/arstechnica_unsolved-mysteries-unsolved-mysteries-mortal-kombat.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
0b5c6a8d4a856db56da956eced8af9a5eb6e0a89dc67de5ffc4c83513472a3cc
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 bc5fa17d3a05da358cc5e2a45aac35c8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
133
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:15 GMT
Server-Timing
fastly;dur=6;cpu=0;start=2022-03-18T07:09:41.226Z;desc=hit,rtt;dur=1
Content-Length
11486
Last-Modified
Thu, 20 Jan 2022 21:51:38 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"7a8a596aae95c9a900261808554523e6"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
D6HzoMVk8eGOExUc6_kCsI_LwmnsUIiwsA6BJk6TqWqOgnKhhtwLNg==
arstechnica_us-navy-gets-an-italian-accent.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1595427354/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1595427354/arstechnica_us-navy-gets-an-italian-accent.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
85db95dbe15c810a710ca6d9094a2a29f2eeea05791cc7aaab7af8939684b978
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Feb 2022 22:28:09 GMT
Via
1.1 b35f01abdb74e50c7c770d66cb11b73a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
2480460
X-Cache
Hit from cloudfront
Server-Timing
fastly;dur=1;cpu=0;start=2022-02-21T22:28:09.606Z;desc=hit,rtt;dur=1
Content-Length
6124
Last-Modified
Thu, 20 Jan 2022 21:51:46 GMT
Server
Cloudinary
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"51113bf4443c0cf453d0e8bf60489ac7"
Strict-Transport-Security
max-age=604800
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
wNh2jXJ3iutWvrQoIOgTa17rCmZbtqN3KcuVwCyHDE2jDS18s4TVxw==
arstechnica_war-stories-war-stories-undone-w-slash-hisko-hulsing.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1594656439/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1594656439/arstechnica_war-stories-war-stories-undone-w-slash-hisko-hulsing.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
e74b9cb9d8871d300d2a1d36ce2cd00dfbfe0c5d8066d1d415c4ce620a919d47
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 1391cb3b815aa63859ec0cff5767737c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
125
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:32 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-18T06:59:57.714Z;desc=hit,rtt;dur=0
Content-Length
10345
Last-Modified
Thu, 20 Jan 2022 21:52:15 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"60622b64688dbb49917234d4091856fb"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
yEH9O2PVP8ambglhUasxtkIgZr3IIO-pO8ZLzJrcX9T97BfUwWOl5Q==
arstechnica_fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1593453234/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1593453234/arstechnica_fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
9431bc6d1a6d036a70c92dfc9000d7965f939671a59705bdd01c3e652048ed9a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 21 Feb 2022 02:13:12 GMT
Via
1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
2553357
X-Cache
Hit from cloudfront
Server-Timing
fastly;dur=1;cpu=0;start=2022-02-21T02:13:12.383Z;desc=hit,rtt;dur=1
Content-Length
15307
Last-Modified
Thu, 20 Jan 2022 21:49:07 GMT
Server
Cloudinary
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"324e15e8b7d3edd23ffbf5df0a1a9e77"
Strict-Transport-Security
max-age=604800
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
JNKoEg9C-RfZ73aC0aBM5uSUdhwgtgov5LJcKmyDPsbnKF2Df_DaXA==
arstechnica_war-stories-war-stories-nba-jam.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1592315288/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1592315288/arstechnica_war-stories-war-stories-nba-jam.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
5be5b0170ad4bbd2be91182d137933e7de9c7e86b09ec855a4bac015ebfd746f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
139
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:15 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-17T12:11:56.744Z;desc=hit,rtt;dur=1
Content-Length
14149
Last-Modified
Thu, 20 Jan 2022 21:51:39 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"bd63326fa81d10df9e2da1245d3c122c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
Gkszp13yWgiQMu0MkYeQjtqXfX9nYHPivtNljHmbvO88tGe7h4spOw==
arstechnica_linus-tech-tips-reacts-to-his-top-1000-youtube-comments.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1591804041/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1591804041/arstechnica_linus-tech-tips-reacts-to-his-top-1000-youtube-comments.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
e8830a414dfeb4c0e0f519d3419f69849df9226f329357c938333dbf2c956f63
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
283
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:24:30 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-11T10:56:02.713Z;desc=hit,rtt;dur=4
Content-Length
9054
Last-Modified
Thu, 20 Jan 2022 21:49:07 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"b17d3aab70cb56fbf2df892c8415ab16"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
yQsOjbyC4_hqxr6Lpk7hOE4HOkVN9ZCazaoLDq2xOb40Vqv_d41O3w==
arstechnica_war-stories-how-alan-wake-was-rebuilt-3-years-into-development.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1589408118/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1589408118/arstechnica_war-stories-how-alan-wake-was-rebuilt-3-years-into-development.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
3f2cf5f857c617761a251ceef8f6ed452a7690e21f16eff0a70dddf9beea8633
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 bc5fa17d3a05da358cc5e2a45aac35c8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
155
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:15 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-19T05:33:29.854Z;desc=hit,rtt;dur=1
Content-Length
10817
Last-Modified
Thu, 20 Jan 2022 21:51:39 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"9417ada34c9b6b07ccd41a463b717969"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
d2lZ7BchRdeZ8eWeJGCxvdpsrzZzedkTRtmgZBORQrtX_tbfFb9YAQ==
arstechnica_war-stories-prince-of-persia.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1584454477/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1584454477/arstechnica_war-stories-prince-of-persia.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
56f8838a24cb0cc47dc34a19d6b84d6ce8bf8086b1682bbb990abc13b1e2da65
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 1391cb3b815aa63859ec0cff5767737c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
155
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:15 GMT
Server-Timing
fastly;dur=0;start=2022-03-19T06:54:25.987Z;desc=hit,rtt;dur=6
Content-Length
15682
Last-Modified
Thu, 20 Jan 2022 21:51:39 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"e9cccef2a4a4cf217be0ba162f6b4296"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
iK3uVD6dH-J7yl_zUSRGXPB874v4vVij_MQbyFh7qHwAiEXZESEdIQ==
arstechnica_war-stories-how-crash-bandicoot-hacked-the-playstation-to-run.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582755533/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582755533/arstechnica_war-stories-how-crash-bandicoot-hacked-the-playstation-to-run.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
46a9ddb1f206a46900872e0a832750ae06925528f81883a3d3517fdb42aefb6d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
155
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:15 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-17T13:07:11.049Z;desc=hit,rtt;dur=1
Content-Length
17475
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"7588b83c6eb2a1165344abad7e12e715"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
WNvZXJ-jptdwEV6YluymXfbu9Lm3ERLrnun-4S7ZqNP-tbGErL1H7g==
arstechnica_war-stories-myst.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1580223113/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1580223113/arstechnica_war-stories-myst.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
1bf55bc00dbf13180884211c3d301729e67b81f3456225c1fbf97d271d636509
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b35f01abdb74e50c7c770d66cb11b73a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
155
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:15 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-17T12:11:56.885Z;desc=hit,rtt;dur=1
Content-Length
13522
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"ed8c6a9aa19e7d5c7aa46a3aead23a87"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
VWGrhQGy0xHunUmETHr7JlCTjlwGnqKMx3rMgwzLJZ4GmKaeMQ-m1Q==
arstechnica_markiplier-reacts-to-his-top-1000-youtube-comments.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1579194313/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1579194313/arstechnica_markiplier-reacts-to-his-top-1000-youtube-comments.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
e336ff50623cff960c2396944be4392139f63dcc032e5f3428d81489fdfe697a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
155
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:16 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-11T16:06:37.492Z;desc=hit,rtt;dur=1
Content-Length
8832
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"2bad386c14ac040d530ceb2ae89c8bbb"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
fBsD1jsvX896x6VczyfjL1OIfbryH-VKSK0f25ZwIjjRiCjCsRfTOw==
arstechnica_war-stories-war-stories-oddworld.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582815531/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582815531/arstechnica_war-stories-war-stories-oddworld.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
1097abb6f0992cccc79428374463e7f23b99dae5eb85d7317b20bd57c96031bb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
155
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:16 GMT
Server-Timing
fastly;dur=5;cpu=0;start=2022-03-18T06:26:23.943Z;desc=hit,rtt;dur=1
Content-Length
12614
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"4a7903cbe66890b5688d843661943ccd"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
cdfMIAEyhgh4rwj0xaMuf6nh4wpIuKdAtWHTzJoETUFHhiImyQZO7g==
arstechnica_unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1573140819/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1573140819/arstechnica_unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
de24551bd4396fc8579b2d87ce01944553dd48fb52775d14373725a50efa0c37
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 bc5fa17d3a05da358cc5e2a45aac35c8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
93
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:55 GMT
Server-Timing
fastly;dur=7;cpu=0;start=2022-03-19T08:26:42.677Z;desc=hit,rtt;dur=2
Content-Length
11417
Last-Modified
Thu, 20 Jan 2022 21:52:15 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"3e8509d06c6610d54babcac0d91e5d93"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
OLVo7QloizvBGd_oJdTs4NeS_ZIUCY_gUdUfXeoZeeAsBSUJ2k_6NA==
arstechnica_war-stories-civilization.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1569003425/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1569003425/arstechnica_war-stories-civilization.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
1c7dcc8216c6f82da2998ceeac2523632c7f9bffe510824b6d082621201f2012
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 1391cb3b815aa63859ec0cff5767737c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
157
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:16 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-19T06:27:29.129Z;desc=hit,rtt;dur=1
Content-Length
16236
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"72002610618f7bf8bf0e52c760e39897"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
HtN6XCHQl0RhDchJ09f7bbp6AlCTKpBSgPjmgFb8U9dcVbVcb1gNHw==
arstechnica_sitrep-dod-resets-ballistic-missile-interceptor-program.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1568662260/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1568662260/arstechnica_sitrep-dod-resets-ballistic-missile-interceptor-program.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
7fc88c65d46e83b3f3e9f098f05fd639480332fc3718cd714725e2e4633af4e8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Feb 2022 05:01:51 GMT
Via
1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
2456838
X-Cache
Hit from cloudfront
Server-Timing
fastly;dur=2;cpu=1;start=2022-02-22T05:01:51.366Z;desc=hit,rtt;dur=2
Content-Length
10793
Last-Modified
Thu, 20 Jan 2022 21:51:46 GMT
Server
Cloudinary
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"0e1ff58ccf6d97759de3d774a7ff835a"
Strict-Transport-Security
max-age=604800
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
tI47zi60FGzqyHyUJI5MD_vEX0lqSgh60cVOvdQEvMB6k8SnI1ynpA==
arstechnica_warframe-reviews.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1561556730/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1561556730/arstechnica_warframe-reviews.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
83a366075eb2387c6d9f848f42b08df0546027333eccf5813edf95ba45709be2
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
155
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:16 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-18T07:40:33.850Z;desc=hit,rtt;dur=2
Content-Length
14837
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"1d90d6aef7585f963e1270a1a02a4dd4"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
gKff6rSPRdBChi-x7eU8HTYweWCxeKvOggmiaJu8UVfgBuvTk-u_Ng==
arstechnica_war-stories-subnautica.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559747425/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559747425/arstechnica_war-stories-subnautica.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
20660a9ef7ec454c15b2dc62b3db084e0cc9f74c5bb6de71a96fb1a54aef00f8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
155
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:16 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-11T07:44:32.141Z;desc=hit,rtt;dur=5
Content-Length
15222
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"8c45b6c645caba59f4b14d3fbdc09062"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
a4GXypK1hOsJuysxsI5hBoOj_QIPIeV4XDZ6BPOKqZunXo1vA_JcFw==
arstechnica_war-stories-slay-the-spire-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556741487/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556741487/arstechnica_war-stories-slay-the-spire-war-stories.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
f9d9e96c4439beeca49a1a10f9dffe6f5cd0b604d13aa13af170d0bc62d8ca1b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 bc5fa17d3a05da358cc5e2a45aac35c8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
155
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:16 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-17T12:11:57.042Z;desc=hit,rtt;dur=1
Content-Length
15634
Last-Modified
Thu, 20 Jan 2022 21:51:41 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"abee90e53f29ba0127fca9442ab50902"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
tKq16yggYjeOTle-byxRBMi57x2hR5umWzRMhxoHMbb8H5rc3km0sg==
arstechnica_war-stories-amnesia-the-dark-descent-the-horror-facade.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1555359865/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1555359865/arstechnica_war-stories-amnesia-the-dark-descent-the-horror-facade.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
1defb6bc54a7ee9c066136908360e8455c23ee9ad0dec9924e7255d7948cd4be
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
157
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:16 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-17T13:07:12.440Z;desc=hit,rtt;dur=8
Content-Length
15251
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"3e7cdc13e718680bf5e1efa64468b560"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
Bovu0_Exr_ZdSHPHzHyfWQsLZYUh-kIm2zAfRX-fmLfr0iRmy7wURw==
arstechnica_war-stories-c-and-c-tiberian-sun.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/arstechnica_war-stories-c-and-c-tiberian-sun.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 1391cb3b815aa63859ec0cff5767737c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
155
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:16 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-11T07:11:00.603Z;desc=hit,rtt;dur=5
Content-Length
19022
Last-Modified
Thu, 20 Jan 2022 21:51:41 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"fe52b9acd391d8bee8de15a0f429b377"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
2s80OEooWBdkLY2uB0SxtVDvT1btMNz-wOL_7Z4Mkcqfbl2zbhLLOw==
arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b35f01abdb74e50c7c770d66cb11b73a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
210
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:25:42 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-18T06:43:57.703Z;desc=hit,rtt;dur=0
Content-Length
18172
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"32f1b8954559c8d598e9861f5b8360b9"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
x8zvd48XIoWPDaLFzj1nkmwMxS1ZPUnE8UNLBxJNkqM4PcYDjlZmTw==
arstechnica_war-stories-dead-space-the-drag-tentacle.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/arstechnica_war-stories-dead-space-the-drag-tentacle.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Feb 2022 02:09:43 GMT
Via
1.1 e757cbc96b92081ef389914316ecb50c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
2467166
X-Cache
Hit from cloudfront
Server-Timing
fastly;dur=2;cpu=0;start=2022-02-22T02:09:43.959Z;desc=hit,rtt;dur=7
Content-Length
7393
Last-Modified
Thu, 20 Jan 2022 21:51:41 GMT
Server
Cloudinary
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"17a6e4b5eb75eb12f5d8c89eb3d0ace8"
Strict-Transport-Security
max-age=604800
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
19wAfF9CzW2QyEsAlnsawfuxpExnZVoqgddgNATel-HyDLZgGoe_Iw==
arstechnica_teach-the-controversy-flat-earthers.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/arstechnica_teach-the-controversy-flat-earthers.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
242
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:25:23 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-17T14:10:50.051Z;desc=hit,rtt;dur=1
Content-Length
10595
Last-Modified
Thu, 20 Jan 2022 21:52:14 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"6c0c4f8a9d61ed2b5863a8058c624a37"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
gZJtI6QpEDH7WGtrfAUVkPQZH6a6dbYHQDlE_WrTqlOLY3i402w5kA==
arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b2406c07406aaa3fa3e9edc1125ffcf8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
195
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:25:56 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-17T14:10:50.085Z;desc=hit,rtt;dur=1
Content-Length
12509
Last-Modified
Thu, 20 Jan 2022 21:52:14 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"b9c502ffc902b60d0eb13698b37a945d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
O3G3lZjuiCY4AKFV56rfGz_z6UTNvJ2wnu2Q0pkHyWLr9hg0ccr6Og==
arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Feb 2022 07:28:24 GMT
Via
1.1 bc5fa17d3a05da358cc5e2a45aac35c8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
2448045
X-Cache
Hit from cloudfront
Server-Timing
fastly;dur=2;cpu=0;start=2022-02-22T07:28:24.739Z;desc=hit,rtt;dur=6
Content-Length
7181
Last-Modified
Thu, 20 Jan 2022 21:52:14 GMT
Server
Cloudinary
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"0549828edcecd339d8d10ebe6119de70"
Strict-Transport-Security
max-age=604800
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
CfNKw0uKhyhi8rWUeXQK994343YnRpiUHnNL1mthaSOQzMSDCuzzsg==
arstechnica_apollo-mission-episode-1.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/arstechnica_apollo-mission-episode-1.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 1391cb3b815aa63859ec0cff5767737c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
112
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:27:32 GMT
Server-Timing
fastly;dur=0;start=2022-03-19T09:22:34.209Z;desc=hit,rtt;dur=5
Content-Length
14040
Last-Modified
Thu, 20 Jan 2022 21:52:14 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"ecc047c6eed3dc571a78eab647201220"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
r9FBc4PKpMu4dfUcyIE5mzYkO9telhamyMG69iH6GRfuc5Uo6qljUg==
arstechnica_richard-garriot-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/arstechnica_richard-garriot-war-stories.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b107b2437bbcbc926a3b733dc72fd52a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
299
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:24:19 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-19T15:34:57.681Z;desc=hit,rtt;dur=1
Content-Length
13885
Last-Modified
Thu, 20 Jan 2022 21:51:41 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"13d45a1733ad4d2f3ae707584d6a8a32"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
w-XBJhTHBZtNTZ73rfsj7eWcGwcwQgplPRcsXwWyCr7b8gFep-CRpg==
truncated
/ 		408 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
sparrow.min.js
pixel.condenastdigital.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.condenastdigital.com/sparrow.min.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cff3ff7513a42187f914df965c0006c8756f549dc13ffb64540767042902a748

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:09 GMT
Content-Encoding
gzip
Age
469135
X-Cache
HIT, HIT, HIT
Connection
keep-alive
Content-Length
13370
x-amz-id-2
9IE1XFLhUZqEbeKFiVGbH05pLDORsexvRApvw0DmjWLw20Y6Lome+ghxYd+FNTqFRmH8nOGUZNg=
X-Served-By
cache-bwi5122-BWI, cache-iad-kiad7000148-IAD, cache-ewr18156-EWR
Access-Control-Allow-Origin
*
Last-Modified
Mon, 18 Oct 2021 11:33:31 GMT
Server
AmazonS3
X-Timer
S1647962950.566603,VS0,VE0
ETag
"e6b88c6f7c41eb887a206c62c62867a9"
Vary
Accept-Encoding
x-amz-request-id
EBEXQT0GEV9FPCDC
Via
1.1 varnish, 1.1 varnish, 1.1 varnish
Expires
Thu, 18 Nov 2021 11:29:56 GMT
Cache-Control
no-cache, public, max-age=604800
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
1, 17, 85680
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8853 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 11:41:34 GMT
x-content-type-options
nosniff
age
13655
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 22 Mar 2023 11:41:34 GMT
page
t.skimresources.com/api/v2/ 		22 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:09 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
n
elsa.memoinsights.com/ 		375 B
954 B 		Script
General
Check archive.org
Download Go to
Full URL
https://elsa.memoinsights.com/n?pid=62012a7a19351c07620394e0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&author%5B%5D=Dan%20Goodin&title=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users&date=2022-03-21T18%3A47%3A05Z&referrer=&ref_url=&page_url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&cb=MEMO.API.callbacks.cbjcfxrmp&v=v3.0.5
Requested by
Host: cdn.memo.co
URL: https://cdn.memo.co/js/memo.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.142.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-142-9.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
5a0de354b6dce6d594f490a1f11bf5aeddd0b79780f141cac81bcb7912449cf1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
content-encoding
gzip
server
istio-envoy
content-type
application/javascript
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
256
x-request-id
89059142a9f9c5e6c95c248531323d7e
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
2713
date
Tue, 22 Mar 2022 14:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 22 Mar 2022 16:43:56 GMT
v2
z-na.associates-amazon.com/onetag/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.102.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-102-45.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
7475f5c70d3b6020b6f4621b2e69fba3360bea00a913e60b085af165b93842ec

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 01:02:43 GMT
content-encoding
gzip
accept-charset
UTF-8
server
Server
age
51986
x-amz-rid
DKWYN9Z50HQ2VGKGZM3S
vary
accept-encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
permissions-policy
interest-cohort=()
x-amz-cf-pop
EWR53-C3
x-amz-cf-id
LJG7lH2rKUgOnI8LegtKz3TOwUeTx1t2xDuXv_Y7kjZbQZzLnU-S2g==
via
1.1 3f6eb9ff07d4d2f572d4e8e6fb935a36.cloudfront.net (CloudFront)
en.json
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/51981cec-32b8-4f64-b081-4fffb4af3c86/ 		108 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/51981cec-32b8-4f64-b081-4fffb4af3c86/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35aa6009a5e9c65ecc00c19fa23c0556808d65876fead02712c88a1d27f14c0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Mar 2022 15:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
phMtcfZy+aGbXLJiH2KU8g==
vary
Accept-Encoding
content-length
20862
x-ms-lease-status
unlocked
last-modified
Fri, 04 Mar 2022 19:16:22 GMT
server
cloudflare
etag
0x8D9FE137856FC41
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
032a032b-101e-012b-74fc-2fea0b000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6efff613ecd8d157-BUF
expires
Tue, 22 Mar 2022 19:29:09 GMT
headerstats
as-sec.casalemedia.com/ 		0
427 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=383250&u=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:09 GMT
X-AK-INITIAL-GEO
CC:[US], RC:[IL], CN:[NA], CIP:[96.9.249.44], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://arstechnica.com
X-CS-CLIENT-GEO
31
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
31
Expires
Tue, 22 Mar 2022 15:29:09 GMT
settings
syndication.twitter.com/ Frame 58B0 		294 B
468 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=7e3baa24cf9b9970a323e301bc772a4d6eee8c05
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Farstechnica.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
2221b570f47d77db7465b55907eddc1295c1a78ce43d36d2e6db2089140b6669
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
7
date
Tue, 22 Mar 2022 15:29:09 GMT
content-encoding
gzip
last-modified
Tue, 22 Mar 2022 15:29:09 GMT
server
tsa_b
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
d6fd66f1a492b8b0328d7fe808a6d4e088acfe8e9b6a25704dd601562f018c63
content-length
187
get
odb.outbrain.com/utils/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&srcUrl=http%3A%2F%2Ffeeds.arstechnica.com%2Farstechnica%2Findex%2F&idx=0&rand=74283&key=NANOWDGT01&widgetJSId=AR_14&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=190&py=9093&vpd=7893&activeTab=true&darkMode=false&settings=true&recs=true&version=2000642&sig=RWqzaBNb&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1---&ccpaStat=1&ogn=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
44e6e446b0a9cedfa57f468b85238b9f00f558808f7f945919bce762b99ed46a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
traffic-path
SADC1, WDC, USA_CENTRAL
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-cache-hits
0
x-traceid
d25ff3d31ff8b1d8a7e08b2a6442d18a
content-length
14686
x-served-by
cache-wdc5531-WDC
pragma
no-cache
x-timer
S1647962950.866589,VS0,VE338
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
infinityid.condenastdigital.com/ 		36 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://infinityid.condenastdigital.com/?rand=1647962949887
Requested by
Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.213.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-213-144-100.compute-1.amazonaws.com
Software
nginx/1.15.8 /
Resource Hash
084171392a949375d4bdfcc454ca4be284f581528613e5f9df6a523ab1b3cb44

Request headers

Accept
text/plain
Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
Server
nginx/1.15.8
vary
origin,accept-encoding
Content-Type
text/plain; charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
Connection
keep-alive
transfer-encoding
chunked
expires
0
content
4d.condenastdigital.com/ 		322 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4d.condenastdigital.com/content?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F
Requested by
Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-238-15.compute-1.amazonaws.com
Software
/
Resource Hash
fb61f126d2ec956839488827305b92350ebbe1f1aff9c971b6144faf755f7088

Request headers

Accept
text/plain
Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
transfer-encoding
chunked
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
Connection
keep-alive
embed-api.json
player.cnevids.com/ 		11 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/embed-api.json?videoId=60abade4dc31e5375248cba6&embedLocation=arstechnica
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady63855589
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-56.ewr53.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
6fce0dbbc989e2f852d8045ea7aaa7db852aab75caef08e0cac9bf3205dff02f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:25:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Age
241
X-Cache
Hit from cloudfront
Status
200 OK
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
3681
X-XSS-Protection
1; mode=block
X-Request-Id
239db014-5220-4bdc-90d3-cb2835f19b76
X-Runtime
0.021349
X-Backend-Node
10.110.76.29
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
ETag
W/"fd5efcafa4796337c837c0732955c999"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control
max-age=300, public
X-Amz-Cf-Pop
EWR53-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
gWAdB3VROoFVQva1Z5pWJyAIC6oRh5Qcrkc7eHtu2SdfvWambAiNHA==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 4AA5 		371 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady63855589
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad98ad9971cb4a2f1d506dd85fd8bd6cf1f4962c93d8f9103e2f2b9da8b5a408
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126251
x-xss-protection
0
expires
Tue, 22 Mar 2022 15:29:09 GMT
gpt_proxy.js
imasdk.googleapis.com/js/sdkloader/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady63855589
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21b3ed85c9ad38d83cd2fecfaa17d4f6c645314585aa8cfc27f32e411b6e9ca3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:26:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30344
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 17:21:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Tue, 22 Mar 2022 15:41:37 GMT
player-style-23abc7943337ba1e9747.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame 4AA5 		88 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/player-style-23abc7943337ba1e9747.css
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady63855589
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-144.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed5a952026b3c54b85fb53b4a1e373c8aff2c0e6d7296aeccd59b97c4e3bd846

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 14:06:31 GMT
Content-Encoding
gzip
Age
436959
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
12708
Last-Modified
Wed, 16 Mar 2022 22:01:11 GMT
Server
AmazonS3
ETag
"d51b45ea4334b3c0a842815eb6abc8b3"
x-amz-version-id
1MaROMoT.TPNaodCm7Eko5gPmEjxUX7h
Via
1.1 2435a43ad9e6173e7352a49a09dd01b0.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Content-Type
text/css; charset=utf-8
X-Amz-Cf-Id
WA3LO8vDR3yxjkJXIcTa1iNWQWKuhc2BjfUp4A05ZB-XOc16tsx8VA==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
main-a65f5f6768f05f759345.js
d2c8v52ll5s99u.cloudfront.net/player/ Frame 4AA5 		820 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady63855589
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-144.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d42ba629a2a59bea0220491a8b229d37f69f34b95645bdd00df5116b0456a7dc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 14:06:31 GMT
Content-Encoding
gzip
Age
436959
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
228582
Last-Modified
Wed, 16 Mar 2022 22:01:11 GMT
Server
AmazonS3
ETag
"ffbb1d82a131e170fb0ec4fa7f5eb7bb"
x-amz-version-id
i12oCPCcCI1n8rB3hCdIo5mNRo5OwhiZ
Via
1.1 345e58b151dd5a8ce47c17921388574a.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
nUPtfE6op4rjSRAD7N0uj7a96W2gfYOeYgaoF4S5_e9knSeSR4PG0g==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-22T15%3A29%3A09.926Z&_t=pubadsReady&cBr=Ars%20Technica&cKe=browser%20in%20the%20browser%7COAuth%7Cphishing%7Cscams&cCh=information%20technology&cTi=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=1325&cId=1842550&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pWw=1600&pWh=1200&pPw=1600&pPh=9800&pSw=1600&pSh=1200&uID=793acb54-8a60-48cc-91e9-0be61845aed6&uNw=1&uUq=1&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&uDt=desktop&dim1=%7B%22channel%22%3A%22information-technology%22%2C%22platform%22%3A%22wordpress%22%2C%22template%22%3A%22article%22%2C%22viewport%22%3A%22desktop%22%2C%22pageContext%22%3A%7B%22contentType%22%3A%22article%22%2C%22templateType%22%3A%22article%22%2C%22channel%22%3A%22information-technology%22%2C%22slug%22%3A%22behold-a-password-phishing-site-that-can-trick-even-savvy-users%22%2C%22server%22%3A%22production%22%2C%22keywords%22%3A%7B%22tags%22%3A%5B%22browser-in-the-browser%22%2C%22oauth%22%2C%22phishing%22%2C%22scams%22%5D%2C%22cm%22%3A%5B%5D%2C%22platform%22%3A%5B%22wordpress%22%5D%2C%22copilotid%22%3A%22%22%7D%7D%2C%22version%22%3A%226.56.9%22%7D&_o=ars-technica&_c=ad_metrics&environment=prod&origin=ars-technica
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:10 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		561 B
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=110291666100365&correlator=2555186838940338&hxva=1&scor=105439497024334&eid=44752585%2C31065656&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&us_privacy=1---&iu_parts=3379%2Cconde.ars%2Cinterstitial%2Cinformation-technology%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&adks=2746652139&sfv=1-0-38&ecs=20220322&ists=1&fsapi=false&prev_scp=pos%3Dinterstitial%26ctx_slot_type%3Dout_of_page%26ctx_slot_rn%3D0%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Dout_of_page_0%26slot_name%3Dinterstitial_1&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.9%26ctx_page_slug%3Dbehold-a-password-phishing-site-that-can-trick-even-savvy-users%26cnt_tags%3Dbrowser-in-the-browser%252Coauth%252Cphishing%252Cscams%26cnt_platform%3Dwordpress%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D13%26usr_bkt_pv%3D1%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D121100%252C131100%252C131135%252C300003%252C210000%252C240000%252C240002%252C240003%252C240004%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240017%252C240015%252C240016%252C240018%252C240019%252Cqx7745%252Cmiovit%252Cap05we%252C65f9pd%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_sid%3Dc6e234da-e66f-4616-8ecf-67f29b24d5cb%26vnd_4d_pid%3Deae3ccff-0843-45ac-8cff-0eff3278f998%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D&sc=1&cookie_enabled=1&abxe=1&dt=1647962949988&lmt=1647962949&dlt=1647962948672&idt=1245&biw=1600&bih=1200&adxs=0&adys=0&oid=2&ucis=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=1679509180.1647962950&ga_sid=1647962950&ga_hid=593358754&ga_fc=false&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
589c712d7b907e04091742bd2693558a4d4c7f1242c44e86d2cb120ce4733562
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
271
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1E07 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 22 Mar 2022 15:29:10 GMT
expires
Wed, 22 Mar 2023 15:29:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
id
googleads.g.doubleclick.net/pagead/ Frame 8853
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
Protocol
H3
Server
2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5ac0a25f564c900dd08e75387d380313ab30b3dcc5de1b1ca3def04799b2bcb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 22 Mar 2022 15:29:10 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 8853 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/293baa5d/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:17:06 GMT
x-content-type-options
nosniff
age
724
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 15:32:06 GMT
60abade4dc31e5375248cba6.js
player.cnevids.com/script/video/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_b0ed5a6f-d8a5-4f14-a6b5-421a821e65c7_text2vec1_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/interlude/arstechnica.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-56.ewr53.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
a3ef2d596e4a421cff31af19575909b29aa4737d7b260828aee1908ad257a0c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:07 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Age
3
X-Cache
Hit from cloudfront
Status
200 OK
Connection
keep-alive
Content-Length
21576
X-XSS-Protection
1; mode=block
X-Request-Id
8859a5ba-5891-4202-93cc-2cc9e98e1c9f
X-Runtime
0.007746
X-Backend-Node
10.110.30.80
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
ETag
W/"e28563b81aafd8542d54d8ddd6470f14"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 fd6ee8ff46440f33e22da71450793e70.cloudfront.net (CloudFront)
Cache-Control
max-age=0, private, must-revalidate
X-Amz-Cf-Pop
EWR53-C1
X-Amz-Cf-Id
D1_yRNHA6qzy0amVtRzpcoDCn_totPe8rW4D-MixLLYj0PbIaYhUtQ==
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Origin
https://www.youtube.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.youtube.com
vary
origin referer x-origin
access-control-allow-credentials
true
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-max-age
3600
date
Tue, 22 Mar 2022 15:29:10 GMT
content-type
text/html
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8853 		45 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/293baa5d/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
792fb52d8c1252f530303e595491d84e11b979630ad00e000924e326795bf664
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
22206
x-xss-protection
0
remote.js
www.youtube.com/s/player/293baa5d/player_ias.vflset/en_US/ Frame 8853 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/293baa5d/player_ias.vflset/en_US/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/293baa5d/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffb2f622f9247cb84acdccc2a89a9e2f74e3d183aad3484589d8a0ffaddc35b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 14:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
89439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37797
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 00:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 21 Mar 2023 14:38:31 GMT
bkinGJw7CuACkYKadGmfj0dQGKfhUQj59ovkW6bR-6o.js
www.google.com/js/th/ Frame 8853 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/bkinGJw7CuACkYKadGmfj0dQGKfhUQj59ovkW6bR-6o.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/293baa5d/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e48a7189c3b0ae00291829a74699f8f475018a7e15108f9f68be45ba6d1fbaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:03:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
55530
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13793
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Mar 2023 00:03:40 GMT
embed.js
www.youtube.com/s/player/293baa5d/player_ias.vflset/en_US/ Frame 8853 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/293baa5d/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/293baa5d/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7c6c412ed461120e368f1ae82a9576a01b37bf5da8cd65949974bec66f444d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 14:48:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
88858
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8063
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 00:15:15 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 21 Mar 2023 14:48:12 GMT
truncated
/ Frame 8853 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
AKedOLQOMs9z6ib9TViV8Sjc6nyHwn3Ds9TsPmc4Pl2I=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 8853 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AKedOLQOMs9z6ib9TViV8Sjc6nyHwn3Ds9TsPmc4Pl2I=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
caf71c4b20c2974a558237d448519dc53f5faf447af1c055f86effc4c5a07203
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 11:31:07 GMT
x-content-type-options
nosniff
age
14283
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2562
x-xss-protection
0
server
fife
etag
"v1f"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 13 Nov 2021 06:35:18 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/ntS7WHaznjI/ Frame 8853 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/ntS7WHaznjI/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2016 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efccafbe21debef975f722e55c576a5ca89d67f343d24567e208df6143ffd4ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:25:20 GMT
x-content-type-options
nosniff
age
230
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26050
x-xss-protection
0
server
sffe
etag
"1647641804"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 22 Mar 2022 17:25:20 GMT
infinityid
arstechnica.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://arstechnica.com/infinityid
Requested by
Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.23.219.58 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-23-219-58.us-east-2.compute.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
18794d2ef2e62636a8d7cea1ce420a572c82e448ab1e4a0a9b817013e99e25f4

Request headers

Accept
text/plain
Referer
https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
server
nginx/1.17.10
etag
W/"5f51280a-dd3"
content-type
text/html
user
4d.condenastdigital.com/ 		67 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4d.condenastdigital.com/user?xid=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35
Requested by
Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-238-15.compute-1.amazonaws.com
Software
/
Resource Hash
2048b4bd507a51eb73e80d1b7eecde9dc84d36bf9f6e394c6ce4079ebb95950a

Request headers

Accept
text/plain
Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
transfer-encoding
chunked
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
Connection
keep-alive
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-22T15%3A29%3A10.318Z&_t=renderEnded&cBr=Ars%20Technica&cKe=browser%20in%20the%20browser%7COAuth%7Cphishing%7Cscams&cCh=information%20technology&cTi=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=1325&cId=1842550&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pWw=1600&pWh=1200&pPw=1600&pPh=9800&pSw=1600&pSh=1200&uID=793acb54-8a60-48cc-91e9-0be61845aed6&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&uDt=desktop&dim1=%7B%22channel%22%3A%22information-technology%22%2C%22platform%22%3A%22wordpress%22%2C%22template%22%3A%22article%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Atrue%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22interstitial%22%2C%22size%22%3A%22%22%7D&_o=ars-technica&_c=ad_metrics&environment=prod&origin=ars-technica
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:10 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
id
dpm.demdex.net/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F7093025512D2B690A490D44%40AdobeOrg&d_nsid=0&ts=1647962950402
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
c5715caa0a3f5073843724c9ccd1dbbd869a3531e660f852537a7b7e2899e3d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-va6-1-v030-063981345.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
CuIaD4RhQUw=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
2195
Expires
Thu, 01 Jan 1970 00:00:00 UTC
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:1d2b:ecd5:fcc0:2c58 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Tue, 29 Mar 2022 15:29:10 GMT
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
last-modified
Fri, 18 Mar 2022 17:32:47 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000035-IAD
spm.v1.min.js
ak.sail-horizon.com/spm/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-50.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:27:13 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 04:22:34 GMT
server
AmazonS3
age
117
etag
W/"b22b4f4738e8722be1636447be239da2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a171b1283e1187a443aee626cb753630.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
fLLIVOVQsJ5HJMVFebS58ljIX1KigbNLDjWNjcmUJhpoD_ydw54OPA==
i.js
tag.bounceexchange.com/2806/ 		263 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/2806/i.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
30bb8ba72aa0d150fb6b35a08c33514bdbe7a1f50c519337a3c105c36f831f21

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:28:33 GMT
content-encoding
gzip
server
istio-envoy
age
37
etag
26df4be734a5e8
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
via
1.1 google
cache-control
public,max-age=60
x-envoy-upstream-service-time
21
x-region
us-central1
timing-allow-origin
*
alt-svc
clear
content-length
115464
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect
PageName=undefined,SiteID=Ars%20Technica,CampaignID=1802C,Channel=website,CreativeID=information%20technology,Placement=undefined
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MjE1L3QvMA/kv/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MjE1L3QvMA/kv/PageName=undefined,SiteID=Ars%20Technica,CampaignID=1802C,Channel=website,CreativeID=information%20technology,Placement=undefined
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
57
a.ad.gt/api/v1/u/matches/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/57
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.71.86.183 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-71-86-183.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8e94e13ad10fa95b0ed2a469a007a5f791f47a3d4a02e41cc2a7f5411e38e66e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
server
nginx/1.18.0
content-length
3363
content-type
application/javascript
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82d1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 18 Mar 2022 23:45:34 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=81688
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3104
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26320
x-xss-protection
0
pragma
public
x-fb-debug
9PSkT0RxocNJe1c40/TF/NSqTW0rLJhRY7s49CgGgHoD9NwbxG6ckhwSHhiYSmLrvEdc8fyJTRbwCViXGhMd5g==
x-fb-trip-id
2050670934
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 22 Mar 2022 15:29:10 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-1632543.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1632543.js?sv=6
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-48.ewr50.r.cloudfront.net
Software
/
Resource Hash
c50eda4f287a72269433f0ec80a2b0c2cdf4cd6c476314e6478d0470cc0e32ee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:28:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
37
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1914
access-control-allow-origin
*
x-cache-hit
1
etag
W/5b12f5f6109d60383e2df973f154af17
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 94ac78512342d473815908b66b16cd7c.cloudfront.net (CloudFront)
cache-control
max-age=60
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
B8bfEnEsEl7LqHjM0MuJVk5YJTttCZAgMcfD55xJ-_SfwNBnPwEvfg==
events.js
analytics.tiktok.com/i18n/pixel/ 		136 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1IQID9FKFK1PHD4UBH0&lib=ttq
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.238.120 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-238-120.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
4cc197290ecff661a1d3cc1e88cbf497ff7d88b3a0463731cfecc7a16d88da87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
2022032215291001011300620925549930
vary
Accept-Encoding
x-cache
TCP_MISS from a23-33-238-116.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,23.33.238.116
x-tt-trace-host
01fb071011a8ae45895a951b39c344d012ba6ba3e7b1ca7bf10eab9d82e4b670be00d9283030630d20c286a60c0e57dba86b192551a9dd7e5c061ed4726a9d6a5cbb736cc6a35ffee89af34f8795c04dca4002cb2947d34634256f2e80ab5f919f
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=11
x-akamai-request-id
173b7b98
expires
Tue, 22 Mar 2022 15:29:10 GMT
condenast_eujdmc753_arstechnica.js
cdn-magiclinks.trackonomics.net/client/static/v2/ 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/condenast_eujdmc753_arstechnica.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:5800:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
f3e8f1f5163b712a260f0211d88ccb0973003057ea14c3c18997c3a5d8259e0b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:28:37 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 11:40:45 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
age
54033
etag
W/"17c2f-5d6f35f2cec9d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
mCYOxyPwdHW4RXyKD66ocdYe7J8ObQ1-9A1wufR-59ZHqzyln0Pj6A==
via
1.1 7608da25eb5aed0ce7cca5fc0587c650.cloudfront.net (CloudFront)
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ye6OeZcNyuFoWog7CYs00A==
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:12:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
f8bd018e-801e-012e-61e8-2c1e74000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6efff61839e6d157-BUF
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035094&ns__t=1647962950412&ns_c=UTF-8&c8=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users%20%7C%20Ars%20Technica&c7...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1647962950412&ns_c=UTF-8&c8=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users%20%7C%20Ars%20Technica&c...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1647962950412&ns_c=UTF-8&c8=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users%20%7C%20Ars%20Technica&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&c9=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
13.225.214.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-45.ewr50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
via
1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
q8Y8_0_70OKdi03hjEMbpL7DOfqwdPaL6Hd8I3VMcOclBLa_zlYnXw==
x-cache
Miss from cloudfront

Redirect headers

date
Tue, 22 Mar 2022 15:29:10 GMT
via
1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1647962950412&ns_c=UTF-8&c8=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users%20%7C%20Ars%20Technica&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&c9=
content-length
360
x-amz-cf-id
mYqjgkkWN0rTbP4V6NNBuqx6mqJKMKP9DAL1tLfvoV22wabSRqL46A==
sync
pippio.com/api/
Redirect Chain
  • https://idsync.rlcdn.com/709387.gif?partner_uid=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&gtmcb=1726201224
  • https://idsync.rlcdn.com/1000.gif?memo=CIumKxIwCiwIARCFvQkaJGQ1ZWZkNmY0LWUzN2MtNGUzNy1hMGU3LWE1YzQ4M2I4YmEzNRAAGg0IxtbnkQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=ee786f5ef80dc4f98f9029aef09593022621e980fa25eba1065a64c64b1aa0cd791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBlZTc4NmY1ZWY4MGRjNGY5OGY5MDI5YWVmMDk1OTMwMjI2MjFlOTgwZmEyNWViYTEwNjVhNjRjNjRiMWFhMGNkNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBlZTc4NmY1ZWY4MGRjNGY5OGY5MDI5YWVmMDk1OTMwMjI2MjFlOTgwZmEyNWViYTEwNjVhNjRjNjRiMWFhMGNkNzkxNDI2YjU0MTdkY2UyMRAAGgwIx9bnkQYSBAgCEABCAEoA&goog...
  • https://usermatch.krxd.net/um/v2?partner=liveramp_identity
  • https://pippio.com/api/sync?pid=709973&it=1&iv=Ou6QJvtA
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pippio.com/api/sync?pid=709973&it=1&iv=Ou6QJvtA
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
65.254.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:12 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
clear
content-length
42

Redirect headers

location
https://pippio.com/api/sync?pid=709973&it=1&iv=Ou6QJvtA
date
Tue, 22 Mar 2022 15:29:12 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a010-ash-prod.krxd.net
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=undefined
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_device_id=undefined
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_device_id=undefined
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_device_id=undefined
date
Tue, 22 Mar 2022 15:29:10 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=648&partner_device_id=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=648&partner_device_id=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f5187042-5f14-4af5-9f23-8cb08038da53%252C&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f5187042-5f14-4af5-9f23-8cb08038da53%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&ttd_puid=f5187042-5f14-4af5-9f23-8cb08038da53%2C
95 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&ttd_puid=f5187042-5f14-4af5-9f23-8cb08038da53%2C
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&ttd_puid=f5187042-5f14-4af5-9f23-8cb08038da53%2C
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
353
andoncord
assoc-na.associates-amazon.com/onetag/ 		16 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assoc-na.associates-amazon.com/onetag/andoncord
Requested by
Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
Server /
Resource Hash
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:10 GMT
Server
Server
x-amz-rid
W513W2E43HW03CKEFGBH
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
https://arstechnica.com
Access-Control-Allow-Credentials
true
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
16
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:12:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
976
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 22 Mar 2022 16:12:54 GMT
publisher:getClientId
ampcid.google.com/v1/ 		3 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
bid
c.amazon-adsystem.com/e/dtb/ 		182 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3035&u=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pid=H1CRAk8aOAFOo&cb=0&ws=1600x1200&v=7.74.0&t=1000&slots=%5B%7B%22sd%22%3A%22post_nav_0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22hero%2Fdesktop%22%7D%2C%7B%22sd%22%3A%22siderail_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22rail%2Fdesktop%22%7D%5D&pj=%7B%22si_section%22%3A%22information-technology%22%2C%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.160.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-160-42.ewr53.r.cloudfront.net
Software
Server /
Resource Hash
2497f94d8a997612d5da2ad1d85dc3e430771037e23c2d9c9a89379686ceccac
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
via
1.1 1322f71561d45d48a5334ac75abd0c2e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR53-C3
x-amz-rid
DETXSZAHNT7V4XZHDYYE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
182
x-amz-cf-id
iCjNsUxSwI81vM6fPyMKfpJcQbt7qzKz2Osfx06GyJJ_Ob3xb1hDLw==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		316 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552960&size_id=2&alt_size_ids=57&us_privacy=1---&eid_pubcid.org=76e3a471-4ef0-4409-92e3-24d19d9ae287%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&tg_i.cnt_tags=browser-in-the-browser%2Coauth%2Cphishing%2Cscams&tk_flint=pbjs_lite_v6.15.0&x_source.tid=9723e6b1-af71-4af7-be19-fa4deada7b22&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6951525454087231
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a7f6aaedefa82a0db2f77aff1394cfc3eb2800b5477c12afdde8a4e8d64d2d13

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:10 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
316
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		316 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552962&size_id=2&alt_size_ids=57&us_privacy=1---&eid_pubcid.org=76e3a471-4ef0-4409-92e3-24d19d9ae287%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&tg_i.cnt_tags=browser-in-the-browser%2Coauth%2Cphishing%2Cscams&tk_flint=pbjs_lite_v6.15.0&x_source.tid=9723e6b1-af71-4af7-be19-fa4deada7b22&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3274137512516033
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b5cc046d527d8c9f1e156a7c783cb596ff7e0f642138d2c11f7d7dba870a5f54

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:10 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
316
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=375849&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224d4d78f61b7e64%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F%3Fcnt_tags%3Dbrowser-in-the-browser%252Coauth%252Cphishing%252Cscams%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cnt_tags%22%3A%5B%22browser-in-the-browser%22%2C%22oauth%22%2C%22phishing%22%2C%22scams%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225035ae8febd48e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22375849%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22375848%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2276e3a471-4ef0-4409-92e3-24d19d9ae287%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.199.204.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-204-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
966f9fd55fdfe4749f7730e25d50c8eaac0c6bc4b1c7c07af3fb56c6d83cc4f2

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:10 GMT
x-ak-initial-geo
CC:[US], RC:[IL], CN:[NA], CIP:[96.9.249.44], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://arstechnica.com
x-cs-client-geo
31
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
31
expires
Tue, 22 Mar 2022 15:29:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		258 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8269feb369289aa0cf645157f0afead8d0d8cb30851407095aa8fa17ca215b3f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:10 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
44e5f0b9-afcf-454a-980c-909c96878754
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
258
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a969ce00175757040bb70c4ff01002a&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
7a2d9b62461bbfb708bef91844bff419c1c256b7b75fad44cada8ca32ed71ac0

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
542 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a9691380175757044fd70c4fff3002b&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
3baa42091ee722317dcb034639cc281be403e818cb2c8b6d3d88d14eed031092

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
content-length
62
arj
condenastus-d.openx.net/w/1.0/ 		189 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9723e6b1-af71-4af7-be19-fa4deada7b22%2C9723e6b1-af71-4af7-be19-fa4deada7b22&nocache=1647962950492&us_privacy=1---&pubcid=76e3a471-4ef0-4409-92e3-24d19d9ae287&aus=728x90%2C970x250%7C728x90%2C970x250&divids=hero_728x90_970x250%2Chero_728x90_970x250&aucs=%2C&auid=541000619%2C541000563&aumfs=50%2C50
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
9d03ab991fd2d04a374563e3316657b1356d756ab7e7d7e39740ad02006b7546

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://arstechnica.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
891 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
23665151a78275188f6b6c5095b7eac1d786f241486fde657b9896e2d2445f44

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
fastlane.json
fastlane.rubiconproject.com/a/api/ 		317 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552988&size_id=15&alt_size_ids=10&us_privacy=1---&eid_pubcid.org=76e3a471-4ef0-4409-92e3-24d19d9ae287%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&tg_i.cnt_tags=browser-in-the-browser%2Coauth%2Cphishing%2Cscams&tk_flint=pbjs_lite_v6.15.0&x_source.tid=899dd5af-8b53-4574-86b4-efa9f4a1e912&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7302872915594576
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7d16d8c774622dc1ac4a717b9c7b2e115642b28d051910c32b70c94500f2535c

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:10 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
317
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		317 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552990&size_id=15&alt_size_ids=10&us_privacy=1---&eid_pubcid.org=76e3a471-4ef0-4409-92e3-24d19d9ae287%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&tg_i.cnt_tags=browser-in-the-browser%2Coauth%2Cphishing%2Cscams&tk_flint=pbjs_lite_v6.15.0&x_source.tid=899dd5af-8b53-4574-86b4-efa9f4a1e912&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.37470219834713947
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
347c1d3cab9bbcdcef0b567589f6625907df389c2010199fdd2ecfc17822b337

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:10 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
317
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		37 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=375865&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2222c8c74e2f3bcd7%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F%3Fcnt_tags%3Dbrowser-in-the-browser%252Coauth%252Cphishing%252Cscams%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cnt_tags%22%3A%5B%22browser-in-the-browser%22%2C%22oauth%22%2C%22phishing%22%2C%22scams%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.15.0%22%2C%22userIds%22%3A%5B%5D%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2223b36a575f32356%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22375865%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22375864%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2276e3a471-4ef0-4409-92e3-24d19d9ae287%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.199.204.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-199-204-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
13303457715aaa3d105eb1e59b306132f8e5cafbd08120b3fd806a99e9371e0a

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:10 GMT
x-ak-initial-geo
CC:[US], RC:[IL], CN:[NA], CIP:[96.9.249.44], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://arstechnica.com
x-cs-client-geo
31
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
31
expires
Tue, 22 Mar 2022 15:29:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
f8ed2c0ccc0e4f4763e7a7a27a335fbcf6781898a149442e849b7f213e042ea3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Mar 2022 15:29:10 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
5a5a6bc1-9fda-42d9-b011-41c8e784a410
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a969ce00175757040bb70c50db8002f&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
a581f4bb1e5cc6f9178706e3aad487ac8dd1f404a2f48815a3dcf195c278c51c

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a9691380175757044fd70c50ec60030&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
6174614943cc715fb5609ea621a35abe26099e0c4ba20fd2ca5418cd0d86c9d1

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
content-length
62
arj
condenastus-d.openx.net/w/1.0/ 		189 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=899dd5af-8b53-4574-86b4-efa9f4a1e912%2C899dd5af-8b53-4574-86b4-efa9f4a1e912&nocache=1647962950505&us_privacy=1---&pubcid=76e3a471-4ef0-4409-92e3-24d19d9ae287&aus=300x250%2C300x600%7C300x250%2C300x600&divids=rail_300x250_300x600%2Crail_300x250_300x600&aucs=%2C&auid=541000589%2C541000592&aumfs=50%2C50
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
966f96855c4351231abe34a8db168a6b61b019ef81aa83da8274e3b22a478142

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://arstechnica.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
0772b2856549930716a0cbd1f3d99945cc185497c433c21deda57438ce559632

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
embed-api.json
player.cnevids.com/ 		11 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/embed-api.json?videoId=60abade4dc31e5375248cba6&playerType=interlude&embedLocation=arstechnica
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_b0ed5a6f-d8a5-4f14-a6b5-421a821e65c7_text2vec1_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-56.ewr53.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
6fce0dbbc989e2f852d8045ea7aaa7db852aab75caef08e0cac9bf3205dff02f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:25:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Age
223
X-Cache
Hit from cloudfront
Status
200 OK
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
3681
X-XSS-Protection
1; mode=block
X-Request-Id
de86a0b4-2b92-4e80-8e4d-a835f29f8ec7
X-Runtime
0.015347
X-Backend-Node
10.110.30.80
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
ETag
W/"d3cacf7418ffb54e41d4da5b1d99f034"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Via
1.1 c9bef6d423a5d23e0ca5e2af8503331c.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control
max-age=300, public
X-Amz-Cf-Pop
EWR53-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
UJMbwHM9oSvXAMhNLSqIWBJK7-CRSX1piHx5RHUIFtGY3xZcxDU2GA==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame FD8D 		371 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_b0ed5a6f-d8a5-4f14-a6b5-421a821e65c7_text2vec1_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad98ad9971cb4a2f1d506dd85fd8bd6cf1f4962c93d8f9103e2f2b9da8b5a408
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126251
x-xss-protection
0
expires
Tue, 22 Mar 2022 15:29:10 GMT
player-style-23abc7943337ba1e9747.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame FD8D 		88 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/player-style-23abc7943337ba1e9747.css
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_b0ed5a6f-d8a5-4f14-a6b5-421a821e65c7_text2vec1_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-144.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ed5a952026b3c54b85fb53b4a1e373c8aff2c0e6d7296aeccd59b97c4e3bd846

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 14:06:31 GMT
Content-Encoding
gzip
Age
436960
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
12708
Last-Modified
Wed, 16 Mar 2022 22:01:11 GMT
Server
AmazonS3
ETag
"d51b45ea4334b3c0a842815eb6abc8b3"
x-amz-version-id
1MaROMoT.TPNaodCm7Eko5gPmEjxUX7h
Via
1.1 345e58b151dd5a8ce47c17921388574a.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Content-Type
text/css; charset=utf-8
X-Amz-Cf-Id
Tw2O7_D08yE3Xp8Ml9XLZLC9BqZCtnrLCKIt2qGRnADrZriLv6sP-A==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
main-a65f5f6768f05f759345.js
d2c8v52ll5s99u.cloudfront.net/player/ Frame FD8D 		820 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_b0ed5a6f-d8a5-4f14-a6b5-421a821e65c7_text2vec1_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-144.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d42ba629a2a59bea0220491a8b229d37f69f34b95645bdd00df5116b0456a7dc

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 17 Mar 2022 14:06:31 GMT
Content-Encoding
gzip
Age
436960
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
228582
Last-Modified
Wed, 16 Mar 2022 22:01:11 GMT
Server
AmazonS3
ETag
"ffbb1d82a131e170fb0ec4fa7f5eb7bb"
x-amz-version-id
i12oCPCcCI1n8rB3hCdIo5mNRo5OwhiZ
Via
1.1 345e58b151dd5a8ce47c17921388574a.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
nxWki3Tv0D93UijnRZ_Q77CF9ocVLsV1-NNLlKtE0acnCXnRkEPV1A==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
horizon_tweet.b9ac0a13a4a1d52c80651179f4fe9b68.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/horizon_tweet.b9ac0a13a4a1d52c80651179f4fe9b68.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D29) /
Resource Hash
f277cc840da33f2e4731e6b3e5403d7bdcaa299304aa61452deb63e297a8523b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:10 GMT
Content-Encoding
gzip
Age
579217
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
2473
x-tw-cdn
VZ
Last-Modified
Wed, 16 Feb 2022 18:36:23 GMT
Server
ECS (nyb/1D29)
Etag
"29cf2e2367fd80ea2a4908fe0d316028+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
test.html
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame 9643 		2 KB
1005 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=0972d6d1-9a4b-40ad-b877-075e2093243e
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.69.76 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"1e015194a0e596827cb8971f884eb43c:1647882805.473689"
last-modified
Mon, 21 Mar 2022 14:57:37 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=14400
expires
Tue, 22 Mar 2022 19:29:10 GMT
date
Tue, 22 Mar 2022 15:29:10 GMT
content-length
686
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 52A8 		416 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.69.76 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1647882802.854077"
last-modified
Mon, 21 Mar 2022 14:57:37 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=14400
expires
Tue, 22 Mar 2022 19:29:10 GMT
date
Tue, 22 Mar 2022 15:29:10 GMT
content-length
282
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.69.76 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
last-modified
Tue, 08 Mar 2022 10:17:27 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1646735217.992808"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Thu, 21 Apr 2022 15:29:10 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.69.76 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
last-modified
Tue, 08 Mar 2022 10:17:27 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1646735198.653837"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Thu, 21 Apr 2022 15:29:10 GMT
l
mcdp-sadc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-sadc1.outbrain.com/l?token=255ce14ee134aa6d4b4520281c6f2ffb_6817_1647962950118&tm=1282&eT=0&widgetWidth=1220&widgetHeight=235&widgetX=190&widgetY=9094&wRV=2000642&pVis=1&lsd=0972d6d1-9a4b-40ad-b877-075e2093243e&eIdx=&ccpa=1---&cheq=0&rtt=826&oo=false&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.95 , United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
X-TraceId
321339a370f8e3a7d10268b871bfafac
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame A59C 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.69.76 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4ba5146eb33e639576b0befa39a523230a21b504b6a68f57bb1a32ea9b514c23

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"2f2b7a716f5b20c4b13adcdfd51e461b:1646323178.713502"
last-modified
Thu, 03 Mar 2022 15:52:32 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=14400
expires
Tue, 22 Mar 2022 19:29:10 GMT
date
Tue, 22 Mar 2022 15:29:10 GMT
content-length
5861
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
clip.js
widgets.outbrain.com/nanoWidget/2000642/module/ 		1 KB
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000642/module/clip.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.69.76 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
75a831522065e9fa96d424797593491860618d31c45719d56372936f68c5d376

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
content-encoding
gzip
last-modified
Mon, 21 Mar 2022 14:59:42 GMT
server
AkamaiNetStorage
etag
"4ae0b34aff71d43b4059eaf06434092e:1647882706.105245"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
611
expires
Tue, 22 Mar 2022 19:29:10 GMT
eyJpdSI6ImYwODU3M2U1NzkzYjMxOTk1NGM2NWUzZDIxMTI3ZDQyMjU1ZjJjNjQ1ZDU1ZjhjNjk5ZWEzZmM0ZTBiNTE4ZTYiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		618 KB
618 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImYwODU3M2U1NzkzYjMxOTk1NGM2NWUzZDIxMTI3ZDQyMjU1ZjJjNjQ1ZDU1ZjhjNjk5ZWEzZmM0ZTBiNTE4ZTYiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.181.192 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-181-192.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:10 GMT
cache-control
max-age=1254728
last-modified
Tue, 08 Mar 2022 15:54:03 GMT
x-traceid
1f1bc235d20cc32913e60161c63b2f9f
timing-allow-origin
*
content-length
633189
content-type
video/mp4
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-22T15%3A29%3A10.628Z&_t=pageview&cBr=Ars%20Technica&cKe=browser%20in%20the%20browser%7COAuth%7Cphishing%7Cscams&cCh=information%20technology&cTi=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=1325&cId=1842550&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pWw=1600&pWh=1200&pPw=1600&pPh=10000&pSw=1600&pSh=1200&uID=793acb54-8a60-48cc-91e9-0be61845aed6&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&uDt=desktop&_o=ars-technica&_c=general&xID=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&environment=prod&origin=ars-technica
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:10 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
sf-ui-display-medium-webfont.woff2
d2c8v52ll5s99u.cloudfront.net/assets/fonts/ Frame 4AA5 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-23abc7943337ba1e9747.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-144.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

Referer
https://d2c8v52ll5s99u.cloudfront.net/player/player-style-23abc7943337ba1e9747.css
Origin
https://arstechnica.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
ETag
"7d18db04f980971f2a9c5026bbc34bed"
X-Amz-Cf-Pop
EWR53-C3
X-Cache
RefreshHit from cloudfront
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
29632
Access-Control-Allow-Origin
*
Last-Modified
Mon, 26 Jun 2017 15:24:42 GMT
Server
AmazonS3
Date
Tue, 22 Mar 2022 15:29:12 GMT
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff2
Via
1.1 0a41fb8a1e6869f7cc14f05241a462fa.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
Accept-Ranges
bytes
X-Amz-Cf-Id
lV0DESK-yfjdIoMdo0ADnf170sAECMaTKU7gEBM3xAIeK6Y2GptU_w==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
bridge3.506.0_en.html
imasdk.googleapis.com/js/core/ Frame 4C27 		591 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.506.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
974feb3b255709419aa9d75228aee116a3a57e4fec91ee42cdceea855b198530
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196692
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 20:06:08 GMT
expires
Sat, 18 Mar 2023 20:06:08 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 18 Mar 2022 19:52:03 GMT
content-type
text/html
age
328982
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 4AA5 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 15:29:11 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 4AA5 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26320
x-xss-protection
0
pragma
public
x-fb-debug
9PSkT0RxocNJe1c40/TF/NSqTW0rLJhRY7s49CgGgHoD9NwbxG6ckhwSHhiYSmLrvEdc8fyJTRbwCViXGhMd5g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 22 Mar 2022 15:29:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
comscore-min.js
d2c8v52ll5s99u.cloudfront.net/player/ Frame 4AA5 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/comscore-min.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-144.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 24 May 2017 18:19:15 GMT
Server
AmazonS3
Age
260
ETag
W/"054acb6fbd2b2a6c1ac561705bffb0cc"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 345e58b151dd5a8ce47c17921388574a.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Tue, 22 Mar 2022 15:24:51 GMT
X-Amz-Cf-Pop
EWR53-C3
X-Amz-Cf-Id
NCighZILEeUreEw8Qw3iPBfZONA3wsW4JccrTv0ro-wfHLqca4jAHA==
js
www.googletagmanager.com/gtag/ 		164 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P1P55J3LNW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e6329f9da8bd73d7da639e22374d0fecd0cf7107ada14f3e7e38b5fb62617a06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61983
x-xss-protection
0
expires
Tue, 22 Mar 2022 15:29:11 GMT
track
capture.condenastdigital.com/ Frame 4AA5 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-22T15%3A29%3A10.826Z&_c=&_t=Player%20Requested&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:11 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ Frame 4AA5 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-22T15%3A29%3A10.966Z&_c=initial&_t=gptData&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&dim1=%7B%22adBlocked%22%3Afalse%2C%22adUnits%22%3A%5B%223379%2Fconde.ars%2Finterstitial%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fhero%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F2%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F3%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F2%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F3%22%5D%2C%22embedLocation%22%3A%22arstechnica%22%2C%22error%22%3A%22%22%2C%22lineItems%22%3A%5B%5D%2C%22publicaEnabled%22%3Afalse%2C%22videoId%22%3A%2260abade4dc31e5375248cba6%22%7D
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:11 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame 4AA5 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b35f01abdb74e50c7c770d66cb11b73a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
214
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:25:42 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-11T12:51:58.288Z;desc=hit,rtt;dur=1
Content-Length
51500
Last-Modified
Tue, 25 May 2021 15:04:45 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"1631177d1131925333a3b2b652f3d8b2"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
r_INo6b4Wq6ZhT-c8FPKq69JoUQ9RKQXAbs6ZTy2uIkyiulFi4DNTg==
eyJpdSI6ImYwODU3M2U1NzkzYjMxOTk1NGM2NWUzZDIxMTI3ZDQyMjU1ZjJjNjQ1ZDU1ZjhjNjk5ZWEzZmM0ZTBiNTE4ZTYiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		618 KB
620 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImYwODU3M2U1NzkzYjMxOTk1NGM2NWUzZDIxMTI3ZDQyMjU1ZjJjNjQ1ZDU1ZjhjNjk5ZWEzZmM0ZTBiNTE4ZTYiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.181.192 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-181-192.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6b1a91c2830ef988ff15a3a44c338980e5766187a83383fc14c73ab613c7b10d

Request headers

Referer
https://arstechnica.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
last-modified
Tue, 08 Mar 2022 15:54:03 GMT
content-type
video/mp4
Content-Range
bytes 0-633188/633189
cache-control
max-age=1254727
x-traceid
1f1bc235d20cc32913e60161c63b2f9f
timing-allow-origin
*
Content-Length
633189
onetag
assoc-na.associates-amazon.com/ 		64 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22arstech20-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F%22%7D&u=https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Requested by
Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
Server /
Resource Hash
0f7d9aed4638265e031bb81bca29f79fd3081a9b93d4d7cba80f61fabc5dfc13

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:11 GMT
Server
Server
x-amz-rid
9PW57CH0WZ7Z3B4FQX2Y
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
https://arstechnica.com
Access-Control-Allow-Credentials
true
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
64
dest5.html
condenast.demdex.net/ Frame 2076 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://condenast.demdex.net/dest5.html?d_nsid=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.222.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-222-233.compute-1.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Tue, 22 Mar 2022 15:29:11 GMT
DCS
dcs-prod-va6-1-v030-0d41c4460.edge-va6.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Tue, 15 Mar 2022 12:08:35 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
GGuLrVUkS58=
transfer-encoding
chunked
Connection
keep-alive
id
sstats.arstechnica.com/ 		0
0
ibs:dpid=411&dpuuid=YjnrRwAAADpnQgQL
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=65416946501074486881869476194977929017
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YjnrRwAAADpnQgQL
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YjnrRwAAADpnQgQL
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v030-06945fb3f.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
TUrQaU3RSOA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YjnrRwAAADpnQgQL
Date
Tue, 22 Mar 2022 15:29:11 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
5fd22fcf-a915-4295-8466-f0fea81badb0
https://arstechnica.com/ Frame 4AA5 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://arstechnica.com/5fd22fcf-a915-4295-8466-f0fea81badb0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=110291666100365&correlator=2555186838940338&hxva=1&scor=105439497024334&eid=44752585%2C31065656&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&us_privacy=1---&iu_parts=3379%2Cconde.ars%2Chero%2Cinformation-technology%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C970x250%7C9x1%7C10x1&ifi=2&adks=2385402828&sfv=1-0-38&ecs=20220322&fsapi=false&prev_scp=pos%3Dhero%26ctx_slot_type%3Dpost_nav%26ctx_slot_rn%3D0%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Dpost_nav_0%26slot_name%3Dhero_1%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.9%26ctx_page_slug%3Dbehold-a-password-phishing-site-that-can-trick-even-savvy-users%26cnt_tags%3Dbrowser-in-the-browser%252Coauth%252Cphishing%252Cscams%26cnt_platform%3Dwordpress%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D13%26usr_bkt_pv%3D1%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D121100%252C131100%252C131135%252C300003%252C210000%252C240000%252C240002%252C240003%252C240004%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240017%252C240015%252C240016%252C240018%252C240019%252Cqx7745%252Cmiovit%252Cap05we%252C65f9pd%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_sid%3Dc6e234da-e66f-4616-8ecf-67f29b24d5cb%26vnd_4d_pid%3Deae3ccff-0843-45ac-8cff-0eff3278f998%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3Dd5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&sc=1&cookie=ID%3D9d3852e4f388491c-227a33a4f2d10010%3AT%3D1647962950%3AS%3DALNI_MaUW5FlC3TG4eCZA11INrssjFehXw&abxe=1&dt=1647962951241&lmt=1647962951&dlt=1647962948672&idt=1245&biw=1600&bih=1200&adxs=0&adys=125&oid=2&ucis=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=1679509180.1647962950&ga_sid=1647962950&ga_hid=593358754&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
6c3e24399a5d167653c25e149ea5e71d76c00a4977c90cce5156700547506d0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9554
x-xss-protection
0
google-lineitem-id
5945896294
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138384132668
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=110291666100365&correlator=2555186838940338&hxva=1&scor=105439497024334&eid=44752585%2C31065656&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&us_privacy=1---&iu_parts=3379%2Cconde.ars%2Crail%2Cinformation-technology%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600&ifi=3&adks=1483574547&sfv=1-0-38&ecs=20220322&fsapi=false&prev_scp=pos%3Drail%26ctx_slot_type%3Dsiderail%26ctx_slot_rn%3D0%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Dsiderail_0%26slot_name%3Drail_1%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.10%26hb_adid%3D3773ab9b45c317e%26hb_bidder%3Dappnexus&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.9%26ctx_page_slug%3Dbehold-a-password-phishing-site-that-can-trick-even-savvy-users%26cnt_tags%3Dbrowser-in-the-browser%252Coauth%252Cphishing%252Cscams%26cnt_platform%3Dwordpress%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D13%26usr_bkt_pv%3D1%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D121100%252C131100%252C131135%252C300003%252C210000%252C240000%252C240002%252C240003%252C240004%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240017%252C240015%252C240016%252C240018%252C240019%252Cqx7745%252Cmiovit%252Cap05we%252C65f9pd%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_sid%3Dc6e234da-e66f-4616-8ecf-67f29b24d5cb%26vnd_4d_pid%3Deae3ccff-0843-45ac-8cff-0eff3278f998%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3Dd5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&sc=1&cookie=ID%3D9d3852e4f388491c-227a33a4f2d10010%3AT%3D1647962950%3AS%3DALNI_MaUW5FlC3TG4eCZA11INrssjFehXw&abxe=1&dt=1647962951246&lmt=1647962951&dlt=1647962948672&idt=1245&biw=1600&bih=1200&adxs=1110&adys=824&oid=2&ucis=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=516&ohw=300&ga_vid=1679509180.1647962950&ga_sid=1647962950&ga_hid=593358754&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
e3f757f073933aea8a3bc1519a2b7e394435e1bff2dc858b78af04e0bdd46723
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9561
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 804B 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 22 Mar 2022 15:59:35 GMT
1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame 4AA5 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-33.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://arstechnica.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 22 Mar 2022 09:45:19 GMT
Via
1.1 366ff516a3e74c5fb4d4d2286497d924.cloudfront.net (CloudFront)
Last-Modified
Mon, 24 May 2021 13:51:20 GMT
Server
AmazonS3
Age
20633
ETag
"580642a938142bddde48207109f78d2b"
X-Cache
Hit from cloudfront
Content-Type
video/mp4
Content-Range
bytes 0-2480938/2480939
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Content-Length
2480939
X-Amz-Cf-Id
SjWJq2y5Kw03D0ojs3D5Jaaw2iqlf0pAD2jtqK9-zDEcdeQ97XiB8w==
1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame 4AA5 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-33.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://arstechnica.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 22 Mar 2022 09:45:19 GMT
Via
1.1 97838e4a7e48c5b1ece191e6f727eb80.cloudfront.net (CloudFront)
Last-Modified
Mon, 24 May 2021 13:51:20 GMT
Server
AmazonS3
Age
20633
ETag
"580642a938142bddde48207109f78d2b"
X-Cache
Hit from cloudfront
Content-Type
video/mp4
Content-Range
bytes 0-2480938/2480939
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Content-Length
2480939
X-Amz-Cf-Id
0Edvzn13jbuXV2yJp7pekXUxYRzkBehNQPMy4OPWQn1zvK4rMsW8hg==
track
capture.condenastdigital.com/ Frame 4AA5 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-22T15%3A29%3A11.266Z&_c=Player%20Event&_t=Player%20Loaded&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&cId=60abade4dc31e5375248cba6&cKe=Unsolved%20Mysteries%2CArs%20Technica%20Unsolved%20Mysteries%2CQuantum%20Leap%2CUnsolved%20Mysteries%20Quantum%20Leap%2CQuantum%20leap%20show%2Cquantum%20leap%20ending%2Cquantum%20leap%20bakula%2CDonald%20P%20Bellisario%2CQuantum%20Leap%20Finale%2CQuantum%20Leap%20JFK%2CQuantum%20Leap%20Lee%20Harvey%20Oswald%2CQuantum%20Leap%20interview%2CScott%20Bakula%2CDean%20Stockwell%2CQuantum%20Leap%20Ziggy%2CQuantum%20Leap%20Al%2CQuantum%20Leap%20NBC%2CNBC%20Quantum%20Leap%2CQuantum%20Leap%20Episodes%2Cquantum%20leap%20intro%2Cquantum%20leap%20ars%20technica%2Cars%20technica%20quantum%20leap&cPd=2021-05-25T15%3A00%3A00%2B00%3A00&cTi=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario&mDu=854&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&pWw=584&pWh=328.5&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&uId=793acb54-8a60-48cc-91e9-0be61845aed6&xid=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%222be6198%22%2C%22guid%22%3A%22161c8159-f92-eee0-692e-62f3fe9b2e32%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22manual%22%2C%22playerDepth%22%3A8356.953125%2C%22playerType%22%3A%22video-continuous%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3Anull%2C%22recStrategy%22%3Anull%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22OUT_OF_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:11 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
1c5e052d-9221-44ad-9785-4ca784ceb60dmanifest-ios.m3u8
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame 4AA5 		918 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dmanifest-ios.m3u8?videoIndex=0&requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-33.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
005f315d6f7cf50f04161a51e17287b5040b513267560b083a3cf39d0b892ba8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 10:07:31 GMT
Via
1.1 b35f01abdb74e50c7c770d66cb11b73a.cloudfront.net (CloudFront)
Vary
Origin
Age
19301
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
918
Last-Modified
Mon, 24 May 2021 13:49:14 GMT
Server
AmazonS3
ETag
"4300fd3b9bba40f219ea54c572764fe0"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
kExXCNDQbGELnMm0DeCDvk1wzhniByvbM65f9g_2QUkQHG1iIz7AYw==
iu3
s.amazon-adsystem.com/ Frame 1F74
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
271 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8b3268e2ce0d2967367801ae12fdcbbb1aa50ab8d786d901530867214b67f04a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Server
Server
Date
Tue, 22 Mar 2022 15:29:11 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
271
Connection
keep-alive
x-amz-rid
WTJ4K70YT0C8ZTVRJ919
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Tue, 22 Mar 2022 15:29:11 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
WK7EN2S1T0BF1DZGG3SB
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
s2s-hb
pbs.getpublica.com/v1/ 		2 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.getpublica.com/v1/s2s-hb?site_id=2564&format=json&app_name=CNEVIDEO&adserver=gam&slot_count=1&site_name=arstechnica&content_episode=3&content_length=854&content_season=Season%201&content_id=60abade4dc31e5375248cba6&content_title=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario&content_series=Unsolved%20Mysteries&content_language=en&content_category=gaming%20%26%20entertainment%2CPop%20Culture--Video%20Games&content_keywords=Unsolved%20Mysteries%2CArs%20Technica%20Unsolved%20Mysteries%2CQuantum%20Leap%2CUnsolved%20Mysteries%20Quantum%20Leap%2CQuantum%20leap%20show%2Cquantum%20leap%20ending%2Cquantum%20leap%20bakula%2CDonald%20P%20Bellisario%2CQuantum%20Leap%20Finale%2CQuantum%20Leap%20JFK%2CQuantum%20Leap%20Lee%20Harvey%20Oswald%2CQuantum%20Leap%20interview%2CScott%20Bakula%2CDean%20Stockwell%2CQuantum%20Leap%20Ziggy%2CQuantum%20Leap%20Al%2CQuantum%20Leap%20NBC%2CNBC%20Quantum%20Leap%2CQuantum%20Leap%20Episodes%2Cquantum%20leap%20intro%2Cquantum%20leap%20ars%20technica%2Cars%20technica%20quantum%20leap&site_page=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&cb=5003962
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_b0ed5a6f-d8a5-4f14-a6b5-421a821e65c7_text2vec1_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.14.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-14-164.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:11 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Content-Length
26
Expires
0
9c666107-c64d-4b99-a465-ad2fe0167921
https://arstechnica.com/ Frame 4AA5 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://arstechnica.com/9c666107-c64d-4b99-a465-ad2fe0167921
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
173d7c7e266672df75c4e048a934c55ee24d9a9028a87fd2957e74d1bd6a8d08

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
5409
Content-Type
application/javascript
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1647962951352&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1647962951352&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D434737%26time%3D1647962951352%26url%3Dhttps%253A%252F%252Farstechnica.com%252Finf...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1647962951352&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1647962951352&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick...
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f81064a0-5b88-4e23-ba9c-c8be0a830f4f
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f81064a0-5b88-4e23-ba9c-c8be0a830f4f&_expected_cookie=c4187fc90b12df0aedc854c7...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f81064a0-5b88-4e23-ba9c-c8be0a830f4f&_expected_cookie=c4187fc90b12df0aedc854c7b99b7bbf
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6efff62c285d8ca1-EWR
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=f81064a0-5b88-4e23-ba9c-c8be0a830f4f&_expected_cookie=c4187fc90b12df0aedc854c7b99b7bbf
date
Tue, 22 Mar 2022 15:29:13 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6efff62b2e268ca1-EWR
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
modules.7d3f952308caf42c2b67.js
script.hotjar.com/ 		236 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1632543.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-17.ewr53.r.cloudfront.net
Software
/
Resource Hash
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 09:02:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1060025
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63048
access-control-allow-origin
*
last-modified
Thu, 10 Mar 2022 09:01:33 GMT
etag
"2f5d47da7be4d107a04726029158797c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 121f18299e6385d2cf97a45a6dcf2c8c.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR53-C3
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
poMDZcc5IPhRUC6SwQp3BmD6dp1F6JSmbOtPHwHGKc9gjvyjYaGqBA==
br-ijs_all_modules_486c3deacef91dda746a40d4c0c1cd36.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		535 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_486c3deacef91dda746a40d4c0c1cd36.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/2806/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
2a839621c1886d7c86ec6680054bd432692ec394766f2b1e69c5d7210f0a4944

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 15:31:19 GMT
content-encoding
br
age
86272
x-guploader-uploadid
ADPycdu4Tea0G3nOR1nEtUwwqSN8vE8Wj2WwYX9-SS6OsPFpIivt8Xljz277xcZuk0jou7g1ewZ-_x-5s_G9PkZixkhEdFkEjQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
clear
content-length
102511
last-modified
Mon, 21 Mar 2022 15:31:11 GMT
server
UploadServer
etag
"b2cdb6b8d3d241647d99061f5131dfbf"
x-goog-hash
crc32c=r3I8gg==, md5=ss22uNPSQWR9mQYfUTHfvw==
x-goog-generation
1647876671695118
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
102511
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 21 Mar 2023 15:31:19 GMT
228464857488266
connect.facebook.net/signals/config/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/228464857488266?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2577c6353394825cde34bf937dbc4905d99980176a2ca273521c320b7a16c4f1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89705
x-xss-protection
0
pragma
public
x-fb-debug
diIKQd+6LWl+ASt5QN+UZvyeVKJXfp3bZ+xr5dt0K1eucqOLlwl/HdkZ721IFaBgmP1CAELb0iY8yN4ouCWdWA==
x-frame-options
DENY
date
Tue, 22 Mar 2022 15:29:11 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
simple
api.sail-personalize.com/v1/personalize/ 		288 B
498 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
b4cd6d57f9eb84815dea256708e4f5d90917e9f80a53b0253aeeae32b816b727

Request headers

x-lib-version
v1.0.1
Accept-Language
en-US,en;q=0.9
authorization
Bearer 96cc6d73eeadca5c51a196378f9bf3d1
content-type
application/json
accept
application/json
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
x-referring-url
https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:11 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
197
allowedmethods
GET,OPTIONS
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
content-type
text/plain
content-length
18
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow
HEAD,GET,OPTIONS
rules-p-Jjy-Cyr1NZGRz.js
rules.quantcount.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Jjy-Cyr1NZGRz.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efdbd8582066a12cf45115f1e150d2a8de06bf6b14db3feca98b116efeb9e0bb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:58:09 GMT
content-encoding
gzip
age
1863
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 19 Mar 2018 22:18:17 GMT
server
AmazonS3
etag
W/"2c930184a7ea36f2f9a5d9324b880b63"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 94344436af750794f6bc9899d89d3a0a.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
uIaiiImiMNPRz6kd9gpjRwOnFAQ0PN4VloFzu77Vn2XiwX46h_n2SQ==
arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame 4AA5 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Origin
https://arstechnica.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 fbe5d7a9e96ed72fbc0224c756776dd0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
214
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:25:42 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-11T12:51:58.288Z;desc=hit,rtt;dur=1
Content-Length
51500
Last-Modified
Tue, 25 May 2021 15:04:45 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"1631177d1131925333a3b2b652f3d8b2"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
BasEOFm4JZdDd8pqyTrEBrVF1puZXkplRwSxEXqGUVjFo6XLno3TPw==
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1IQID9FKFK1PHD4UBH0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.238.120 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-238-120.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:11 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
2022032215291101011300613903AF5963
vary
Accept-Encoding
x-cache
TCP_MISS from a23-33-238-116.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,23.33.238.116
x-tt-trace-host
01fb071011a8ae45895a951b39c344d012ba6ba3e7b1ca7bf10eab9d82e4b670be00d9283030630d20c286a60c0e57dba89f7f6fa9485a0e1ee35b65293fac3c7f899a8891a139dabd1c73c6c1a3d9b41579a69f7d9c155fe32ad3399ebd86365f
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=11
x-akamai-request-id
173b7de7
expires
Tue, 22 Mar 2022 15:29:11 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		888 B
966 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C1IQID9FKFK1PHD4UBH0&hostname=arstechnica.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1IQID9FKFK1PHD4UBH0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.238.120 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-238-120.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a752705baaf1b6424744a68ce4aeeda0cb4c8c12f63fe609cca51c1e580dda69

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-akamai-request-id
173b7e0b
date
Tue, 22 Mar 2022 15:29:11 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-33-238-116.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=11
content-length
362
pragma
no-cache
server
nginx
x-tt-logid
2022032215291101011300613903AF5972
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,23.33.238.116
x-tt-trace-host
01fb071011a8ae45895a951b39c344d012ba6ba3e7b1ca7bf10eab9d82e4b670be00d9283030630d20c286a60c0e57dba89f7f6fa9485a0e1ee35b65293fac3c7f8091be1c7ce2e2b290053fca64686fee22168de43272e9af3a77f83e6a3fe793
expires
Tue, 22 Mar 2022 15:29:11 GMT
arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame 4AA5 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b35f01abdb74e50c7c770d66cb11b73a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
214
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:25:42 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-11T12:51:58.288Z;desc=hit,rtt;dur=1
Content-Length
51500
Last-Modified
Tue, 25 May 2021 15:04:45 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"1631177d1131925333a3b2b652f3d8b2"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
x0EHsGe4t8CPI8mdo05cYwsBx685L4O8e50VJeQIraZI3LWLh7QeCQ==
p.js
fpa-cdn.arstechnica.com/keys/arstechnica.com/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fpa-cdn.arstechnica.com/keys/arstechnica.com/p.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.71.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-71-10.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08b8b78504677c4bb61018fbcfe343bf7603d3ea56b3b47d9532569104f9b5c0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 02:54:33 GMT
content-encoding
gzip
last-modified
Mon, 22 Jun 2020 18:36:23 GMT
server
AmazonS3
age
45279
etag
W/"9ad5803fbe8f447002010c8ec44dbf00"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 988ebab315003cc8902437cbdd7de09e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
x-amz-cf-id
TeEcoyiI5kIHW3TWAtwUxx5QeoJxM4vKStflAGV1Hkkc542mt_yukg==
collect
stats.g.doubleclick.net/j/ 		2 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-31997-1&cid=1679509180.1647962950&jid=1097349487&gjid=369274741&_gid=1309308925.1647962951&_u=aChAgUAjAAQCAE~&z=1331273008
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 22 Mar 2022 15:29:11 GMT
content-type
text/plain
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:11 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=593358754&t=pageview&_s=1&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&dr=%2F&dp=%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&ul=en-us&de=UTF-8&dt=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users%20%7C%20Ars%20Technica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgUAjAAQC~&jid=1097349487&gjid=369274741&cid=1679509180.1647962950&tid=UA-31997-1&_gid=1309308925.1647962951&gtm=2wg3e0NLXNPCQ&cg1=article%7Creport&cg2=information-technology&cg3=information%20technology&cd1=GTM-NLXNPCQ&cd2=287&cd4=&cd6=Tue%20Mar%2022%202022%2015%3A29%3A09%20GMT%2B0000%20(GMT)&cd7=1647962949642.le2a7jg6&cd8=0&cd9=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&cd10=English&cd11=15&cd12=0&cd13=Tag%20Name%3A%20GA%20-%20Pageview%20-%20Core%20Pageview%20-%20All%20Pages&cd20=none&cd25=Dan%20Goodin&cd26=1842550&cd27=1325&cd28=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users&cd29=web&cd32=2022-03-21T18%3A47%3A05%2B00%3A00&cd33=1&cd34=2022-03-21T18%3A48%3A03%2B00%3A00&cd35=browser%20in%20the%20browser%7COAuth%7Cphishing%7Cscams&cd36=web&cd43=Ars%20Technica&cd45=Adblock%20Enabled%20-%20false&cd62=https%3A%2F%2Farstechnica.com%2F%3Fp%3D1842550&cd63=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&cd65=&cd72=1.0.0&cd92=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&cd93=information%20technology&cd98=article%7Creport&cd102=18&cd103=&cd113=data-layer-loaded&cd127=Monday&cd129=Etc%2FUnknown&cd131=2&cm13=0&cm23=0&cd3=1679509180.1647962950&z=2021186495
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 01:06:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51732
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=593358754&t=event&ni=1&_s=1&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&dr=%2F&dp=%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&ul=en-us&de=UTF-8&dt=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users%20%7C%20Ars%20Technica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=proxy%20pageviews&ea=pageload&_u=aCjAgUAjAAQCAE~&jid=&gjid=&cid=1679509180.1647962950&tid=UA-31997-1&_gid=1309308925.1647962951&gtm=2wg3e0NLXNPCQ&cg1=article%7Creport&cg2=information-technology&cg3=information%20technology&cd1=GTM-NLXNPCQ&cd2=287&cd4=&cd6=Tue%20Mar%2022%202022%2015%3A29%3A09%20GMT%2B0000%20(GMT)&cd7=1647962949674.ldsknn6v&cd8=0&cd9=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&cd10=English&cd11=15&cd12=0&cd13=Tag%20Name%3A%20GA%20Events%20-%20Proxy%20Pageviews%20-%20Pageload&cd20=none&cd25=Dan%20Goodin&cd26=1842550&cd27=1325&cd28=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users&cd29=web&cd32=2022-03-21T18%3A47%3A05%2B00%3A00&cd33=1&cd34=2022-03-21T18%3A48%3A03%2B00%3A00&cd35=browser%20in%20the%20browser%7COAuth%7Cphishing%7Cscams&cd36=web&cd43=Ars%20Technica&cd45=Adblock%20Enabled%20-%20false&cd62=https%3A%2F%2Farstechnica.com%2F%3Fp%3D1842550&cd63=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&cd65=&cd72=1.0.0&cd92=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&cd93=information%20technology&cd98=article%7Creport&cd102=18&cd103=&cd113=data-layer-loaded&cd127=Monday&cd129=Etc%2FUnknown&cd131=2&cd3=1679509180.1647962950&cm21=1&z=1225365946
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 01:06:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51732
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=593358754&t=event&ni=1&_s=1&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&dr=%2F&dp=%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&ul=en-us&de=UTF-8&dt=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users%20%7C%20Ars%20Technica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=privacy%20mode&ea=privacy%20mode%20%20-%20true&el=privacy%20mode%20%20-%20true&_u=aCjAgUAjAAQCAE~&jid=&gjid=&cid=1679509180.1647962950&tid=UA-31997-1&_gid=1309308925.1647962951&gtm=2wg3e0NLXNPCQ&cg1=article%7Creport&cg2=information-technology&cg3=information%20technology&cd1=GTM-NLXNPCQ&cd2=287&cd4=&cd6=Tue%20Mar%2022%202022%2015%3A29%3A09%20GMT%2B0000%20(GMT)&cd7=1647962949711.99758yk&cd8=0&cd9=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&cd10=English&cd11=15&cd12=0&cd13=GA%20-%20Event%20-%20Privacy%20Mode%20Event&cd20=none&cd25=Dan%20Goodin&cd26=1842550&cd27=1325&cd28=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users&cd29=web&cd32=2022-03-21T18%3A47%3A05%2B00%3A00&cd33=1&cd34=2022-03-21T18%3A48%3A03%2B00%3A00&cd35=browser%20in%20the%20browser%7COAuth%7Cphishing%7Cscams&cd36=web&cd43=Ars%20Technica&cd45=Adblock%20Enabled%20-%20false&cd62=https%3A%2F%2Farstechnica.com%2F%3Fp%3D1842550&cd63=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&cd65=&cd72=1.0.0&cd92=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&cd93=information%20technology&cd95=%2C%2C&cd98=article%7Creport&cd102=18&cd103=&cd113=privacy-mode-true&cd127=Monday&cd129=Etc%2FUnknown&cd131=2&cd3=1679509180.1647962950&cd110=Privacy%20Mode%20-%20true&z=475535611
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 01:06:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
51732
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
haloid
aufp.io/api/v1/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aufp.io/api/v1/haloid
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.250.227 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-250-227.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e42808d7e52317336b8ce5e70efec1e44875ab17d58f9a3640bace9b7e314950

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
last-modified
Wed, 16 Mar 2022 21:21:48 GMT
server
nginx/1.20.0
content-type
application/javascript; charset=utf-8
cache-control
no-cache
origin-trial
content-disposition
inline; filename=halo02.js
content-length
5763
57
p.ad.gt/api/v1/p/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/57
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.88.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-88-197.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
10879dae51273e85e8eccf72db718168ca14f9fea14d369f11e7e8d4d233f3b5

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 15:37:54 GMT
server
nginx/1.18.0
etag
W/"1647445074.0-29261-2545748540"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
public, max-age=43200
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires
Wed, 23 Mar 2022 03:29:11 GMT
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=df8afae4-be36-4903-9f4a-b3826d7e351f&adnxs_id=$UID
  • https://ids.ad.gt/api/v1/match?id=df8afae4-be36-4903-9f4a-b3826d7e351f&adnxs_id=6141021567606092823
43 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=df8afae4-be36-4903-9f4a-b3826d7e351f&adnxs_id=6141021567606092823
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
34.216.205.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-205-19.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Wed, 23 Mar 2022 03:29:11 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:11 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
8a04bcc3-2b24-421e-820a-f5ccfafe79ab
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ids.ad.gt/api/v1/match?id=df8afae4-be36-4903-9f4a-b3826d7e351f&adnxs_id=6141021567606092823
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=df8afae4-be36-4903-9f4a-b3826d7e351f
  • https://ids.ad.gt/api/v1/t_match?tdid=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&id=df8afae4-be36-4903-9f4a-b3826d7e351f
43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&id=df8afae4-be36-4903-9f4a-b3826d7e351f
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
34.216.205.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-205-19.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Wed, 23 Mar 2022 03:29:11 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&id=df8afae4-be36-4903-9f4a-b3826d7e351f
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Ddf8afae4-be36-4903-9f4a-b3826d7e351f
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Ddf8afae4-be36-4903-9f4a-b3826d7e351f
  • https://ids.ad.gt/api/v1/pbm_match?pbm=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C&id=df8afae4-be36-4903-9f4a-b3826d7e351f
43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C&id=df8afae4-be36-4903-9f4a-b3826d7e351f
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
34.216.205.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-205-19.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Wed, 23 Mar 2022 03:29:12 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C&id=df8afae4-be36-4903-9f4a-b3826d7e351f
date
Tue, 22 Mar 2022 06:02:07 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=df8afae4-be36-4903-9f4a-b3826d7e351f
  • https://ids.ad.gt/api/v1/g_match?id=df8afae4-be36-4903-9f4a-b3826d7e351f&google_gid=CAESEEIrQz3AkMHtF3s-NavOYfM&google_cver=1&google_ula=450542624,0
43 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=df8afae4-be36-4903-9f4a-b3826d7e351f&google_gid=CAESEEIrQz3AkMHtF3s-NavOYfM&google_cver=1&google_ula=450542624,0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
34.216.205.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-205-19.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Wed, 23 Mar 2022 03:29:12 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ids.ad.gt/api/v1/g_match?id=df8afae4-be36-4903-9f4a-b3826d7e351f&google_gid=CAESEEIrQz3AkMHtF3s-NavOYfM&google_cver=1&google_ula=450542624,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=df8afae4-be36-4903-9f4a-b3826d7e351f
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZGY4YWZhZTQtYmUzNi00OTAzLTlmNGEtYjM4MjZkN2UzNTFm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZGY4YWZhZTQtYmUzNi00OTAzLTlmNGEtYjM4MjZkN2UzNTFm
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZGY4YWZhZTQtYmUzNi00OTAzLTlmNGEtYjM4MjZkN2UzNTFm
date
Tue, 22 Mar 2022 15:29:11 GMT
server
nginx/1.20.0
content-length
473
content-type
text/html; charset=utf-8
getuid
sync.smartadserver.com/
Redirect Chain
  • https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fsmart_match%3Fid%3Ddf8afae4-be36-4903-9f4a-b3826d7e351f%26sas_uid%3D%5bsas_uid%5d
  • https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=df8afae4-be36-4903-9f4a-b3826d7e351f&sas_uid=[sas_uid]&cklb=1
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.smartadserver.com/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=df8afae4-be36-4903-9f4a-b3826d7e351f&sas_uid=[sas_uid]&cklb=1
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:11 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://sync.smartadserver.com:443/getuid?url=https://ids.ad.gt/api/v1/smart_match?id=df8afae4-be36-4903-9f4a-b3826d7e351f&sas_uid=[sas_uid]&cklb=1
pragma
no-cache
date
Tue, 22 Mar 2022 15:29:11 GMT
cache-control
no-cache,no-store
content-length
0
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
mediamath_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3Ddf8afae4-be36-4903-9f4a-b3826d7e351f
  • https://ids.ad.gt/api/v1/mediamath_match?user_id=81b96239-eb48-4800-8f99-27deec4d2451&id=df8afae4-be36-4903-9f4a-b3826d7e351f
43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/mediamath_match?user_id=81b96239-eb48-4800-8f99-27deec4d2451&id=df8afae4-be36-4903-9f4a-b3826d7e351f
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
34.216.205.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-205-19.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Wed, 23 Mar 2022 03:29:12 GMT

Redirect headers

Date
Tue, 22 Mar 2022 15:29:11 GMT
Server
MT3 4267 dd20a5c master ord-pixel-x56 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ids.ad.gt/api/v1/mediamath_match?user_id=81b96239-eb48-4800-8f99-27deec4d2451&id=df8afae4-be36-4903-9f4a-b3826d7e351f
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Mar 2022 15:29:10 GMT
unruly
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Ddf8afae4-be36-4903-9f4a-b3826d7e351f%26unruly_id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Ddf8afae4-be36-4903-9f4a-b3826d7e351f%26unruly_id%3D%5BRX_UUID%5D&cb=1647962952087
  • https://sync.targeting.unrulymedia.com/csync/RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Ddf8afae4-be36-4903-9f4a-b3826d7e351f%26unruly_id%3D...
  • https://ids.ad.gt/api/v1/unruly?id=df8afae4-be36-4903-9f4a-b3826d7e351f&unruly_id=RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/unruly?id=df8afae4-be36-4903-9f4a-b3826d7e351f&unruly_id=RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
34.216.205.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-205-19.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Wed, 23 Mar 2022 03:29:12 GMT

Redirect headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Server
Tengine
ETag
RXa83b66042e3249f2bbad627050f1e26e005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ids.ad.gt/api/v1/unruly?id=df8afae4-be36-4903-9f4a-b3826d7e351f&unruly_id=RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005
Connection
keep-alive
Content-Type
text/html
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 52A8 		610 B
673 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.69.76 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-76.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges
bytes
content-type
text/html
etag
"48053d50141031b1511dbd30f9a31288:1647882803.492619"
last-modified
Mon, 21 Mar 2022 14:57:37 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=14400
expires
Tue, 22 Mar 2022 19:29:11 GMT
date
Tue, 22 Mar 2022 15:29:11 GMT
content-length
355
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
396846.gif
idsync.rlcdn.com/ Frame A59C
Redirect Chain
  • https://idsync.rlcdn.com/420046.gif?partner_uid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f089e44e-2a30-4d9e-974c-6ccac026b0a2
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f089e44e-2a30-4d9e-974c-6ccac026b0a2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:12 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Tue, 22 Mar 2022 15:29:11 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=f089e44e-2a30-4d9e-974c-6ccac026b0a2
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
29859
tags.bluekai.com/site/ Frame A59C 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29859?id=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
173.223.56.123 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a173-223-56-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:11 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&s=2&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=hzHZL_4QNgthsM8mf_bi&gdpr=0&us_privacy=1---
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=hzHZL_4QNgthsM8mf_bi&gdpr=0&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Cache-Control
no-cache
X-TraceId
3ef51aa5e5cd5e14061976e4f31060d5
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:12 GMT
P3p
CP="We do not support P3P header."
Location
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=hzHZL_4QNgthsM8mf_bi&gdpr=0&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
130
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=6141021567606092823&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=6141021567606092823&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Cache-Control
no-cache
X-TraceId
fa2b848c34e9806ca87774d61af9f4ac
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:11 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
51af593d-1cea-43c0-9c3d-456d9429f60d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=6141021567606092823&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=133726&dpuuid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&gdpr=0&gdpr_pd=1&gdpr_consent=
dpm.demdex.net/ Frame A59C 		42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=133726&dpuuid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&gdpr=0&gdpr_pd=1&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-0331a4947.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
sO45x1ATSSw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
set
sync-jp.im-apps.net/imid/ Frame A59C 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.177.242.21 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-177-242-21.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
cache-control
no-cache
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
content-length
43
expires
Tue, 22 Mar 2022 15:29:11 GMT
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=05c5f2ba-e4d6-4fba-8f01-3cff13067e70
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=05c5f2ba-e4d6-4fba-8f01-3cff13067e70
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Cache-Control
no-cache
X-TraceId
90500a9d10eb300dd4f326c99aa5a00e
Content-Length
0

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:11 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=05c5f2ba-e4d6-4fba-8f01-3cff13067e70
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
usermatch.gif
beacon.krxd.net/ Frame A59C 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.26.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-26-132.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
cache-control
private, no-cache, no-store
x-request-time
D=41 t=1647962951
x-served-by
beacon-n022-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
g.pixel
aa.agkn.com/adscores/ Frame A59C 		43 B
658 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-90.ewr50.r.cloudfront.net
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:11 GMT
via
1.1 759533d02225fb7e951ea4dc2b01fd48.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
x-amz-cf-id
QywLcGDwbl23bnIfrh3TolcWJwKgQyK-1h0chbJoICnTHDbOfdlEQQ==
expires
0
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=1d2bf79a-2aa2-4d4b-b6d5-7622945e46de
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=1d2bf79a-2aa2-4d4b-b6d5-7622945e46de
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Cache-Control
no-cache
X-TraceId
51ada753d6e16c16bfcfcb6e1fd777ab
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=mediaforce&uid=1d2bf79a-2aa2-4d4b-b6d5-7622945e46de
Date
Tue, 22 Mar 2022 15:29:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://beacon.lynx.cognitivlabs.com/bidSwitch.gif?bidswitch_ssp_id=outbrain&bsw_custom_parameter=62e8ec88-d2ea-41ea-a477-629331ac8f33
  • https://x.bidswitch.net/sync?dsp_id=425&user_group=1&expires=365&user_id=6bafe6a2-2746-4d2e-ae06-bc0f946be187&ssp=outbrain&bsw_param=62e8ec88-d2ea-41ea-a477-629331ac8f33
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=62e8ec88-d2ea-41ea-a477-629331ac8f33&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=62e8ec88-d2ea-41ea-a477-629331ac8f33&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Cache-Control
no-cache
X-TraceId
0441f6df123aeb28ff88d430bdc0bb7c
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=bidswitch&uid=62e8ec88-d2ea-41ea-a477-629331ac8f33&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Tue, 22 Mar 2022 15:29:12 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame A59C 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB%26uid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:11 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
624350
content-type
image/gif
expires
Tue, 22 Mar 2022 00:00:00 GMT
RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005
sync.targeting.unrulymedia.com/csync/ Frame A59C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESECP2XajRBRyTq35ZHMobyac&google_cver=1
  • https://sync.1rx.io/usersync/bidswitch/62e8ec88-d2ea-41ea-a477-629331ac8f33?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005
43 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
199.127.204.142 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Server
Tengine
Connection
keep-alive
Content-Length
43
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:12 GMT
Server
Tengine
Transfer-Encoding
chunked
Content-Type
text/html
Location
https://sync.targeting.unrulymedia.com/csync/RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Expires
0
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7077946979591780497
0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7077946979591780497
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Cache-Control
no-cache
X-TraceId
031a9f9788b98ddc9358d06bc7e2f081
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7077946979591780497
Date
Tue, 22 Mar 2022 15:29:11 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
ps.eyeota.net/match/bounce/ Frame A59C
Redirect Chain
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
34.231.251.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-231-251-31.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?bid=1mpn7m0&uid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Date
Tue, 22 Mar 2022 15:29:11 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
id.geistm.com/m/OB/ Frame A59C 		0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.geistm.com/m/OB/dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.222.216.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-222-216-235.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
x-powered-by
Express
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=outbrain
  • https://creativecdn.com/cm-notify?pi=outbrain&tc=1
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=tRXbRqn9LRjMupaJwpN2&pi=outbrain&tc=1
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=tRXbRqn9LRjMupaJwpN2&pi=outbrain&tc=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Cache-Control
no-cache
X-TraceId
83aff0b8b7b0d777fc2ecba59717d3b1
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=tRXbRqn9LRjMupaJwpN2&pi=outbrain&tc=1
pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT, Tue, 22 Mar 2022 15:29:12 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L12ALATH-K-LNSR
0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L12ALATH-K-LNSR
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Cache-Control
no-cache
X-TraceId
07e9494f61863e66699a62ea58453b64
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L12ALATH-K-LNSR
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
Expires
0
cookiesyncredir
bttrack.com/Pixel/ Frame A59C 		35 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/Pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbidtellect%26uid%3D%7Bglobalid%7D%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ServerName
Track003-iad
Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:11 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
tpid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame A59C 		49 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.157.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-157-37.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.32.74
content-type
image/gif
content-length
49
expires
0
/
loadus.exelator.com/load/ Frame A59C
Redirect Chain
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&xl8blockcheck=1
  • https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-197-56.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Tue, 22 Mar 2022 15:29:12 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadus.exelator.com/load/?p=204&g=750&j=0&buid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlw...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1Dd...
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
0
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Cache-Control
no-cache
X-TraceId
b660a86a6565ca40cd6c91a95c28e212
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:12 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
348
Expires
Tue, 22 Mar 2022 15:29:12 GMT
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8h...
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8h...
  • https://sync.outbrain.com/cookie-sync?p=spotx&uid=d3ea2f41-a9f4-11ec-8f7c-13d5c8140103&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=spotx&uid=d3ea2f41-a9f4-11ec-8f7c-13d5c8140103&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Cache-Control
no-cache
X-TraceId
6ad9c85f101f015130f506ed3903f282
Content-Length
0

Redirect headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Server
nginx
Location
https://sync.outbrain.com/cookie-sync?p=spotx&uid=d3ea2f41-a9f4-11ec-8f7c-13d5c8140103&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
82
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RDhENDAzRjktRUE5Qy00RkVDLUJCQkItRkQ4RTM4NzY0NTdD&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEMOU1AZQBDOUQFaxh0E1VLI&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image4.pubmatic.com/AdServer/SPug?p=160065&pmc=1&pr=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dpubmatic%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB%2...
  • https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&uid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&uid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
Cache-Control
no-cache
X-TraceId
4a58b63ce54e8730e6c77a4e92235c9b
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=pubmatic&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&uid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C
date
Tue, 22 Mar 2022 15:29:12 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3Fgs...
  • https://sync.outbrain.com/cookie-sync?p=openx&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&uid=155eb22f-9899-4602-ab5a-be9441061651
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=openx&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&uid=155eb22f-9899-4602-ab5a-be9441061651
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Cache-Control
no-cache
X-TraceId
f8db24142dc6efd9c14c6df0c53d7303
Content-Length
0

Redirect headers

date
Tue, 22 Mar 2022 15:29:12 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.outbrain.com/cookie-sync?p=openx&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&uid=155eb22f-9899-4602-ab5a-be9441061651
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UPd35c2be1-a9f4-11ec-9212-029922c6cb47
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=UPd35c2be1-a9f4-11ec-9212-029922c6cb47
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=oath&uid=UPd35c2be1-a9f4-11ec-9212-029922c6cb47
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Cache-Control
no-cache
X-TraceId
6a9744c3116bd96f824cd23f30a8771b
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=oath&uid=UPd35c2be1-a9f4-11ec-9212-029922c6cb47
date
Tue, 22 Mar 2022 15:29:12 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
getuid
ib.adnxs.com/ Frame A59C
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB%0A
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl...
0
814 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB%0A&b64_redirect=aHR0cHM6Ly9zeW5jLm91dGJyYWluLmNvbS9jb29raWUtc3luYz9wPWVteCZ1aWQ9JEVNWFVJRCZvYlVpZD1kRkc3OVpiWnF1WFR6TTBnb2l0cmRXOGZoaHMwQjBPd3JsMnlZejB1OGhsd1lRMjNWdjFEZEkzRmdzYXdTek9CCg==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:12 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b87eb4b6-786b-44e4-b035-87957ff1e13a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB%0A&b64_redirect=aHR0cHM6Ly9zeW5jLm91dGJyYWluLmNvbS9jb29raWUtc3luYz9wPWVteCZ1aWQ9JEVNWFVJRCZvYlVpZD1kRkc3OVpiWnF1WFR6TTBnb2l0cmRXOGZoaHMwQjBPd3JsMnlZejB1OGhsd1lRMjNWdjFEZEkzRmdzYXdTek9CCg==
date
Tue, 22 Mar 2022 15:29:12 GMT
content-length
0
content-type
text/html
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yY...
  • https://ice.360yield.com/ul_cb/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0O...
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=20f1281e-6524-4d23-b51a-b9052e632b0a&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=20f1281e-6524-4d23-b51a-b9052e632b0a&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Cache-Control
no-cache
X-TraceId
93a216a622069690e8386c9e2940b3d7
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=20f1281e-6524-4d23-b51a-b9052e632b0a&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
date
Tue, 22 Mar 2022 15:29:12 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%24%7BUSER%7D%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ2...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3556592995
  • https://sync.1rx.io/usersync/tradedesk/05c5f2ba-e4d6-4fba-8f01-3cff13067e70
  • https://sync.targeting.unrulymedia.com/csync/RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005?redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3DRX-a83b6604-2e32-49f2-bbad-627050f1...
  • https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005&obUid=$D
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005&obUid=$D
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Cache-Control
no-cache
X-TraceId
c13b245af26934ea469890a1d2d50e6d
Content-Length
0

Redirect headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Server
Tengine
ETag
RXa83b66042e3249f2bbad627050f1e26e005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005&obUid=$D
Connection
keep-alive
Content-Type
text/html
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
  • https://sync.outbrain.com/cookie-sync?p=smaato&uid=7a674393&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
0
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=smaato&uid=7a674393&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Cache-Control
no-cache
X-TraceId
b8a183001f6ff873265a56999b154adb
Content-Length
0

Redirect headers

date
Tue, 22 Mar 2022 15:29:12 GMT
via
1.1 e6fc68fd040718147cda2e3ef6f63636.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=smaato&uid=7a674393&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
EzK7pyOQPPhao9zPU9yarWDyLs2VOE7eOrTUQUpSwd2wm4IeivReHQ==
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DdFG79ZbZquXTzM...
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=8687129380085137690&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=smart&uid=8687129380085137690&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Cache-Control
no-cache
X-TraceId
c5321e86b2ab07d599c83f37489c5db8
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=smart&uid=8687129380085137690&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
date
Tue, 22 Mar 2022 15:29:12 GMT
content-length
0
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&redir=true
  • https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-ZaBW8I9E2uGxsYvIiwH_q9GEHkdeo.Mc3OcTSgY-~A&gdpr=0&gdpr_consent=
0
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-ZaBW8I9E2uGxsYvIiwH_q9GEHkdeo.Mc3OcTSgY-~A&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Cache-Control
no-cache
X-TraceId
b5dded8eea458a9048a31cc6bfb88b98
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-ZaBW8I9E2uGxsYvIiwH_q9GEHkdeo.Mc3OcTSgY-~A&gdpr=0&gdpr_consent=
date
Tue, 22 Mar 2022 15:29:12 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
c.gif
c.bing.com/ Frame A59C 		42 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?red3=MSOB_pd&uid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
etag
"8120eaf0ff3ad81:0"
last-modified
Fri, 18 Mar 2022 19:39:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: A9D58E796ED34B5AA875C86D125B43C2 Ref B: NYCEDGE1621 Ref C: 2022-03-22T15:29:12Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ...
  • https://sync.outbrain.com/cookie-sync?p=synacor&uid=FCBFFBF89C1640D1A81A2F6FB803C46C&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=synacor&uid=FCBFFBF89C1640D1A81A2F6FB803C46C&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Cache-Control
no-cache
X-TraceId
4d2cab10da47eb58f9d127723b09944d
Content-Length
0

Redirect headers

date
Tue, 22 Mar 2022 15:29:13 GMT
via
1.1 varnish
server
nginx
age
0
location
https://sync.outbrain.com/cookie-sync?p=synacor&uid=FCBFFBF89C1640D1A81A2F6FB803C46C&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://widgets.outbrain.com/
access-control-allow-credentials
true
x-varnish
38946151
content-length
0
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB%26uid%3D%7BUSER_I...
  • https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&uid=d676d484-7f55-4590-a5b6-0b58669cc390
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&uid=d676d484-7f55-4590-a5b6-0b58669cc390
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Cache-Control
no-cache
X-TraceId
019b815fa984b105dd6729647fc10e5e
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB&uid=d676d484-7f55-4590-a5b6-0b58669cc390
date
Tue, 22 Mar 2022 15:29:13 GMT
content-length
200
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/html; charset=utf-8
sync-iframe
cs-server-s2s.yellowblue.io/ Frame A59C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Drise%26uid%3D%5BpartnerId%5D%26obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.240.60 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-240-60.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
cookie-sync
sync.outbrain.com/ Frame A59C
Redirect Chain
  • https://id.rlcdn.com/711945.gif?cparams=obUid%3DdFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
64.202.112.63 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Cache-Control
no-cache
X-TraceId
8ccd60fbbb65dcbd419563ef01ea22cb
Content-Length
0

Redirect headers

date
Tue, 22 Mar 2022 15:29:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame 4AA5 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x480|480x70&iu=/3379/conde.ars/player/information-technology/article&ciu_szs=300x60&gdfp_req=1&env=vp&output=vmap&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.9%26ctx_page_slug%3Dbehold-a-password-phishing-site-that-can-trick-even-savvy-users%26cnt_tags%3Dbrowser-in-the-browser%252Coauth%252Cphishing%252Cscams%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D13%26usr_bkt_pv%3D1%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D121100%252C131100%252C131135%252C300003%252C210000%252C240000%252C240002%252C240003%252C240004%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240017%252C240015%252C240016%252C240018%252C240019%252Cqx7745%252Cmiovit%252Cap05we%252C65f9pd%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_sid%3Dc6e234da-e66f-4616-8ecf-67f29b24d5cb%26vnd_4d_pid%3Deae3ccff-0843-45ac-8cff-0eff3278f998%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3Dd5efd6f4-e37c-4e37-a0e7-a5c483b8ba35%26ctx_line_items%3D%26height%3D329%26muted%3D0%26right_rail%3D0%26sensitive%3D0%26series%3D5c82bcebbcdfff6f132fc5e6%26width%3D584%26feature_flags%3Dclick-to-play&correlator=2555186838940338&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&vid=60abade4dc31e5375248cba6&cmsid=1495&ppid=d5efd6f4e37c4e37a0e7a5c483b8ba35
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
a370f09d7f12e15f17829c3f4468d7ff1d1f82cffc33fbf41db75969c190adf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1364
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 8853 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/293baa5d/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Mar 2022 15:29:11 GMT
adsct
analytics.twitter.com/i/ 		31 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1o49&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=45310e7b-e85d-4f34-86f8-d876a2f7ee30&tw_document_href=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
7
date
Tue, 22 Mar 2022 15:29:11 GMT
content-encoding
gzip
server
tsa_b
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
3e79950d5857994817a5f23952d49f6712e1c333ba753a37f9556c7c18d3c2a1
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1o49&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=45310e7b-e85d-4f34-86f8-d876a2f7ee30&tw_document_href=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
7
date
Tue, 22 Mar 2022 15:29:11 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
c6d69c1d5db9f3b40b755319aa52f7b25a271886d20fdcffa78817c6014a2594
content-length
43
1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768.m3u8
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame 4AA5 		11 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768.m3u8?requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-33.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fb846048afd0ee79141b669572402fc0a024d937c00977e124405d11cd319fe

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 09:28:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding,Origin
Age
21639
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Mon, 24 May 2021 13:54:58 GMT
Server
AmazonS3
ETag
W/"cc4f278863bddb064b3e70268d5f02f8"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Via
1.1 b35f01abdb74e50c7c770d66cb11b73a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR53-C3
X-Amz-Cf-Id
JJS8DyTBnlygy42Yve7tQdEemK89GHa09BHLavucULruVTfwaHPIVA==
generate_204
www.youtube.com/ Frame 8853 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?98WiOA
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame 3568 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1632543.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-115.ewr50.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

content-type
text/html
content-length
1044
date
Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 b6217766ccd41d69658fea04297b7c24.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
iod08ogYz-bs5yQuJVp_lXoo78LXbQm9SEeI-ShRW6aA-4KsR56tXA==
age
3998225
25e750c3-464d-466e-bc5a-1c075c7bc2b7
https://arstechnica.com/ Frame FD8D 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://arstechnica.com/25e750c3-464d-466e-bc5a-1c075c7bc2b7
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
Tweet.html
platform.twitter.com/embed/ Frame 80E6 		487 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D32) /
Resource Hash
536886986ff7dd4a2cc4ceee9e5a286cd4fa8346573a8b7564cc1293ba5ba43e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Age
754
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Mar 2022 15:29:11 GMT
Etag
"1ff2961abd5b04cc5e0b8c3636b3c629"
Last-Modified
Tue, 15 Mar 2022 22:32:58 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D32)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
Tweet.html
platform.twitter.com/embed/ Frame 812C 		487 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1C) /
Resource Hash
536886986ff7dd4a2cc4ceee9e5a286cd4fa8346573a8b7564cc1293ba5ba43e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
256
Cache-Control
public, max-age=1800
Content-Type
text/html; charset=utf-8
Date
Tue, 22 Mar 2022 15:29:11 GMT
Etag
"1ff2961abd5b04cc5e0b8c3636b3c629"
Last-Modified
Tue, 15 Mar 2022 22:32:58 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nyb/1D1C)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
487
jot
syndication.twitter.com/i/ 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22experiment_key%22%3A%22tfw_skeleton_loading_13398%22%2C%22bucket%22%3A%22cta%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%22item_ids%22%3A%5B%221505034619078459394%22%5D%2C%22item_details%22%3A%7B%221505034619078459394%22%3A%7B%22item_type%22%3A0%7D%7D%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647962951913%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_skeleton_loading_13398%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=7e3baa24cf9b9970a323e301bc772a4d6eee8c05
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
12
pragma
no-cache
last-modified
Tue, 22 Mar 2022 15:29:11 GMT
server
tsa_b
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
d6fd66f1a492b8b0328d7fe808a6d4e088acfe8e9b6a25704dd601562f018c63
x-transaction
57fc8ba7e4b7a025
expires
Tue, 31 Mar 1981 05:00:00 GMT
jot
syndication.twitter.com/i/ 		43 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22experiment_key%22%3A%22tfw_skeleton_loading_13398%22%2C%22bucket%22%3A%22cta%22%2C%22version%22%3Anull%2C%22data%22%3A%7B%22item_ids%22%3A%5B%221504802056372166694%22%5D%2C%22item_details%22%3A%7B%221504802056372166694%22%3A%7B%22item_type%22%3A0%7D%7D%7D%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647962951914%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22format_version%22%3A1%2C%22widget_origin%22%3A%22%22%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22ddg%22%2C%22section%22%3A%22tfw_skeleton_loading_13398%22%2C%22action%22%3A%22experiment%22%7D%7D&session_id=7e3baa24cf9b9970a323e301bc772a4d6eee8c05
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
12
pragma
no-cache
last-modified
Tue, 22 Mar 2022 15:29:11 GMT
server
tsa_b
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
d6fd66f1a492b8b0328d7fe808a6d4e088acfe8e9b6a25704dd601562f018c63
x-transaction
9661c376bc57b156
expires
Tue, 31 Mar 1981 05:00:00 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&app=playerservice&cCh=videos%2Fshow&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&uId=793acb54-8a60-48cc-91e9-0be61845aed6&xid=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&_ts=2022-03-22T15%3A29%3A11.949Z&_c=error&_t=PrebidError&dim1=%7B%22errorData%22%3A%7B%22body%22%3A%5B%5D%7D%7D&dim3=Empty
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:12 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
sf-ui-display-medium-webfont.woff2
d2c8v52ll5s99u.cloudfront.net/assets/fonts/ Frame FD8D 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-23abc7943337ba1e9747.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-144.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

Referer
https://d2c8v52ll5s99u.cloudfront.net/player/player-style-23abc7943337ba1e9747.css
Origin
https://arstechnica.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
ETag
"7d18db04f980971f2a9c5026bbc34bed"
X-Amz-Cf-Pop
EWR53-C3
X-Cache
RefreshHit from cloudfront
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
29632
Access-Control-Allow-Origin
*
Last-Modified
Mon, 26 Jun 2017 15:24:42 GMT
Server
AmazonS3
Date
Tue, 22 Mar 2022 15:29:13 GMT
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff2
Via
1.1 0a41fb8a1e6869f7cc14f05241a462fa.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
Accept-Ranges
bytes
X-Amz-Cf-Id
4i1qF3DVaUzYrNCJjoChTRP2oia9w4nkp7vkkzj0omAhFftQexNz-Q==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
bridge3.506.0_en.html
imasdk.googleapis.com/js/core/ Frame C6DF 		591 KB
192 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.506.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
974feb3b255709419aa9d75228aee116a3a57e4fec91ee42cdceea855b198530
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
196692
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 18 Mar 2022 20:06:08 GMT
expires
Sat, 18 Mar 2023 20:06:08 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 18 Mar 2022 19:52:03 GMT
content-type
text/html
age
328984
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame FD8D 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 15:29:12 GMT
fbevents.js
connect.facebook.net/en_US/ Frame FD8D 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26320
x-xss-protection
0
pragma
public
x-fb-debug
9PSkT0RxocNJe1c40/TF/NSqTW0rLJhRY7s49CgGgHoD9NwbxG6ckhwSHhiYSmLrvEdc8fyJTRbwCViXGhMd5g==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Tue, 22 Mar 2022 15:29:12 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
comscore-min.js
d2c8v52ll5s99u.cloudfront.net/player/ Frame FD8D 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/comscore-min.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.144 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-144.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 24 May 2017 18:19:15 GMT
Server
AmazonS3
Age
262
ETag
W/"054acb6fbd2b2a6c1ac561705bffb0cc"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 345e58b151dd5a8ce47c17921388574a.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Tue, 22 Mar 2022 15:24:51 GMT
X-Amz-Cf-Pop
EWR53-C3
X-Amz-Cf-Id
isHZtItlLAW72DTs4HI-b-ZBHGE5AyQHL02brXed0fNTG-nmu-1NzQ==
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame FD8D 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b35f01abdb74e50c7c770d66cb11b73a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
215
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:25:42 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-11T12:51:58.288Z;desc=hit,rtt;dur=1
Content-Length
51500
Last-Modified
Tue, 25 May 2021 15:04:45 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"1631177d1131925333a3b2b652f3d8b2"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
aGlBCutEMhnZntxD8k8ii80H1PdUvfQZOefJBjOCZ6EmdJHrINYLVA==
track
capture.condenastdigital.com/ Frame FD8D 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-22T15%3A29%3A11.952Z&_c=&_t=Player%20Requested&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:12 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ Frame FD8D 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-22T15%3A29%3A12.007Z&_c=initial&_t=gptData&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&dim1=%7B%22adBlocked%22%3Afalse%2C%22adUnits%22%3A%5B%223379%2Fconde.ars%2Finterstitial%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fhero%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F2%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F3%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F2%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F3%22%5D%2C%22embedLocation%22%3A%22arstechnica%22%2C%22error%22%3A%22%22%2C%22lineItems%22%3A%5B%5D%2C%22publicaEnabled%22%3Afalse%2C%22videoId%22%3A%2260abade4dc31e5375248cba6%22%7D
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:12 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
moatvideo.js
z.moatads.com/condenastjsvideocontent160527792519/ Frame 4AA5 		316 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastjsvideocontent160527792519/moatvideo.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fea322f456810170b635d0be50c4878688dfa63285f79768823c69a85626942c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 17:16:16 GMT
server
AmazonS3
x-amz-request-id
AZVTTDBMCYPTZJFE
etag
"62ba604f35a0eb0685da0cb2aa2a6336"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=50458
accept-ranges
bytes
content-length
107935
x-amz-id-2
osQTk3cn0NwY/hlFIzkjwS6JbynrFxTcJj7me95RJWJ9jyhYfGzPekWq2ATkVrnSGPOzr4YB+UM=
track
capture.condenastdigital.com/ Frame 4AA5 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-22T15%3A29%3A12.117Z&_c=Video%20Ad&_t=Ad%20Call%20Made&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&cId=60abade4dc31e5375248cba6&cKe=Unsolved%20Mysteries%2CArs%20Technica%20Unsolved%20Mysteries%2CQuantum%20Leap%2CUnsolved%20Mysteries%20Quantum%20Leap%2CQuantum%20leap%20show%2Cquantum%20leap%20ending%2Cquantum%20leap%20bakula%2CDonald%20P%20Bellisario%2CQuantum%20Leap%20Finale%2CQuantum%20Leap%20JFK%2CQuantum%20Leap%20Lee%20Harvey%20Oswald%2CQuantum%20Leap%20interview%2CScott%20Bakula%2CDean%20Stockwell%2CQuantum%20Leap%20Ziggy%2CQuantum%20Leap%20Al%2CQuantum%20Leap%20NBC%2CNBC%20Quantum%20Leap%2CQuantum%20Leap%20Episodes%2Cquantum%20leap%20intro%2Cquantum%20leap%20ars%20technica%2Cars%20technica%20quantum%20leap&cPd=2021-05-25T15%3A00%3A00%2B00%3A00&cTi=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario&cTy=%2F3379%2Fconde.ars%2Fplayer%2Finformation-technology%2Farticle&mDu=854&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&pWw=584&pWh=328.5&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&uId=793acb54-8a60-48cc-91e9-0be61845aed6&xid=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%222be6198%22%2C%22guid%22%3A%22161c8159-f92-eee0-692e-62f3fe9b2e32%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22manual%22%2C%22playerDepth%22%3A8356.953125%2C%22playerType%22%3A%22video-continuous%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3Anull%2C%22recStrategy%22%3Anull%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22OUT_OF_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:12 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
container.html
3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FB9B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Mar 2022 15:29:10 GMT
expires
Wed, 22 Mar 2023 15:29:10 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-22T15%3A29%3A12.139Z&_t=renderEnded&cBr=Ars%20Technica&cKe=browser%20in%20the%20browser%7COAuth%7Cphishing%7Cscams&cCh=information%20technology&cTi=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=1325&cId=1842550&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pWw=1600&pWh=1200&pPw=1600&pPh=9900&pSw=1600&pSh=1200&uID=793acb54-8a60-48cc-91e9-0be61845aed6&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&uDt=desktop&dim1=%7B%22channel%22%3A%22information-technology%22%2C%22platform%22%3A%22wordpress%22%2C%22template%22%3A%22article%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Afalse%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22rail%22%2C%22size%22%3A%22300x600%22%7D&_o=ars-technica&_c=ad_metrics&xID=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&environment=prod&origin=ars-technica
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:12 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CONDENAST_PREBID_HEADER1&hp=1&zMoatAdUnit1=conde.ars&zMoatAdUnit2=rail&zMoatAdUnit3=information-technology&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1647962949354&de=584683710897&rx=134794783198&m=0&ar=359f21c1e97-clean&iw=8105762&q=1&cb=0&cu=1647962949354&ll=2&lm=0&ln=0&em=0&en=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&bo=conde.ars&bd=1&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=condenastprebidheader987326845656&fd=1&ac=1&it=500&pe=1%3A468%3A468%3A0%3A712&fs=197273&na=2076400883&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:12 GMT
p-Jjy-Cyr1NZGRz.gif
pixel.quantserve.com/pixel/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Jjy-Cyr1NZGRz.gif?labels=_campaign.media.Advertiser%20ID.4660981638.Campaign%20ID.2443012271.Line%20Item%20ID.programmatic
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:1d2b:ecd5:fcc0:2c58 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 885B 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:59:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1777
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 22 Mar 2022 15:59:35 GMT
1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame FD8D 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-33.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://arstechnica.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 22 Mar 2022 11:37:44 GMT
Via
1.1 97838e4a7e48c5b1ece191e6f727eb80.cloudfront.net (CloudFront)
Last-Modified
Mon, 24 May 2021 13:51:20 GMT
Server
AmazonS3
Age
20634
ETag
"580642a938142bddde48207109f78d2b"
X-Cache
Hit from cloudfront
Content-Type
video/mp4
Content-Range
bytes 0-2480938/2480939
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Content-Length
2480939
X-Amz-Cf-Id
S1O4TTct1Ww0GrrJDamLxtLSpI_jEnt4wWJiY8_41d-dLsz8W0qcDw==
1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame FD8D 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-33.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://arstechnica.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 22 Mar 2022 11:03:24 GMT
Via
1.1 366ff516a3e74c5fb4d4d2286497d924.cloudfront.net (CloudFront)
Last-Modified
Mon, 24 May 2021 13:51:20 GMT
Server
AmazonS3
Age
20634
ETag
"580642a938142bddde48207109f78d2b"
X-Cache
Hit from cloudfront
Content-Type
video/mp4
Content-Range
bytes 0-2480938/2480939
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Content-Length
2480939
X-Amz-Cf-Id
PpzNnmbJYTftlJq6m0FnlqtBuCsK15qvj3JFZSuFIrv4akPHV1TzjA==
track
capture.condenastdigital.com/ Frame FD8D 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-22T15%3A29%3A12.263Z&_c=Player%20Event&_t=Player%20Loaded&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&cId=60abade4dc31e5375248cba6&cKe=Unsolved%20Mysteries%2CArs%20Technica%20Unsolved%20Mysteries%2CQuantum%20Leap%2CUnsolved%20Mysteries%20Quantum%20Leap%2CQuantum%20leap%20show%2Cquantum%20leap%20ending%2Cquantum%20leap%20bakula%2CDonald%20P%20Bellisario%2CQuantum%20Leap%20Finale%2CQuantum%20Leap%20JFK%2CQuantum%20Leap%20Lee%20Harvey%20Oswald%2CQuantum%20Leap%20interview%2CScott%20Bakula%2CDean%20Stockwell%2CQuantum%20Leap%20Ziggy%2CQuantum%20Leap%20Al%2CQuantum%20Leap%20NBC%2CNBC%20Quantum%20Leap%2CQuantum%20Leap%20Episodes%2Cquantum%20leap%20intro%2Cquantum%20leap%20ars%20technica%2Cars%20technica%20quantum%20leap&cPd=2021-05-25T15%3A00%3A00%2B00%3A00&cTi=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario&mDu=854&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&pWw=276&pWh=155.25&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&uId=793acb54-8a60-48cc-91e9-0be61845aed6&xid=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%222be6198%22%2C%22guid%22%3A%22bed541c0-6921-c9ef-4b7a-e241b75a79db%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_b0ed5a6f-d8a5-4f14-a6b5-421a821e65c7_text2vec1_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3Anull%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:12 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
1c5e052d-9221-44ad-9785-4ca784ceb60dmanifest-ios.m3u8
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame FD8D 		918 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dmanifest-ios.m3u8?videoIndex=0&requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-33.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
005f315d6f7cf50f04161a51e17287b5040b513267560b083a3cf39d0b892ba8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 10:07:31 GMT
Via
1.1 b35f01abdb74e50c7c770d66cb11b73a.cloudfront.net (CloudFront)
Vary
Origin
Age
19302
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
918
Last-Modified
Mon, 24 May 2021 13:49:14 GMT
Server
AmazonS3
ETag
"4300fd3b9bba40f219ea54c572764fe0"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
wMguTsa5AHDmAxvR-dEykFw_Y2G0G_em2EVtLC8wVAY-rf0SPeMFpA==
track
capture.condenastdigital.com/ Frame FD8D 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-22T15%3A29%3A12.282Z&_c=Player%20Event&_t=Player%20In%20Viewport&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&cId=60abade4dc31e5375248cba6&cKe=Unsolved%20Mysteries%2CArs%20Technica%20Unsolved%20Mysteries%2CQuantum%20Leap%2CUnsolved%20Mysteries%20Quantum%20Leap%2CQuantum%20leap%20show%2Cquantum%20leap%20ending%2Cquantum%20leap%20bakula%2CDonald%20P%20Bellisario%2CQuantum%20Leap%20Finale%2CQuantum%20Leap%20JFK%2CQuantum%20Leap%20Lee%20Harvey%20Oswald%2CQuantum%20Leap%20interview%2CScott%20Bakula%2CDean%20Stockwell%2CQuantum%20Leap%20Ziggy%2CQuantum%20Leap%20Al%2CQuantum%20Leap%20NBC%2CNBC%20Quantum%20Leap%2CQuantum%20Leap%20Episodes%2Cquantum%20leap%20intro%2Cquantum%20leap%20ars%20technica%2Cars%20technica%20quantum%20leap&cPd=2021-05-25T15%3A00%3A00%2B00%3A00&cTi=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario&mDu=854&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&pWw=276&pWh=155.25&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&uId=793acb54-8a60-48cc-91e9-0be61845aed6&xid=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%222be6198%22%2C%22guid%22%3A%22bed541c0-6921-c9ef-4b7a-e241b75a79db%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_b0ed5a6f-d8a5-4f14-a6b5-421a821e65c7_text2vec1_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:12 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 92D6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupI8pIPYtWdTqRH_0R3_WBhtlhZP5q7vNx-k003rV5PxrE7p32NfB4mZlRaSorBsv6rGoBijMgrQex8ZMslZ0FXc-gXNvG9TpA5edw2OBmhFPXRYDkm3WlBvZgZsIX9m9xJHApEspcpxnwiGC4od2we078fIMwR03oSe-QeEuYm5YMzkXksIa_cb3FlFX98mpfwV96A6lpmsE8km4KEbHxUv4YVT1IAezKoAuPWB4NcZr2bSN40L9mHEvOslRDXdN3km-GaPkuT-Gjpi45H15tJkCEBEw3EPh9L4CCZMn4wEsD2V7YiZAk-dYplQga6HsoTdj1aRBCdzL9SUHSxhrfZSNEgnqD_r4&sig=Cg0ArKJSzNkWscwIzLEjEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:12 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
radical.r7.min.js
publish.responsiveads.com/libs/ Frame 92D6 		255 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/libs/radical.r7.min.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.57.131.216 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-131-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5a71e07d75755fbb9620b855e8a012d96d7c347affd20be53351b7479c91ceee

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
X72PNXBJ89263YFQ
Connection
keep-alive
Content-Length
74518
x-amz-id-2
lB86JMNY5sCUDlvBXFrhRPOzvm7r3bpmCQeFfKwTEsCuAyIDIpuQLlLWwgGQaduWL8dkfSrc9rg=
Last-Modified
Fri, 18 Mar 2022 15:54:40 GMT
Server
AmazonS3
ETag
"5181d80892bfe8d5ef7ce7ff70a84071"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 92D6 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f74c04529f8d5f9c248eda87caec654de5e5c61dd40e9ac4696b026d2841b131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36708
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647862282720048"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Mar 2022 15:29:12 GMT
moatad.js
z.moatads.com/condenastdfp9588492144/ Frame 92D6 		329 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastdfp9588492144/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e312bc18779e0d9c6626ee0bdb426676ebb2835346604c114191b3ffe4251527

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 17:16:15 GMT
server
AmazonS3
x-amz-request-id
TWNS1RR39QYXDQBP
etag
"f0806f26c367a53146efd2e6b7b36d5f"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=53299
accept-ranges
bytes
content-length
112460
x-amz-id-2
ZKFWF5lzkz9et3x2YGBSs7X4nY/A4uH14DvUi2qABLv99mf0wy0M1HdqhXU14+ywpfthmxrzXYw=
B27040065.324545478;dc_pre=CI7Rl7OE2vYCFVZYDQodnrgFPw;dc_trk_aid=516629072;dc_trk_cid=163818605;ord=885225794;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
ad.doubleclick.net/ddm/trackimp/N223801.2573CONDNASTDIGITALWIRED/ Frame 92D6
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N223801.2573CONDNASTDIGITALWIRED/B27040065.324545478;dc_trk_aid=516629072;dc_trk_cid=163818605;ord=885225794;dc_lat=;dc_rdid=;tag_for_child_directed_treatmen...
  • https://ad.doubleclick.net/ddm/trackimp/N223801.2573CONDNASTDIGITALWIRED/B27040065.324545478;dc_pre=CI7Rl7OE2vYCFVZYDQodnrgFPw;dc_trk_aid=516629072;dc_trk_cid=163818605;ord=885225794;dc_lat=;dc_rdi...
42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/trackimp/N223801.2573CONDNASTDIGITALWIRED/B27040065.324545478;dc_pre=CI7Rl7OE2vYCFVZYDQodnrgFPw;dc_trk_aid=516629072;dc_trk_cid=163818605;ord=885225794;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Server
142.250.176.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f6.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
location
https://ad.doubleclick.net/ddm/trackimp/N223801.2573CONDNASTDIGITALWIRED/B27040065.324545478;dc_pre=CI7Rl7OE2vYCFVZYDQodnrgFPw;dc_trk_aid=516629072;dc_trk_cid=163818605;ord=885225794;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
follow-only-when-prerender-shown
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-22T15%3A29%3A12.308Z&_t=renderEnded&cBr=Ars%20Technica&cKe=browser%20in%20the%20browser%7COAuth%7Cphishing%7Cscams&cCh=information%20technology&cTi=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=1325&cId=1842550&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pWw=1600&pWh=1200&pPw=1600&pPh=9900&pSw=1600&pSh=1200&uID=793acb54-8a60-48cc-91e9-0be61845aed6&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&uDt=desktop&dim1=%7B%22channel%22%3A%22information-technology%22%2C%22platform%22%3A%22wordpress%22%2C%22template%22%3A%22article%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Afalse%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22hero%22%2C%22size%22%3A%229x1%22%7D&_o=ars-technica&_c=ad_metrics&xID=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&environment=prod&origin=ars-technica
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:12 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
p-Jjy-Cyr1NZGRz.gif
pixel.quantserve.com/pixel/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Jjy-Cyr1NZGRz.gif?labels=_campaign.media.Advertiser%20ID.4478484671.Campaign%20ID.2973410855.Line%20Item%20ID.5945896294
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:1d2b:ecd5:fcc0:2c58 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-31997-1&cid=1679509180.1647962950&jid=1097349487&_u=aChAgUAjAAQCAE~&z=523708557
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-P1P55J3LNW&gtm=2oe3e0&_p=593358754&sr=1600x1200&_gaz=1&ul=en-us&cid=1679509180.1647962950&_s=1&dl=%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&dr=%2F&dt=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users%20%7C%20Ars%20Technica&sid=1647962951&sct=1&seg=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P1P55J3LNW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:806::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P1P55J3LNW&cid=1679509180.1647962950&gtm=2oe3e0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P1P55J3LNW&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::9c Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
567 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1IQID9FKFK1PHD4UBH0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.33.238.120 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-33-238-120.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
2022032215291201011300603724497D3B
x-cache
TCP_MISS from a23-33-238-116.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3.1-40349883) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
16,23.33.238.116
x-tt-trace-host
01fb071011a8ae45895a951b39c344d012ba6ba3e7b1ca7bf10eab9d82e4b670be00d9283030630d20c286a60c0e57dba80cd55dd8ca303eb5ce06f0b33fc01c29aaebf72eae4ebaca97d5dcf80a0e2a05d50000abb285bb9bba6386d1a451bf5b
server-timing
inner; dur=7, cdn-cache; desc=MISS, edge; dur=1, origin; dur=16
x-akamai-request-id
173b8016
content-length
0
expires
Tue, 22 Mar 2022 15:29:12 GMT
1663130473914833
connect.facebook.net/signals/config/ Frame 4AA5 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1663130473914833?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a8a53f78dbd870a2f47fbf1a89b8d1b947758d4e7f9509743a1dc42f53de6e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89614
x-xss-protection
0
pragma
public
x-fb-debug
7TWrhzTjRj7dXr81P4/keFRzQGRXKsXszGlWsGU8BcWNAjUfXZh8H1erqPbnEv90ObI+SEAM3/IKb3TPGBi03A==
x-frame-options
DENY
date
Tue, 22 Mar 2022 15:29:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pr
s.amazon-adsystem.com/v3/ Frame 893B 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
37dd3f81d56e973482fac4b1177139f49e37a905906ff44d768baaf536d021ea
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t

Response headers

Server
Server
Date
Tue, 22 Mar 2022 15:29:12 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
1886
Connection
keep-alive
x-amz-rid
MT35B8CF1TN2Z1RR7BAK
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
embed.runtime.6b5d3661e7231f9606f3.js
platform.twitter.com/embed/ Frame 80E6 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D08) /
Resource Hash
565b9076d7629a85fcd1ea6c5c0b2af1bf01c93777f0d6ef0c11fbacaa8e79b6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Content-Encoding
gzip
Age
4512
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
4452
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D08)
Etag
"4fd3e986c160013643e8bc617c599e49+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.modules.aef85bf61d706d7edafa.js
platform.twitter.com/embed/ Frame 80E6 		515 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.aef85bf61d706d7edafa.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D21) /
Resource Hash
655564f3a2be989067e2cb2c6bc9995a55ae13ec9cc0d0c3dc128961faad15e9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Content-Encoding
gzip
Age
579219
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
171389
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D21)
Etag
"b2faf8accdee57f7929c5b7623e6e7a3+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.i18n.293ca00a272b34d032a9.js
platform.twitter.com/embed/ Frame 80E6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.293ca00a272b34d032a9.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D2A) /
Resource Hash
f6b352979b0153deb67020a332f179fb99a0822040de5e019af272c2920192b1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Content-Encoding
gzip
Age
579219
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
792
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D2A)
Etag
"22e04932e731bc174868c60c46980c73+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.Tweet.c31baac24debe5533d7c.js
platform.twitter.com/embed/ Frame 80E6 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.c31baac24debe5533d7c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D25) /
Resource Hash
285489efae847a15226d6c6e35a17a7ea953985b6cdd7803c6b8fba0c20ee7d2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Content-Encoding
gzip
Age
579219
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
5529
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D25)
Etag
"b96eda3c68570721e8ffec6945c4166c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.runtime.6b5d3661e7231f9606f3.js
platform.twitter.com/embed/ Frame 812C 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D08) /
Resource Hash
565b9076d7629a85fcd1ea6c5c0b2af1bf01c93777f0d6ef0c11fbacaa8e79b6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Content-Encoding
gzip
Age
4512
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
4452
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D08)
Etag
"4fd3e986c160013643e8bc617c599e49+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.modules.aef85bf61d706d7edafa.js
platform.twitter.com/embed/ Frame 812C 		515 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.modules.aef85bf61d706d7edafa.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D21) /
Resource Hash
655564f3a2be989067e2cb2c6bc9995a55ae13ec9cc0d0c3dc128961faad15e9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Content-Encoding
gzip
Age
579219
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=3
Content-Length
171389
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D21)
Etag
"b2faf8accdee57f7929c5b7623e6e7a3+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.i18n.293ca00a272b34d032a9.js
platform.twitter.com/embed/ Frame 812C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.i18n.293ca00a272b34d032a9.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D2A) /
Resource Hash
f6b352979b0153deb67020a332f179fb99a0822040de5e019af272c2920192b1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Content-Encoding
gzip
Age
579219
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
792
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D2A)
Etag
"22e04932e731bc174868c60c46980c73+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.Tweet.c31baac24debe5533d7c.js
platform.twitter.com/embed/ Frame 812C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.c31baac24debe5533d7c.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D25) /
Resource Hash
285489efae847a15226d6c6e35a17a7ea953985b6cdd7803c6b8fba0c20ee7d2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Content-Encoding
gzip
Age
579219
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
5529
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D25)
Etag
"b96eda3c68570721e8ffec6945c4166c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
d36cb50f-59ee-4075-aea4-7c33f8e47af8
https://arstechnica.com/ Frame FD8D 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://arstechnica.com/d36cb50f-59ee-4075-aea4-7c33f8e47af8
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
173d7c7e266672df75c4e048a934c55ee24d9a9028a87fd2957e74d1bd6a8d08

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
5409
Content-Type
application/javascript
integrator.js
adservice.google.com/adsid/ Frame 4AA5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
cast_sender.js
www.gstatic.com/eureka/clank/99/ Frame 8853 		53 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/99/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c31dcc878ab2e52cea5f38b4c3f1d1cfec4dbae070da4e460b336b3705bc423
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:21:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4045
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15479
x-xss-protection
0
last-modified
Mon, 10 Jan 2022 16:05:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Wed, 23 Mar 2022 14:21:47 GMT
pixel;r=1577785718;labels=Culture.Ars%20Technica.information%20technology.;source=gtm;rf=0;a=p-Jjy-Cyr1NZGRz;url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-passwo...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1577785718;labels=Culture.Ars%20Technica.information%20technology.;source=gtm;rf=0;a=p-Jjy-Cyr1NZGRz;url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F;uht=2;fpan=1;fpa=P0-719736422-1647962952508;pbc=76e3a471-4ef0-4409-92e3-24d19d9ae287;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;us_privacy=1---;ref=;d=arstechnica.com;je=0;sr=1600x1200x24;dst=0;et=1647962952508;tzo=0;ogl=site_name.Ars%20Technica%2Curl.https%3A%2F%2Farstechnica%252Ecom%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishin%2Ctitle.Behold%252C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users%2Cimage.https%3A%2F%2Fcdn%252Earstechnica%252Enet%2Fwp-content%2Fuploads%2F2022%2F03%2Fphishing-760x380%252Ejpeg%2Cdescription.Just%20when%20you%20thought%20you'd%20seen%20every%20phishing%20trick%20out%20there%252C%20BitB%20comes%20alon%2Ctype.article
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:1d2b:ecd5:fcc0:2c58 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=228464857488266&ev=PageView&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&rl=&if=false&ts=1647962952552&cd[SiteSection]=information%20technology&cd[PageTags]=browser%20in%20the%20browser%7COAuth%7Cphishing%7Cscams&cd[Brand]=Pitchfork&sw=1600&sh=1200&v=2.9.57&r=stable&ec=0&o=30&fbp=fb.1.1647962952547.812677402&it=1647962951383&coo=false&dpo=&rqm=GET
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 22 Mar 2022 15:29:12 GMT
getpixels
pixels.ad.gt/api/v1/ 		0
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=a30b532ad25d4ac226e27bda64e76dee&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.245.137.190 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-245-137-190.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 22 Mar 2022 15:29:12 GMT
server
nginx/1.18.0
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:56:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1974
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 22 Mar 2022 15:56:18 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:11:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
1034
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 22 Mar 2022 16:11:58 GMT
conde_nast_xid
ids.ad.gt/api/v1/put/ 		43 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/put/conde_nast_xid?conde_nast_xid=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.205.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-205-19.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Wed, 23 Mar 2022 03:29:12 GMT
1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768-00001.ts
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame 4AA5 		821 KB
822 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768-00001.ts?requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-33.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e944e6d1b0904bc0c1298fe828ec727bc6a9b46f0b4799e197a1a2acc46fb685

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 14:24:37 GMT
Via
1.1 b35f01abdb74e50c7c770d66cb11b73a.cloudfront.net (CloudFront)
Vary
Origin
Age
3876
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
841112
Last-Modified
Mon, 24 May 2021 13:54:44 GMT
Server
AmazonS3
ETag
"9c6e79c618e52ccae61fce8e62e8cd50"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
-FKawRVbXNH1AhT5w0xyBYmy-ApTNJzKuXKdpEt_Um_kJ2Nrsui6Wg==
4cb31ae2-1420-47f2-9e0c-50eece0ed9ad
https://arstechnica.com/ Frame 4AA5 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://arstechnica.com/4cb31ae2-1420-47f2-9e0c-50eece0ed9ad
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87b2408523892f375c00a9d521c67f6eb516ecac25c479a7b15705bfab08fcd3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
64606
Content-Type
application/javascript
ads
pubads.g.doubleclick.net/gampad/ Frame FD8D 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x360|480x70&iu=/3379/conde.ars/inline-player/information-technology/article&ciu_szs=300x60&gdfp_req=1&env=vp&output=vmap&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.9%26ctx_page_slug%3Dbehold-a-password-phishing-site-that-can-trick-even-savvy-users%26cnt_tags%3Dbrowser-in-the-browser%252Coauth%252Cphishing%252Cscams%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D13%26usr_bkt_pv%3D1%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D121100%252C131100%252C131135%252C300003%252C210000%252C240000%252C240002%252C240003%252C240004%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240017%252C240015%252C240016%252C240018%252C240019%252Cqx7745%252Cmiovit%252Cap05we%252C65f9pd%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_sid%3Dc6e234da-e66f-4616-8ecf-67f29b24d5cb%26vnd_4d_pid%3Deae3ccff-0843-45ac-8cff-0eff3278f998%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3Dd5efd6f4-e37c-4e37-a0e7-a5c483b8ba35%26ctx_line_items%3D%26timeout%3D500%26height%3D155%26muted%3D1%26right_rail%3D0%26sensitive%3D0%26series%3D5c82bcebbcdfff6f132fc5e6%26width%3D276&correlator=2555186838940338&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&vid=60abade4dc31e5375248cba6&cmsid=1495&ppid=d5efd6f4e37c4e37a0e7a5c483b8ba35
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
b58974732a545c1e5ba8085524ffe1cb806c0429b8681809d7dee4626f942482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1360
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame FD8D 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Origin
https://arstechnica.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 fbe5d7a9e96ed72fbc0224c756776dd0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
215
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:25:42 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-11T12:51:58.288Z;desc=hit,rtt;dur=1
Content-Length
51500
Last-Modified
Tue, 25 May 2021 15:04:45 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"1631177d1131925333a3b2b652f3d8b2"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
07YVkdoya-4TCvt_uQf7iu_ruD9L27QLLr87m4y0sUcjSVgOfaVXfA==
/
srv-1970-01-01-00.pixel.parsely.com/plogger/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-1970-01-01-00.pixel.parsely.com/plogger/
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.102.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-102-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Cache-Control
no-cache
Last-Modified
Tuesday, 22-Mar-2022 15:29:12 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
fpa-events.arstechnica.com/plogger/ 		43 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fpa-events.arstechnica.com/plogger/?rand=1647962952732&plid=73933473&idsite=arstechnica.com&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sref=&sts=1647962952726&slts=0&title=Behold%2C+a+password+phishing+site+that+can+trick+even+savvy+users+%7C+Ars+Technica&date=Tue+Mar+22+2022+15%3A29%3A12+GMT%2B0000+(GMT)&action=pageview&pvid=90085245&u=pid%3D9e1c0a0e2fc4bd0a1f32f646277a6012
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.123.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-123-163.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:12 GMT
Cache-Control
no-cache
Last-Modified
Tuesday, 22-Mar-2022 15:29:12 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame FD8D 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.100.165 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-100-165.ewr53.r.cloudfront.net
Software
Cloudinary /
Resource Hash
4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 b35f01abdb74e50c7c770d66cb11b73a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
215
X-Cache
Hit from cloudfront
Date
Tue, 22 Mar 2022 15:25:42 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-11T12:51:58.288Z;desc=hit,rtt;dur=1
Content-Length
51500
Last-Modified
Tue, 25 May 2021 15:04:45 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"1631177d1131925333a3b2b652f3d8b2"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
6bFLDqrCLG94Lq8skxxbIr6kVMPWAZd2aXnU-AO2M7v8nl2nF6meDQ==
ibs:dpid=21&dpuuid=214870604098008945134
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=65416946501074486881869476194977929017
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=214870604098008945134
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=21&dpuuid=214870604098008945134
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v030-01de78bdd.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
bbAhAVUnRZE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
via
1.1 759533d02225fb7e951ea4dc2b01fd48.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
EWR50-C1
location
https://dpm.demdex.net/ibs:dpid=21&dpuuid=214870604098008945134
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
D7ZYFa61aBBxisFMukEJV0pMKRn19cM4VkK7CfuIbE6MM4OJnTxviA==
expires
0
local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame 4A0F 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_486c3deacef91dda746a40d4c0c1cd36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

x-guploader-uploadid
ADPycdsLGDN9a7rhYiQo3-4M-ziaTBDtQFMsa5ZvBcwk25vua5tzksmIsj80U1HHGUmYZyjkzdlcGRv_Zx4Ofen8vFc
x-goog-generation
1646075215809942
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1055
content-encoding
gzip
x-goog-hash
crc32c=rbV5Qw== md5=F+oNeszHtFxpWEp75KmB4w==
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
vary
Accept-Encoding
content-length
1055
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
server
UploadServer
date
Tue, 01 Mar 2022 02:19:46 GMT
expires
Wed, 01 Mar 2023 02:19:46 GMT
cache-control
public,max-age=31536000
age
1861766
last-modified
Mon, 28 Feb 2022 19:06:55 GMT
etag
"17ea0d7accc7b45c69584a7be4a981e3"
content-type
text/html; charset=UTF-8
alt-svc
clear
openx
ids.ad.gt/api/v1/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8...
  • https://ids.ad.gt/api/v1/openx?openx_id=8c0f824d-6efb-4402-9bce-f869eec21e7e&id=0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1e...
43 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/openx?openx_id=8c0f824d-6efb-4402-9bce-f869eec21e7e&id=0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=df8afae4-be36-4903-9f4a-b3826d7e351f
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
34.216.205.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-205-19.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Wed, 23 Mar 2022 03:29:12 GMT

Redirect headers

date
Tue, 22 Mar 2022 15:29:12 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ids.ad.gt/api/v1/openx?openx_id=8c0f824d-6efb-4402-9bce-f869eec21e7e&id=0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=df8afae4-be36-4903-9f4a-b3826d7e351f
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
halo_match
ids.ad.gt/api/v1/ 		43 B
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=df8afae4-be36-4903-9f4a-b3826d7e351f&halo_id=0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.216.205.19 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-205-19.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Wed, 23 Mar 2022 03:29:12 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F8AA 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-PEhClzM6CAhiKs5O9ATAB&v=APEucNWQQwe_CRek5v4CHLxVm7T8friZKz4ZMWKhwDADuKG8iGBWUfImarHDhOjyQpxPeePcEMkwUwXBE-rN4QIRAZWn7ROfNA
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 22 Mar 2022 15:29:12 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame FB9B 		72 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B43fWVKFdhEpXYd0raOPVPQ_M6M0Ecu4NKN5SEJdC50Sp5lLF3L_WkyvXJHTL3zjXDbFhQLDb42Mxxp9ZvvOwrig7h-t8LlqtT28Qor_PB7Y-KVvXqnqrcW3avPrZQ0D-syHKjvtIQtpk_bJPJXs-zWpBpZw&dbm_d=AKAmf-A7lS6mdVzhlrdsv4EVN0TcBTFJETkqZGdGRxWvDZiGjd8R96OFAtl8UOvnaOhhO-EYqRpX2x82M3lSmIEvvNz720rnUNyRwF1iP9XDSqx7MkVgGedJbg1P-e2dQvknGfVOJzInIwYAdFtTFu97hYqby7QZWgUicuanWHS155dfiN60iG_GXQFoDc9jSvZJRlzkXm8QhFN0v1QTXoyO1Zsg7SGE8rCASscjjbruS6wjFnhlNsoFmP7z_5lTb99rrZn_NrH4_CTXWgTjSNbocIuaV_KTPUqOLq5LU2aVNICj16Ag7qaHsXYmK7M65x2jxWvJI6VlIOJFdn5mjtTmm3Xx0vBkPNQ4v8Tbm9qsx9zyXzdJEIQTwnucZe_vv5cXJRwSar4JWzp8SDzO-1eF8Hn4TYq6LE0CqxZclKgps6yBTOG8OtxWI0LxvVFFepDHPEnB1qFqzJJ6KpSc5CcDjaV9pNVMPsSqQpil5GtFegQgbVM2muBjRYq2zmJy1HcSTZcNMszfgZZUUjG3ZjWfHDlWId5WzCWBoZNkYkIrUB7BQwmGlxwO63NuaSDdecV0bjCS43Qw9Y8_ko5bLRfc8-hwBEUwYe2am6VuvlLlOp33dXylN-J1IttP4K30YMdQx6XK5N9Tp8Uty3xYFU4E5rFjk4ZV0CXdm6qz1YNR2bq9_ucMDXhoGXrG8oFdtU4uCgLrrJSMkQL5TPB2aTDQ2IxoF5uxq1mUla086Fs-eJnoxwoYsGMWuyvQX3wY4hQBen8DRbv-Lpa-qL9AVL5NHo1q7iIEF4jAgEAT3UpgJ9IcwXnKAjEaWRhwfhAL44p5k131FVWb71NQSoIkE4ePHcuYkxKIigCXHBMln9MH6bJ9FDO2q2lyEolZF6NtTRBpXEofIYMIFHqcfvWiuT5wLn6M-0RQE94kOLIiDOG3Ky5GL04z5cVrt83TPqjoRjoU1lA5NSV5VSESUQD4smAVuvImsPcEU1G9nDgUF_Yzxh3HXhthd9oMR8Mc0mmQ2DBpnJydL86B1me3Zu5mqxW2yAEtKCtNBzH3dqRbTKCr3fS7RUCd9-FvYbcodI0gjesn0cmlpaGyxowfd497G70w3PkO02XgG-cCHzhmv38YlGGfBWEV3HP9z75sSWALKxR4Afg36bUKPFD0sTCpdXZocSVKMxtlvxrhDhc5NBkXNDRAoJjGTBhY-OsqQpOF_lKVXgTRtFjP0fRlJsLQ-3NW-WPO6u4MteTY5-_Ng6rG8b6M5GSbUw2J9wci26qWmYQ43LEdtaKhoQ09oy1CRm_fmem7DDSQ9d_Hn_mRN5FZa6TrTrNQOdpvfi8GplJ9_8xjdBl-DLMsC-UvyD0j_HiL_3rfBjLwlYnCrGrwgvA-oQNRNiDUf3eHKXn4ZvIdQamhAN9AGIKoSgPJQvwioRIIvVGdKL9S6FSu0yeos_FWIudHnbmAYHC1QNS3NWWy535yT4WVVSdsn7ZvjJbWSLhQqcKs5CGCLPV4X5mOf7TWHyTUvETHV7M9f5no8ZIGCs0gi8CKpH2jkWMj9EoPA_Vl_bt6UJ3dVv7AhWnoHIFZOy95xziFvCo8SgAz62JnVGyirdgDGBqyyaMuzTMhaSXLBGziSAD37Jn3X3Ouab1hpdfkKcviry9Y54gkBv70FJL9Q6IrIqeNEwnJOD1hgBWGunuKWvoB7ihPbRcJ-Jt2oRg5ovbbHWDvi9Bgbcz2LXAmaj2xP5km43pZJwXAGYBz_YUNolyCjgW-EK69KxgorO5QMl-9SuIAJZ5hh40ZnHZ9LtGm9tGtUjQKmDKjwcAnix1jLUTrnKUwyC0k0q3qMuLPhyJ6eQFypgaQywWlAVpCBC9Vfn5TAE6bFwpZCVHOKJlZQwouSjF8jkA15H2rbzvAapfdv-Lhx_6Z1OH2jBtSbkURO5NONLAv_cqxw1yqsm0jaM55z77GAGUDt5yBlD3TrywikwjtEZvxinJe2Civyq9r1cfSsIc_ozhrvZAFarA9EuwsKXVeMadARTTCehu_krAsXl12LZIs18s9qx9F4g9ZKtAtRQbiLOerEVstQaTYspzswPkP4V6yy96g7i5ozcXBo80z7KYNSjiLuzguJ-4dZtktEW_gxNZS-nAA1WZG4sf0Ub0gbMAGy2G4RXAWKopdYfdYGL3jwBcdvfRzQ3I02LOy7o3zqWXSwo9XwY3LoCT40dWWQru76MH8vFyskdwxlikbGVBfJgzgptsqhfs1gvyrKzt8gOXGBRZ-Y18mS1pvpNAYvfpuhMl3YkwzKVLsfmHGbzaRCsx1ptut5eMxW-Yb_f24pyT4i3kiChsvOH9jwUZqCOdxYL2gOx3VxtGm1elCsKKvO9WXCHo8Y66oUyWvWmvw_hRjejxzDXxA6yGbvf-IrxhMx3HRAXeT5rLrvSbB7znWyI72wlW1fIvciI_l4drlnzaOJ3zYXwbTe8pdj5dhgFrXjlfYVvUq4dsU92UTQb9Ll-Vsy0A8xC5t1OKpq9Dp_6jDWWoanZCgdELJA7qQl7qoFpQHQPYkmiFzgoJcostVW0VGukPn_-rcF9pf48bUyIWwbOQwOHpj5SIoE3ar9Dq1Gpmoo1oQWcs6YTEjvXvblMlwN1DSWFFkmx6KwrVIjBsMocRV_hajhYCK9Vx4Ny9krUKrzft8g10WW9xGdVWh5rM7-O15qO2Vkzdkn3NaAppYPdrSiCcJM_VpD_0p0eNRxbXi9Oz-303XGlm-aOLGsHXdA8g5x3k3m5tZ5Q8qNXNA7-dImutME1lqPT546Igm8jIh4uowdZvIdCwymy-ma4GhqlYL7nRPG9ltiZFa37xL6ZJK3R_LcJbdZ_xDfcVq-NiyrebnYTOJUJPl5_jEO69f5UTZ3PgO19o3bqdfuLIRE9aJNHXaFopCYaHuOHFMs1NS2-YssjRyvakRtXBeWyV6YANZjyyfBm7_1nCR6zVCVmX0ltQ2DJpq1r51APlB9aKs0wpgZdl_yk87o0Wc9eFjKDeLmg9JjTWZU3ut4M7n6VLHbaYTLRZ8NaUQU3M0TKftK-qWvqsw7lXHYien2OGwFL1u9pDH_adn7iFWrQb7A1aLM27iNxxGzIBjelnvIisX3j3WGoda5l6MM9NzpjTod2MR2CneS6oHpjF753lLnHc8bNRkzl9vxi5JBqt5-0cGnPfi0ehQLtOpCfOZjYjc3P7ftNC2Xv8njynpqi7A_b15EKV1rKwl4nT6fx0uZ4fec1TQCkpy7YpkTT7-6qecN6hK6EJrrvLsi0-AatHMHslr1Vu9pX_1jrUX_qse0F1d2a1n0Xck81o&cid=CAASJeRoBz5KokM_T4Htx7FIRB5DWK7nkuxql56lPMQ7Wk4RdKVkEgA&rfl=1%2Chttps%253A%252F%252Farstechnica.com%252F%240
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
818e955a10408a60834128ed12cd59839c29d4a9bb8efd81c3ca468adc91554d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33327
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FB9B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AKb8WrilBRSyPZA2xB51dKaGVD9j2x4Xuw0LJ4wWMXKQh9quBJisK-Et6S1VM3jWiml9bkZH8qhd2DN871ls-0jl-XbbUBw4L9XPE9q7yGLXVO6wA
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame FB9B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:32:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3379
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 14:32:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FB9B 		118 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f74c04529f8d5f9c248eda87caec654de5e5c61dd40e9ac4696b026d2841b131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36708
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647862282720048"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Mar 2022 15:29:12 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame FB9B 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:24:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
256
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 15:24:56 GMT
l
www.google.com/ads/measurement/ Frame FB9B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSrrNY2SvwQUn_ESiKfz7tA5M1CAXrnb9jtjElWSnREc0BRDf8GC0VoKHhixmERPBPoXeR3pdJEYEgW6LdaebVQHk2M4w
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 8853 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/293baa5d/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1e4127515ea0d575286a02f2874a742c146941d845b7828d47d13adce0dc56a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Origin
https://www.youtube.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://www.youtube.com
vary
origin referer x-origin
access-control-allow-credentials
true
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-max-age
3600
date
Tue, 22 Mar 2022 15:29:12 GMT
content-type
text/html
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=conde.ars&zMoatAdUnit2=rail&zMoatAdUnit3=information-technology&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2F3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1110&gp=695.75&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962949354&de=584683710897&rx=134794783198&cu=1647962949354&m=3443&ar=359f21c1e97-clean&iw=8105762&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=695.75&lb=9883&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=84&vx=84%3A-%3A-&pe=1%3A468%3A468%3A0%3A712&as=0&ag=92&an=0&gf=0&gg=0&ix=0&ic=0&ez=1&aj=1&pg=84&pf=0&ib=1&cc=0&bw=92&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=184&cd=0&ah=184&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.ars&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=197273&na=142599075&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:12 GMT
1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768.m3u8
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame FD8D 		11 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768.m3u8?requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-33.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fb846048afd0ee79141b669572402fc0a024d937c00977e124405d11cd319fe

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 09:28:33 GMT
Content-Encoding
gzip
Vary
Accept-Encoding,Origin
Age
21640
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Mon, 24 May 2021 13:54:58 GMT
Server
AmazonS3
ETag
W/"cc4f278863bddb064b3e70268d5f02f8"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Via
1.1 b35f01abdb74e50c7c770d66cb11b73a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR53-C3
X-Amz-Cf-Id
lhLy43MasRPlrVXeVvV9mfOcCSm0YK71CNbqWCGMRgkKTFod8BE2Mw==
p
sb.scorecardresearch.com/ Frame FD8D 		64 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1647962952822_1&ns_st_ec=1&ns_st_sp=1&ns_st_sq=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=854702&ns_st_pb=1&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_ci=60abade4dc31e5375248cba6&ns_ts=1647962952823&ns_st_bt=0&ns_st_bp=0&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&c8=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-45.ewr50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
via
1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
-SCErk5AKgfCjFESaz8i5I7rnLhp1Amth6_rzICJ13-cvNu_M-U6QA==
1663130473914833
connect.facebook.net/signals/config/ Frame FD8D 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1663130473914833?v=2.9.57&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a8a53f78dbd870a2f47fbf1a89b8d1b947758d4e7f9509743a1dc42f53de6e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89614
x-xss-protection
0
pragma
public
x-fb-debug
7TWrhzTjRj7dXr81P4/keFRzQGRXKsXszGlWsGU8BcWNAjUfXZh8H1erqPbnEv90ObI+SEAM3/IKb3TPGBi03A==
x-frame-options
DENY
date
Tue, 22 Mar 2022 15:29:12 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
moatvideo.js
z.moatads.com/condenastjsvideocontent160527792519/ Frame FD8D 		316 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastjsvideocontent160527792519/moatvideo.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fea322f456810170b635d0be50c4878688dfa63285f79768823c69a85626942c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:12 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 17:16:16 GMT
server
AmazonS3
x-amz-request-id
AZVTTDBMCYPTZJFE
etag
"62ba604f35a0eb0685da0cb2aa2a6336"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=50458
accept-ranges
bytes
content-length
107935
x-amz-id-2
osQTk3cn0NwY/hlFIzkjwS6JbynrFxTcJj7me95RJWJ9jyhYfGzPekWq2ATkVrnSGPOzr4YB+UM=
track
capture.condenastdigital.com/ Frame FD8D 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-22T15%3A29%3A12.944Z&_c=Video%20Ad&_t=Ad%20Call%20Made&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&cId=60abade4dc31e5375248cba6&cKe=Unsolved%20Mysteries%2CArs%20Technica%20Unsolved%20Mysteries%2CQuantum%20Leap%2CUnsolved%20Mysteries%20Quantum%20Leap%2CQuantum%20leap%20show%2Cquantum%20leap%20ending%2Cquantum%20leap%20bakula%2CDonald%20P%20Bellisario%2CQuantum%20Leap%20Finale%2CQuantum%20Leap%20JFK%2CQuantum%20Leap%20Lee%20Harvey%20Oswald%2CQuantum%20Leap%20interview%2CScott%20Bakula%2CDean%20Stockwell%2CQuantum%20Leap%20Ziggy%2CQuantum%20Leap%20Al%2CQuantum%20Leap%20NBC%2CNBC%20Quantum%20Leap%2CQuantum%20Leap%20Episodes%2Cquantum%20leap%20intro%2Cquantum%20leap%20ars%20technica%2Cars%20technica%20quantum%20leap&cPd=2021-05-25T15%3A00%3A00%2B00%3A00&cTi=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=854&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&pWw=276&pWh=155.25&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&uId=793acb54-8a60-48cc-91e9-0be61845aed6&xid=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%222be6198%22%2C%22guid%22%3A%22bed541c0-6921-c9ef-4b7a-e241b75a79db%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_b0ed5a6f-d8a5-4f14-a6b5-421a821e65c7_text2vec1_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:12 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
d-62290fb251c2212df5bf8b1c.js
publish.responsiveads.com/ads/6227aaa551c2212df5bf8069/ Frame 92D6 		48 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/ads/6227aaa551c2212df5bf8069/d-62290fb251c2212df5bf8b1c.js
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r7.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.57.131.216 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-131-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
60efd9b5d5d9557075a7bf18b1b4236d6577d194fbec632589ec057a036a1a3b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
02KNVG8DNZAJ2CB2
Connection
keep-alive
Content-Length
3962
x-amz-id-2
EQCAD/ZGUDm/56PU2KbEPyGArKqUqi059kQ+ZnyZoIW36d1dWs16iWWdL8Pm+sQmZHY2YV5172Q=
Last-Modified
Wed, 09 Mar 2022 20:36:28 GMT
Server
AmazonS3
ETag
"57babed63526f9b7095b05703f6ab953"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=0
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
usermatch
ssum-sec.casalemedia.com/ Frame 6B16 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
aaf49a78a06ee0bda3017946fcc5c59c798dbfcc936807f1e91b7ef4ccb21c74

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
241|230|45|39|47|131|152|57
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 22 Mar 2022 15:29:13 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Length
1771
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame F274 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Mar 2022 15:29:13 GMT
Connection
keep-alive
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame 1CFE 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
9f1bb4aa06f4029ccb133cd00a37850d6973072aab9edb957d3a8e4c2370e680
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-5799967b4-8dq22
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
content-type
text/html;charset=iso-8859-1
content-length
930
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 9577
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1XSEgzeFc5RTJ1TGhtMW1kLk82Y2ZBY2lzUDVtTHlCN35B
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1XSEgzeFc5RTJ1TGhtMW1kLk82Y2ZBY2lzUDVtTHlCN35B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
BGSX6X367ZM3T6Q63S1X
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Tue, 22 Mar 2022 15:29:13 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1XSEgzeFc5RTJ1TGhtMW1kLk82Y2ZBY2lzUDVtTHlCN35B
age
0
server
ATS/9.1.0.33
cm
u.openx.net/w/1.0/ Frame 2174 		722 B
480 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
d956b6ce9c7e3d36b4197a9d0ea8c55f6c25b41ed54e0e26929a8f0aa81875ea

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 22 Mar 2022 15:29:13 GMT
content-type
text/html
content-length
461
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame 5A6E
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8687129380085137690&gdpr=0&gdpr_consent=
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8687129380085137690&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
EWW553SJ27GY81CHPE72
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

content-length
0
date
Tue, 22 Mar 2022 15:29:12 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=8687129380085137690&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame AECB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=6141021567606092823&ex=appnexus.com
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=6141021567606092823&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
HGWP751HBA0GC5YEW95V
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.21.3
Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=6141021567606092823&ex=appnexus.com
AN-X-Request-Uuid
dfb9e9b6-061a-4909-89f4-86ed3a78be3c
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
ecm3
s.amazon-adsystem.com/ Frame A39C
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2076059312112336406011
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2076059312112336406011
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Server
Server
Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
FQ6TXYCST72FKZBPD127
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Tue, 22 Mar 2022 15:29:13 GMT
content-length
0
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2076059312112336406011
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
truncated
/ Frame 92D6 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1992550b49b64ca79e34f8f3ae5990485cb4e14da285591a6c8e550082e3e06

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
ibs:dpid=269&dpuuid=81b96239-eb48-4800-8f99-27deec4d2451&ddsuuid=65416946501074486881869476194977929017
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=65416946501074486881869476194977929017&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d65416946501074...
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=81b96239-eb48-4800-8f99-27deec4d2451&ddsuuid=65416946501074486881869476194977929017
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=269&dpuuid=81b96239-eb48-4800-8f99-27deec4d2451&ddsuuid=65416946501074486881869476194977929017
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v030-0b8868f9b.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
X//GZC6RT/0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Server
MT3 4267 dd20a5c master ord-pixel-x50 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=269&dpuuid=81b96239-eb48-4800-8f99-27deec4d2451&ddsuuid=65416946501074486881869476194977929017
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Mar 2022 15:29:12 GMT
rum
dsum-sec.casalemedia.com/ Frame F8AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN6ZjlNc2LvDK2x3nmbRQpY&google_cver=1
43 B
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN6ZjlNc2LvDK2x3nmbRQpY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-PEhClzM6CAhiKs5O9ATAB&v=APEucNWQQwe_CRek5v4CHLxVm7T8friZKz4ZMWKhwDADuKG8iGBWUfImarHDhOjyQpxPeePcEMkwUwXBE-rN4QIRAZWn7ROfNA
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:13 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN6ZjlNc2LvDK2x3nmbRQpY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame F8AA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjnrSETtBJYiRIvboXIHjAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN6ZjlNc2LvDK2x3nmbRQpY&google_cver=1
43 B
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN6ZjlNc2LvDK2x3nmbRQpY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-PEhClzM6CAhiKs5O9ATAB&v=APEucNWQQwe_CRek5v4CHLxVm7T8friZKz4ZMWKhwDADuKG8iGBWUfImarHDhOjyQpxPeePcEMkwUwXBE-rN4QIRAZWn7ROfNA
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:13 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEN6ZjlNc2LvDK2x3nmbRQpY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame F8AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFbJp4MunEwGkDS_klPG6FM&google_cver=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFbJp4MunEwGkDS_klPG6FM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-PEhClzM6CAhiKs5O9ATAB&v=APEucNWQQwe_CRek5v4CHLxVm7T8friZKz4ZMWKhwDADuKG8iGBWUfImarHDhOjyQpxPeePcEMkwUwXBE-rN4QIRAZWn7ROfNA
Protocol
HTTP/1.1
Server
68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
0c159f7b-36d4-46b1-b434-2e8c70cfac71
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFbJp4MunEwGkDS_klPG6FM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F8AA
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MTAyMTU2NzYwNjA5MjgyMw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MTAyMTU2NzYwNjA5MjgyMw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-PEhClzM6CAhiKs5O9ATAB&v=APEucNWQQwe_CRek5v4CHLxVm7T8friZKz4ZMWKhwDADuKG8iGBWUfImarHDhOjyQpxPeePcEMkwUwXBE-rN4QIRAZWn7ROfNA
Protocol
H3
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b9f80c06-3433-4baf-9ebb-f2f5b8c3ef97
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjE0MTAyMTU2NzYwNjA5MjgyMw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
embed.vendors~ondemand.en-js.fb959cd7154f3c56a8da.js
platform.twitter.com/embed/ Frame 80E6 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.en-js.fb959cd7154f3c56a8da.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D05) /
Resource Hash
0a5377eb8e83be2ee2593492f90bebbd34724ec051ef4e5332b9d4d4ea0195cf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Age
579220
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
12780
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D05)
Etag
"620123f935ecdf8c083ef823e0eeda3d+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.en-js.e84cb370ed3e40856450.js
platform.twitter.com/embed/ Frame 80E6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.en-js.e84cb370ed3e40856450.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1D) /
Resource Hash
486bcf8532c028937fb68a57bcf22a6e0862c8e1ab157ea639979d0f7ea9b74d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Age
579220
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
1801
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D1D)
Etag
"668b3e5058c7ed61a38da6c433123235+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.i18n.en-js.5cdc09e4a37a07720433.js
platform.twitter.com/embed/ Frame 80E6 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.5cdc09e4a37a07720433.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1DCD) /
Resource Hash
790ec30d324db549e4f6f3c493251e6e7d4337f0abb13c8e8873fff8b7b235fb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Age
579220
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
1801
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1DCD)
Etag
"3fa047c294a1fd7d30105f7a1e2febcc+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
990bd72c-675d-4b7e-baf6-cffc9231aae8
https://arstechnica.com/ Frame FD8D 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://arstechnica.com/990bd72c-675d-4b7e-baf6-cffc9231aae8
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87b2408523892f375c00a9d521c67f6eb516ecac25c479a7b15705bfab08fcd3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
64606
Content-Type
application/javascript
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CONDEVIDEOCONTENT1&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1647962952887&de=664255123910&m=0&ar=359f21c1e97-clean&iw=a0cb2c4&q=4&cb=0&ym=0&cu=1647962952887&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario%3A%2F3379%2Fconde.ars%2Fplayer%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&zMoatVideoId=60abade4dc31e5375248cba6&zMoatAP=-&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&gw=condenastjsvideocontent160527792519&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A468%3A468%3A0%3A712&fs=197273&na=1655712982&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:13 GMT
1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768-00001.ts
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame FD8D 		821 KB
822 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768-00001.ts?requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-33.ewr53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e944e6d1b0904bc0c1298fe828ec727bc6a9b46f0b4799e197a1a2acc46fb685

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 14:24:37 GMT
Via
1.1 b35f01abdb74e50c7c770d66cb11b73a.cloudfront.net (CloudFront)
Vary
Origin
Age
3877
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
841112
Last-Modified
Mon, 24 May 2021 13:54:44 GMT
Server
AmazonS3
ETag
"9c6e79c618e52ccae61fce8e62e8cd50"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
EWR53-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
Bb1LG--4vbegWqTtwo3V6wZ0MFuFLLRce1l2lLo4Up-fszY0BBMC2Q==
embed.vendors~ondemand.en-js.fb959cd7154f3c56a8da.js
platform.twitter.com/embed/ Frame 812C 		38 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.en-js.fb959cd7154f3c56a8da.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D05) /
Resource Hash
0a5377eb8e83be2ee2593492f90bebbd34724ec051ef4e5332b9d4d4ea0195cf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Age
579220
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
12780
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D05)
Etag
"620123f935ecdf8c083ef823e0eeda3d+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.en-js.e84cb370ed3e40856450.js
platform.twitter.com/embed/ Frame 812C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.en-js.e84cb370ed3e40856450.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1D) /
Resource Hash
486bcf8532c028937fb68a57bcf22a6e0862c8e1ab157ea639979d0f7ea9b74d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Age
579220
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
1801
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D1D)
Etag
"668b3e5058c7ed61a38da6c433123235+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.i18n.en-js.5cdc09e4a37a07720433.js
platform.twitter.com/embed/ Frame 812C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.5cdc09e4a37a07720433.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1DCD) /
Resource Hash
790ec30d324db549e4f6f3c493251e6e7d4337f0abb13c8e8873fff8b7b235fb

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Age
579220
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
1801
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1DCD)
Etag
"3fa047c294a1fd7d30105f7a1e2febcc+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
skeleton.js
fw.adsafeprotected.com/rjss/st/897507/59604290/ Frame FB9B 		232 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/897507/59604290/skeleton.js?ias_dspID=3&ias_campId=25838044&ias_pubId=pub-3844877863303739&ias_chanId=1&ias_placementId=15714995187&bidurl=https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/&ias_dealId=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B43fWVKFdhEpXYd0raOPVPQ_M6M0Ecu4NKN5SEJdC50Sp5lLF3L_WkyvXJHTL3zjXDbFhQLDb42Mxxp9ZvvOwrig7h-t8LlqtT28Qor_PB7Y-KVvXqnqrcW3avPrZQ0D-syHKjvtIQtpk_bJPJXs-zWpBpZw&dbm_d=AKAmf-A7lS6mdVzhlrdsv4EVN0TcBTFJETkqZGdGRxWvDZiGjd8R96OFAtl8UOvnaOhhO-EYqRpX2x82M3lSmIEvvNz720rnUNyRwF1iP9XDSqx7MkVgGedJbg1P-e2dQvknGfVOJzInIwYAdFtTFu97hYqby7QZWgUicuanWHS155dfiN60iG_GXQFoDc9jSvZJRlzkXm8QhFN0v1QTXoyO1Zsg7SGE8rCASscjjbruS6wjFnhlNsoFmP7z_5lTb99rrZn_NrH4_CTXWgTjSNbocIuaV_KTPUqOLq5LU2aVNICj16Ag7qaHsXYmK7M65x2jxWvJI6VlIOJFdn5mjtTmm3Xx0vBkPNQ4v8Tbm9qsx9zyXzdJEIQTwnucZe_vv5cXJRwSar4JWzp8SDzO-1eF8Hn4TYq6LE0CqxZclKgps6yBTOG8OtxWI0LxvVFFepDHPEnB1qFqzJJ6KpSc5CcDjaV9pNVMPsSqQpil5GtFegQgbVM2muBjRYq2zmJy1HcSTZcNMszfgZZUUjG3ZjWfHDlWId5WzCWBoZNkYkIrUB7BQwmGlxwO63NuaSDdecV0bjCS43Qw9Y8_ko5bLRfc8-hwBEUwYe2am6VuvlLlOp33dXylN-J1IttP4K30YMdQx6XK5N9Tp8Uty3xYFU4E5rFjk4ZV0CXdm6qz1YNR2bq9_ucMDXhoGXrG8oFdtU4uCgLrrJSMkQL5TPB2aTDQ2IxoF5uxq1mUla086Fs-eJnoxwoYsGMWuyvQX3wY4hQBen8DRbv-Lpa-qL9AVL5NHo1q7iIEF4jAgEAT3UpgJ9IcwXnKAjEaWRhwfhAL44p5k131FVWb71NQSoIkE4ePHcuYkxKIigCXHBMln9MH6bJ9FDO2q2lyEolZF6NtTRBpXEofIYMIFHqcfvWiuT5wLn6M-0RQE94kOLIiDOG3Ky5GL04z5cVrt83TPqjoRjoU1lA5NSV5VSESUQD4smAVuvImsPcEU1G9nDgUF_Yzxh3HXhthd9oMR8Mc0mmQ2DBpnJydL86B1me3Zu5mqxW2yAEtKCtNBzH3dqRbTKCr3fS7RUCd9-FvYbcodI0gjesn0cmlpaGyxowfd497G70w3PkO02XgG-cCHzhmv38YlGGfBWEV3HP9z75sSWALKxR4Afg36bUKPFD0sTCpdXZocSVKMxtlvxrhDhc5NBkXNDRAoJjGTBhY-OsqQpOF_lKVXgTRtFjP0fRlJsLQ-3NW-WPO6u4MteTY5-_Ng6rG8b6M5GSbUw2J9wci26qWmYQ43LEdtaKhoQ09oy1CRm_fmem7DDSQ9d_Hn_mRN5FZa6TrTrNQOdpvfi8GplJ9_8xjdBl-DLMsC-UvyD0j_HiL_3rfBjLwlYnCrGrwgvA-oQNRNiDUf3eHKXn4ZvIdQamhAN9AGIKoSgPJQvwioRIIvVGdKL9S6FSu0yeos_FWIudHnbmAYHC1QNS3NWWy535yT4WVVSdsn7ZvjJbWSLhQqcKs5CGCLPV4X5mOf7TWHyTUvETHV7M9f5no8ZIGCs0gi8CKpH2jkWMj9EoPA_Vl_bt6UJ3dVv7AhWnoHIFZOy95xziFvCo8SgAz62JnVGyirdgDGBqyyaMuzTMhaSXLBGziSAD37Jn3X3Ouab1hpdfkKcviry9Y54gkBv70FJL9Q6IrIqeNEwnJOD1hgBWGunuKWvoB7ihPbRcJ-Jt2oRg5ovbbHWDvi9Bgbcz2LXAmaj2xP5km43pZJwXAGYBz_YUNolyCjgW-EK69KxgorO5QMl-9SuIAJZ5hh40ZnHZ9LtGm9tGtUjQKmDKjwcAnix1jLUTrnKUwyC0k0q3qMuLPhyJ6eQFypgaQywWlAVpCBC9Vfn5TAE6bFwpZCVHOKJlZQwouSjF8jkA15H2rbzvAapfdv-Lhx_6Z1OH2jBtSbkURO5NONLAv_cqxw1yqsm0jaM55z77GAGUDt5yBlD3TrywikwjtEZvxinJe2Civyq9r1cfSsIc_ozhrvZAFarA9EuwsKXVeMadARTTCehu_krAsXl12LZIs18s9qx9F4g9ZKtAtRQbiLOerEVstQaTYspzswPkP4V6yy96g7i5ozcXBo80z7KYNSjiLuzguJ-4dZtktEW_gxNZS-nAA1WZG4sf0Ub0gbMAGy2G4RXAWKopdYfdYGL3jwBcdvfRzQ3I02LOy7o3zqWXSwo9XwY3LoCT40dWWQru76MH8vFyskdwxlikbGVBfJgzgptsqhfs1gvyrKzt8gOXGBRZ-Y18mS1pvpNAYvfpuhMl3YkwzKVLsfmHGbzaRCsx1ptut5eMxW-Yb_f24pyT4i3kiChsvOH9jwUZqCOdxYL2gOx3VxtGm1elCsKKvO9WXCHo8Y66oUyWvWmvw_hRjejxzDXxA6yGbvf-IrxhMx3HRAXeT5rLrvSbB7znWyI72wlW1fIvciI_l4drlnzaOJ3zYXwbTe8pdj5dhgFrXjlfYVvUq4dsU92UTQb9Ll-Vsy0A8xC5t1OKpq9Dp_6jDWWoanZCgdELJA7qQl7qoFpQHQPYkmiFzgoJcostVW0VGukPn_-rcF9pf48bUyIWwbOQwOHpj5SIoE3ar9Dq1Gpmoo1oQWcs6YTEjvXvblMlwN1DSWFFkmx6KwrVIjBsMocRV_hajhYCK9Vx4Ny9krUKrzft8g10WW9xGdVWh5rM7-O15qO2Vkzdkn3NaAppYPdrSiCcJM_VpD_0p0eNRxbXi9Oz-303XGlm-aOLGsHXdA8g5x3k3m5tZ5Q8qNXNA7-dImutME1lqPT546Igm8jIh4uowdZvIdCwymy-ma4GhqlYL7nRPG9ltiZFa37xL6ZJK3R_LcJbdZ_xDfcVq-NiyrebnYTOJUJPl5_jEO69f5UTZ3PgO19o3bqdfuLIRE9aJNHXaFopCYaHuOHFMs1NS2-YssjRyvakRtXBeWyV6YANZjyyfBm7_1nCR6zVCVmX0ltQ2DJpq1r51APlB9aKs0wpgZdl_yk87o0Wc9eFjKDeLmg9JjTWZU3ut4M7n6VLHbaYTLRZ8NaUQU3M0TKftK-qWvqsw7lXHYien2OGwFL1u9pDH_adn7iFWrQb7A1aLM27iNxxGzIBjelnvIisX3j3WGoda5l6MM9NzpjTod2MR2CneS6oHpjF753lLnHc8bNRkzl9vxi5JBqt5-0cGnPfi0ehQLtOpCfOZjYjc3P7ftNC2Xv8njynpqi7A_b15EKV1rKwl4nT6fx0uZ4fec1TQCkpy7YpkTT7-6qecN6hK6EJrrvLsi0-AatHMHslr1Vu9pX_1jrUX_qse0F1d2a1n0Xck81o&cid=CAASJeRoBz5KokM_T4Htx7FIRB5DWK7nkuxql56lPMQ7Wk4RdKVkEgA&rfl=1%2Chttps%253A%252F%252Farstechnica.com%252F%240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.84.148.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-84-148-13.compute-1.amazonaws.com
Software
/
Resource Hash
4bdfcca8797010048ec7533490657d7c761e5dbe99899763c0d06af5197bb367

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/ Frame FB9B 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B43fWVKFdhEpXYd0raOPVPQ_M6M0Ecu4NKN5SEJdC50Sp5lLF3L_WkyvXJHTL3zjXDbFhQLDb42Mxxp9ZvvOwrig7h-t8LlqtT28Qor_PB7Y-KVvXqnqrcW3avPrZQ0D-syHKjvtIQtpk_bJPJXs-zWpBpZw&dbm_d=AKAmf-A7lS6mdVzhlrdsv4EVN0TcBTFJETkqZGdGRxWvDZiGjd8R96OFAtl8UOvnaOhhO-EYqRpX2x82M3lSmIEvvNz720rnUNyRwF1iP9XDSqx7MkVgGedJbg1P-e2dQvknGfVOJzInIwYAdFtTFu97hYqby7QZWgUicuanWHS155dfiN60iG_GXQFoDc9jSvZJRlzkXm8QhFN0v1QTXoyO1Zsg7SGE8rCASscjjbruS6wjFnhlNsoFmP7z_5lTb99rrZn_NrH4_CTXWgTjSNbocIuaV_KTPUqOLq5LU2aVNICj16Ag7qaHsXYmK7M65x2jxWvJI6VlIOJFdn5mjtTmm3Xx0vBkPNQ4v8Tbm9qsx9zyXzdJEIQTwnucZe_vv5cXJRwSar4JWzp8SDzO-1eF8Hn4TYq6LE0CqxZclKgps6yBTOG8OtxWI0LxvVFFepDHPEnB1qFqzJJ6KpSc5CcDjaV9pNVMPsSqQpil5GtFegQgbVM2muBjRYq2zmJy1HcSTZcNMszfgZZUUjG3ZjWfHDlWId5WzCWBoZNkYkIrUB7BQwmGlxwO63NuaSDdecV0bjCS43Qw9Y8_ko5bLRfc8-hwBEUwYe2am6VuvlLlOp33dXylN-J1IttP4K30YMdQx6XK5N9Tp8Uty3xYFU4E5rFjk4ZV0CXdm6qz1YNR2bq9_ucMDXhoGXrG8oFdtU4uCgLrrJSMkQL5TPB2aTDQ2IxoF5uxq1mUla086Fs-eJnoxwoYsGMWuyvQX3wY4hQBen8DRbv-Lpa-qL9AVL5NHo1q7iIEF4jAgEAT3UpgJ9IcwXnKAjEaWRhwfhAL44p5k131FVWb71NQSoIkE4ePHcuYkxKIigCXHBMln9MH6bJ9FDO2q2lyEolZF6NtTRBpXEofIYMIFHqcfvWiuT5wLn6M-0RQE94kOLIiDOG3Ky5GL04z5cVrt83TPqjoRjoU1lA5NSV5VSESUQD4smAVuvImsPcEU1G9nDgUF_Yzxh3HXhthd9oMR8Mc0mmQ2DBpnJydL86B1me3Zu5mqxW2yAEtKCtNBzH3dqRbTKCr3fS7RUCd9-FvYbcodI0gjesn0cmlpaGyxowfd497G70w3PkO02XgG-cCHzhmv38YlGGfBWEV3HP9z75sSWALKxR4Afg36bUKPFD0sTCpdXZocSVKMxtlvxrhDhc5NBkXNDRAoJjGTBhY-OsqQpOF_lKVXgTRtFjP0fRlJsLQ-3NW-WPO6u4MteTY5-_Ng6rG8b6M5GSbUw2J9wci26qWmYQ43LEdtaKhoQ09oy1CRm_fmem7DDSQ9d_Hn_mRN5FZa6TrTrNQOdpvfi8GplJ9_8xjdBl-DLMsC-UvyD0j_HiL_3rfBjLwlYnCrGrwgvA-oQNRNiDUf3eHKXn4ZvIdQamhAN9AGIKoSgPJQvwioRIIvVGdKL9S6FSu0yeos_FWIudHnbmAYHC1QNS3NWWy535yT4WVVSdsn7ZvjJbWSLhQqcKs5CGCLPV4X5mOf7TWHyTUvETHV7M9f5no8ZIGCs0gi8CKpH2jkWMj9EoPA_Vl_bt6UJ3dVv7AhWnoHIFZOy95xziFvCo8SgAz62JnVGyirdgDGBqyyaMuzTMhaSXLBGziSAD37Jn3X3Ouab1hpdfkKcviry9Y54gkBv70FJL9Q6IrIqeNEwnJOD1hgBWGunuKWvoB7ihPbRcJ-Jt2oRg5ovbbHWDvi9Bgbcz2LXAmaj2xP5km43pZJwXAGYBz_YUNolyCjgW-EK69KxgorO5QMl-9SuIAJZ5hh40ZnHZ9LtGm9tGtUjQKmDKjwcAnix1jLUTrnKUwyC0k0q3qMuLPhyJ6eQFypgaQywWlAVpCBC9Vfn5TAE6bFwpZCVHOKJlZQwouSjF8jkA15H2rbzvAapfdv-Lhx_6Z1OH2jBtSbkURO5NONLAv_cqxw1yqsm0jaM55z77GAGUDt5yBlD3TrywikwjtEZvxinJe2Civyq9r1cfSsIc_ozhrvZAFarA9EuwsKXVeMadARTTCehu_krAsXl12LZIs18s9qx9F4g9ZKtAtRQbiLOerEVstQaTYspzswPkP4V6yy96g7i5ozcXBo80z7KYNSjiLuzguJ-4dZtktEW_gxNZS-nAA1WZG4sf0Ub0gbMAGy2G4RXAWKopdYfdYGL3jwBcdvfRzQ3I02LOy7o3zqWXSwo9XwY3LoCT40dWWQru76MH8vFyskdwxlikbGVBfJgzgptsqhfs1gvyrKzt8gOXGBRZ-Y18mS1pvpNAYvfpuhMl3YkwzKVLsfmHGbzaRCsx1ptut5eMxW-Yb_f24pyT4i3kiChsvOH9jwUZqCOdxYL2gOx3VxtGm1elCsKKvO9WXCHo8Y66oUyWvWmvw_hRjejxzDXxA6yGbvf-IrxhMx3HRAXeT5rLrvSbB7znWyI72wlW1fIvciI_l4drlnzaOJ3zYXwbTe8pdj5dhgFrXjlfYVvUq4dsU92UTQb9Ll-Vsy0A8xC5t1OKpq9Dp_6jDWWoanZCgdELJA7qQl7qoFpQHQPYkmiFzgoJcostVW0VGukPn_-rcF9pf48bUyIWwbOQwOHpj5SIoE3ar9Dq1Gpmoo1oQWcs6YTEjvXvblMlwN1DSWFFkmx6KwrVIjBsMocRV_hajhYCK9Vx4Ny9krUKrzft8g10WW9xGdVWh5rM7-O15qO2Vkzdkn3NaAppYPdrSiCcJM_VpD_0p0eNRxbXi9Oz-303XGlm-aOLGsHXdA8g5x3k3m5tZ5Q8qNXNA7-dImutME1lqPT546Igm8jIh4uowdZvIdCwymy-ma4GhqlYL7nRPG9ltiZFa37xL6ZJK3R_LcJbdZ_xDfcVq-NiyrebnYTOJUJPl5_jEO69f5UTZ3PgO19o3bqdfuLIRE9aJNHXaFopCYaHuOHFMs1NS2-YssjRyvakRtXBeWyV6YANZjyyfBm7_1nCR6zVCVmX0ltQ2DJpq1r51APlB9aKs0wpgZdl_yk87o0Wc9eFjKDeLmg9JjTWZU3ut4M7n6VLHbaYTLRZ8NaUQU3M0TKftK-qWvqsw7lXHYien2OGwFL1u9pDH_adn7iFWrQb7A1aLM27iNxxGzIBjelnvIisX3j3WGoda5l6MM9NzpjTod2MR2CneS6oHpjF753lLnHc8bNRkzl9vxi5JBqt5-0cGnPfi0ehQLtOpCfOZjYjc3P7ftNC2Xv8njynpqi7A_b15EKV1rKwl4nT6fx0uZ4fec1TQCkpy7YpkTT7-6qecN6hK6EJrrvLsi0-AatHMHslr1Vu9pX_1jrUX_qse0F1d2a1n0Xck81o&cid=CAASJeRoBz5KokM_T4Htx7FIRB5DWK7nkuxql56lPMQ7Wk4RdKVkEgA&rfl=1%2Chttps%253A%252F%252Farstechnica.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:26:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
174
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 15:26:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/elements/html/ Frame FB9B 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B43fWVKFdhEpXYd0raOPVPQ_M6M0Ecu4NKN5SEJdC50Sp5lLF3L_WkyvXJHTL3zjXDbFhQLDb42Mxxp9ZvvOwrig7h-t8LlqtT28Qor_PB7Y-KVvXqnqrcW3avPrZQ0D-syHKjvtIQtpk_bJPJXs-zWpBpZw&dbm_d=AKAmf-A7lS6mdVzhlrdsv4EVN0TcBTFJETkqZGdGRxWvDZiGjd8R96OFAtl8UOvnaOhhO-EYqRpX2x82M3lSmIEvvNz720rnUNyRwF1iP9XDSqx7MkVgGedJbg1P-e2dQvknGfVOJzInIwYAdFtTFu97hYqby7QZWgUicuanWHS155dfiN60iG_GXQFoDc9jSvZJRlzkXm8QhFN0v1QTXoyO1Zsg7SGE8rCASscjjbruS6wjFnhlNsoFmP7z_5lTb99rrZn_NrH4_CTXWgTjSNbocIuaV_KTPUqOLq5LU2aVNICj16Ag7qaHsXYmK7M65x2jxWvJI6VlIOJFdn5mjtTmm3Xx0vBkPNQ4v8Tbm9qsx9zyXzdJEIQTwnucZe_vv5cXJRwSar4JWzp8SDzO-1eF8Hn4TYq6LE0CqxZclKgps6yBTOG8OtxWI0LxvVFFepDHPEnB1qFqzJJ6KpSc5CcDjaV9pNVMPsSqQpil5GtFegQgbVM2muBjRYq2zmJy1HcSTZcNMszfgZZUUjG3ZjWfHDlWId5WzCWBoZNkYkIrUB7BQwmGlxwO63NuaSDdecV0bjCS43Qw9Y8_ko5bLRfc8-hwBEUwYe2am6VuvlLlOp33dXylN-J1IttP4K30YMdQx6XK5N9Tp8Uty3xYFU4E5rFjk4ZV0CXdm6qz1YNR2bq9_ucMDXhoGXrG8oFdtU4uCgLrrJSMkQL5TPB2aTDQ2IxoF5uxq1mUla086Fs-eJnoxwoYsGMWuyvQX3wY4hQBen8DRbv-Lpa-qL9AVL5NHo1q7iIEF4jAgEAT3UpgJ9IcwXnKAjEaWRhwfhAL44p5k131FVWb71NQSoIkE4ePHcuYkxKIigCXHBMln9MH6bJ9FDO2q2lyEolZF6NtTRBpXEofIYMIFHqcfvWiuT5wLn6M-0RQE94kOLIiDOG3Ky5GL04z5cVrt83TPqjoRjoU1lA5NSV5VSESUQD4smAVuvImsPcEU1G9nDgUF_Yzxh3HXhthd9oMR8Mc0mmQ2DBpnJydL86B1me3Zu5mqxW2yAEtKCtNBzH3dqRbTKCr3fS7RUCd9-FvYbcodI0gjesn0cmlpaGyxowfd497G70w3PkO02XgG-cCHzhmv38YlGGfBWEV3HP9z75sSWALKxR4Afg36bUKPFD0sTCpdXZocSVKMxtlvxrhDhc5NBkXNDRAoJjGTBhY-OsqQpOF_lKVXgTRtFjP0fRlJsLQ-3NW-WPO6u4MteTY5-_Ng6rG8b6M5GSbUw2J9wci26qWmYQ43LEdtaKhoQ09oy1CRm_fmem7DDSQ9d_Hn_mRN5FZa6TrTrNQOdpvfi8GplJ9_8xjdBl-DLMsC-UvyD0j_HiL_3rfBjLwlYnCrGrwgvA-oQNRNiDUf3eHKXn4ZvIdQamhAN9AGIKoSgPJQvwioRIIvVGdKL9S6FSu0yeos_FWIudHnbmAYHC1QNS3NWWy535yT4WVVSdsn7ZvjJbWSLhQqcKs5CGCLPV4X5mOf7TWHyTUvETHV7M9f5no8ZIGCs0gi8CKpH2jkWMj9EoPA_Vl_bt6UJ3dVv7AhWnoHIFZOy95xziFvCo8SgAz62JnVGyirdgDGBqyyaMuzTMhaSXLBGziSAD37Jn3X3Ouab1hpdfkKcviry9Y54gkBv70FJL9Q6IrIqeNEwnJOD1hgBWGunuKWvoB7ihPbRcJ-Jt2oRg5ovbbHWDvi9Bgbcz2LXAmaj2xP5km43pZJwXAGYBz_YUNolyCjgW-EK69KxgorO5QMl-9SuIAJZ5hh40ZnHZ9LtGm9tGtUjQKmDKjwcAnix1jLUTrnKUwyC0k0q3qMuLPhyJ6eQFypgaQywWlAVpCBC9Vfn5TAE6bFwpZCVHOKJlZQwouSjF8jkA15H2rbzvAapfdv-Lhx_6Z1OH2jBtSbkURO5NONLAv_cqxw1yqsm0jaM55z77GAGUDt5yBlD3TrywikwjtEZvxinJe2Civyq9r1cfSsIc_ozhrvZAFarA9EuwsKXVeMadARTTCehu_krAsXl12LZIs18s9qx9F4g9ZKtAtRQbiLOerEVstQaTYspzswPkP4V6yy96g7i5ozcXBo80z7KYNSjiLuzguJ-4dZtktEW_gxNZS-nAA1WZG4sf0Ub0gbMAGy2G4RXAWKopdYfdYGL3jwBcdvfRzQ3I02LOy7o3zqWXSwo9XwY3LoCT40dWWQru76MH8vFyskdwxlikbGVBfJgzgptsqhfs1gvyrKzt8gOXGBRZ-Y18mS1pvpNAYvfpuhMl3YkwzKVLsfmHGbzaRCsx1ptut5eMxW-Yb_f24pyT4i3kiChsvOH9jwUZqCOdxYL2gOx3VxtGm1elCsKKvO9WXCHo8Y66oUyWvWmvw_hRjejxzDXxA6yGbvf-IrxhMx3HRAXeT5rLrvSbB7znWyI72wlW1fIvciI_l4drlnzaOJ3zYXwbTe8pdj5dhgFrXjlfYVvUq4dsU92UTQb9Ll-Vsy0A8xC5t1OKpq9Dp_6jDWWoanZCgdELJA7qQl7qoFpQHQPYkmiFzgoJcostVW0VGukPn_-rcF9pf48bUyIWwbOQwOHpj5SIoE3ar9Dq1Gpmoo1oQWcs6YTEjvXvblMlwN1DSWFFkmx6KwrVIjBsMocRV_hajhYCK9Vx4Ny9krUKrzft8g10WW9xGdVWh5rM7-O15qO2Vkzdkn3NaAppYPdrSiCcJM_VpD_0p0eNRxbXi9Oz-303XGlm-aOLGsHXdA8g5x3k3m5tZ5Q8qNXNA7-dImutME1lqPT546Igm8jIh4uowdZvIdCwymy-ma4GhqlYL7nRPG9ltiZFa37xL6ZJK3R_LcJbdZ_xDfcVq-NiyrebnYTOJUJPl5_jEO69f5UTZ3PgO19o3bqdfuLIRE9aJNHXaFopCYaHuOHFMs1NS2-YssjRyvakRtXBeWyV6YANZjyyfBm7_1nCR6zVCVmX0ltQ2DJpq1r51APlB9aKs0wpgZdl_yk87o0Wc9eFjKDeLmg9JjTWZU3ut4M7n6VLHbaYTLRZ8NaUQU3M0TKftK-qWvqsw7lXHYien2OGwFL1u9pDH_adn7iFWrQb7A1aLM27iNxxGzIBjelnvIisX3j3WGoda5l6MM9NzpjTod2MR2CneS6oHpjF753lLnHc8bNRkzl9vxi5JBqt5-0cGnPfi0ehQLtOpCfOZjYjc3P7ftNC2Xv8njynpqi7A_b15EKV1rKwl4nT6fx0uZ4fec1TQCkpy7YpkTT7-6qecN6hK6EJrrvLsi0-AatHMHslr1Vu9pX_1jrUX_qse0F1d2a1n0Xck81o&cid=CAASJeRoBz5KokM_T4Htx7FIRB5DWK7nkuxql56lPMQ7Wk4RdKVkEgA&rfl=1%2Chttps%253A%252F%252Farstechnica.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:25:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 15:25:29 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FB9B 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsunu8Wi_wtKi0-nVffxoV4ak6BKHx0oairRChnzhpCIXDnZE88y87-SNm9Fxjc6O1Yc0i4pHcneU2JCEAlEy-v6NKgoohu8SMS9UAZ_dY9BOoaR9-HDTd3kg1KvYv-9yk-TdYl6ZMcAX6mZM_T6I33VxDWSndgY5q4RQXBHTciLedrUUjpCXRMW9g7ucbYHQwaHZiF3GiYxUwL4lK5d3qhulFnVcWQiPADQt1D54ktAbgrDdCOpuiyl87Z6zKinZLI5oUQU-coPpjxAWEpv-YNAIivQLTfsuT12qRIw5TkHljQ2aIFKb7jeqOPXaIUqRPjSF89R_6-3YujL3yAS2S1wNwW3VLjeXkBJjy_lCFXsn6Z3nFwdEc_oFr3eFAR6AsIF2HiQ-L1oYaZmSYmlujy0-tDdwPw0rtkq2KcaJyGOZbPsRxpkKa9pf_r92Swj1VDAPIY4uQZnxruXBNXKGnpynFniK3ZLQWGF4Lkt4Y44a1fZoUq2DYIR4tJ3Ry8yhMMuJQarBqI0BiiaWIE_Yd8QuHmtjbNKV9R5DcbcmKW7nJ2aiyRdSM635l16vIaOgMFczX3GuqsxvP094mwNVUGpN1w1lL-wck7RdaUjYQD80kFnHZZiu0_U2w2TqELLvsgLtX28L_w9tHFoNSbFgengIxRaY_EKLyGIZOArFau8WxSzHbvAboBwecfOp7It9RwuvZkBN70c_2DXA6nw0iL1m8hu33m2ZZlWE5T66nShtrjGYwMwslnrLYRjUgb2xtxZqXc0XKAFwFyiFLcMboJCka8qlNl78wN2-AU9kzd-Y9hvWgK5gthpGnyYaNqY803-J5oH0P2zDsHgelQRfSgGlRZzmmlsYYVm-i_ZznJBnqh9T1UnlE_VLILC9hyvwC7ScEXt0YIm3LjXywPADm902WO17AEKcQAMOPixYMQtTGnjhfK_OfwnMmtqibxBGhuci_WVccfm7mjQ0hDKd_Mn39c_kl_YFfIQvYB23abcUPuehaxojG9KwsU2oZ0bUAwMzYKnJPY00gTY8H3qOwp958S6S66JpxZ0wH2yeYp-VrOBjyYVvQ9G3Gei6jWJ7YZAi9nGimjrehtgesMJfRmxTcK-F3fXOAt8IgHofu00RddoTzvQ2NzYusbpxgRhjiRcbifatSPGlA&sai=AMfl-YT1mAXYoqc9f6SJfERwDAXAEJBcgwA0ORJG-umWYuizVC_mqzJaDTlYjUFcvB67sf46oYU1IKb36rnP_Vat5FC7Lj_fLuA9LVO6cj48ggboWBNFlHEk2g2WuiBQvrvM55oLAJizUtYKr7pydCwr3x6k-_ME9eLxxIdRGx8A1_IcoAIbna1zv9DSygoing9lb8kTODuQSPOfAAmyrUSfW-C3&sig=Cg0ArKJSzCeScs7XAb4MEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220317.48407&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B43fWVKFdhEpXYd0raOPVPQ_M6M0Ecu4NKN5SEJdC50Sp5lLF3L_WkyvXJHTL3zjXDbFhQLDb42Mxxp9ZvvOwrig7h-t8LlqtT28Qor_PB7Y-KVvXqnqrcW3avPrZQ0D-syHKjvtIQtpk_bJPJXs-zWpBpZw&dbm_d=AKAmf-A7lS6mdVzhlrdsv4EVN0TcBTFJETkqZGdGRxWvDZiGjd8R96OFAtl8UOvnaOhhO-EYqRpX2x82M3lSmIEvvNz720rnUNyRwF1iP9XDSqx7MkVgGedJbg1P-e2dQvknGfVOJzInIwYAdFtTFu97hYqby7QZWgUicuanWHS155dfiN60iG_GXQFoDc9jSvZJRlzkXm8QhFN0v1QTXoyO1Zsg7SGE8rCASscjjbruS6wjFnhlNsoFmP7z_5lTb99rrZn_NrH4_CTXWgTjSNbocIuaV_KTPUqOLq5LU2aVNICj16Ag7qaHsXYmK7M65x2jxWvJI6VlIOJFdn5mjtTmm3Xx0vBkPNQ4v8Tbm9qsx9zyXzdJEIQTwnucZe_vv5cXJRwSar4JWzp8SDzO-1eF8Hn4TYq6LE0CqxZclKgps6yBTOG8OtxWI0LxvVFFepDHPEnB1qFqzJJ6KpSc5CcDjaV9pNVMPsSqQpil5GtFegQgbVM2muBjRYq2zmJy1HcSTZcNMszfgZZUUjG3ZjWfHDlWId5WzCWBoZNkYkIrUB7BQwmGlxwO63NuaSDdecV0bjCS43Qw9Y8_ko5bLRfc8-hwBEUwYe2am6VuvlLlOp33dXylN-J1IttP4K30YMdQx6XK5N9Tp8Uty3xYFU4E5rFjk4ZV0CXdm6qz1YNR2bq9_ucMDXhoGXrG8oFdtU4uCgLrrJSMkQL5TPB2aTDQ2IxoF5uxq1mUla086Fs-eJnoxwoYsGMWuyvQX3wY4hQBen8DRbv-Lpa-qL9AVL5NHo1q7iIEF4jAgEAT3UpgJ9IcwXnKAjEaWRhwfhAL44p5k131FVWb71NQSoIkE4ePHcuYkxKIigCXHBMln9MH6bJ9FDO2q2lyEolZF6NtTRBpXEofIYMIFHqcfvWiuT5wLn6M-0RQE94kOLIiDOG3Ky5GL04z5cVrt83TPqjoRjoU1lA5NSV5VSESUQD4smAVuvImsPcEU1G9nDgUF_Yzxh3HXhthd9oMR8Mc0mmQ2DBpnJydL86B1me3Zu5mqxW2yAEtKCtNBzH3dqRbTKCr3fS7RUCd9-FvYbcodI0gjesn0cmlpaGyxowfd497G70w3PkO02XgG-cCHzhmv38YlGGfBWEV3HP9z75sSWALKxR4Afg36bUKPFD0sTCpdXZocSVKMxtlvxrhDhc5NBkXNDRAoJjGTBhY-OsqQpOF_lKVXgTRtFjP0fRlJsLQ-3NW-WPO6u4MteTY5-_Ng6rG8b6M5GSbUw2J9wci26qWmYQ43LEdtaKhoQ09oy1CRm_fmem7DDSQ9d_Hn_mRN5FZa6TrTrNQOdpvfi8GplJ9_8xjdBl-DLMsC-UvyD0j_HiL_3rfBjLwlYnCrGrwgvA-oQNRNiDUf3eHKXn4ZvIdQamhAN9AGIKoSgPJQvwioRIIvVGdKL9S6FSu0yeos_FWIudHnbmAYHC1QNS3NWWy535yT4WVVSdsn7ZvjJbWSLhQqcKs5CGCLPV4X5mOf7TWHyTUvETHV7M9f5no8ZIGCs0gi8CKpH2jkWMj9EoPA_Vl_bt6UJ3dVv7AhWnoHIFZOy95xziFvCo8SgAz62JnVGyirdgDGBqyyaMuzTMhaSXLBGziSAD37Jn3X3Ouab1hpdfkKcviry9Y54gkBv70FJL9Q6IrIqeNEwnJOD1hgBWGunuKWvoB7ihPbRcJ-Jt2oRg5ovbbHWDvi9Bgbcz2LXAmaj2xP5km43pZJwXAGYBz_YUNolyCjgW-EK69KxgorO5QMl-9SuIAJZ5hh40ZnHZ9LtGm9tGtUjQKmDKjwcAnix1jLUTrnKUwyC0k0q3qMuLPhyJ6eQFypgaQywWlAVpCBC9Vfn5TAE6bFwpZCVHOKJlZQwouSjF8jkA15H2rbzvAapfdv-Lhx_6Z1OH2jBtSbkURO5NONLAv_cqxw1yqsm0jaM55z77GAGUDt5yBlD3TrywikwjtEZvxinJe2Civyq9r1cfSsIc_ozhrvZAFarA9EuwsKXVeMadARTTCehu_krAsXl12LZIs18s9qx9F4g9ZKtAtRQbiLOerEVstQaTYspzswPkP4V6yy96g7i5ozcXBo80z7KYNSjiLuzguJ-4dZtktEW_gxNZS-nAA1WZG4sf0Ub0gbMAGy2G4RXAWKopdYfdYGL3jwBcdvfRzQ3I02LOy7o3zqWXSwo9XwY3LoCT40dWWQru76MH8vFyskdwxlikbGVBfJgzgptsqhfs1gvyrKzt8gOXGBRZ-Y18mS1pvpNAYvfpuhMl3YkwzKVLsfmHGbzaRCsx1ptut5eMxW-Yb_f24pyT4i3kiChsvOH9jwUZqCOdxYL2gOx3VxtGm1elCsKKvO9WXCHo8Y66oUyWvWmvw_hRjejxzDXxA6yGbvf-IrxhMx3HRAXeT5rLrvSbB7znWyI72wlW1fIvciI_l4drlnzaOJ3zYXwbTe8pdj5dhgFrXjlfYVvUq4dsU92UTQb9Ll-Vsy0A8xC5t1OKpq9Dp_6jDWWoanZCgdELJA7qQl7qoFpQHQPYkmiFzgoJcostVW0VGukPn_-rcF9pf48bUyIWwbOQwOHpj5SIoE3ar9Dq1Gpmoo1oQWcs6YTEjvXvblMlwN1DSWFFkmx6KwrVIjBsMocRV_hajhYCK9Vx4Ny9krUKrzft8g10WW9xGdVWh5rM7-O15qO2Vkzdkn3NaAppYPdrSiCcJM_VpD_0p0eNRxbXi9Oz-303XGlm-aOLGsHXdA8g5x3k3m5tZ5Q8qNXNA7-dImutME1lqPT546Igm8jIh4uowdZvIdCwymy-ma4GhqlYL7nRPG9ltiZFa37xL6ZJK3R_LcJbdZ_xDfcVq-NiyrebnYTOJUJPl5_jEO69f5UTZ3PgO19o3bqdfuLIRE9aJNHXaFopCYaHuOHFMs1NS2-YssjRyvakRtXBeWyV6YANZjyyfBm7_1nCR6zVCVmX0ltQ2DJpq1r51APlB9aKs0wpgZdl_yk87o0Wc9eFjKDeLmg9JjTWZU3ut4M7n6VLHbaYTLRZ8NaUQU3M0TKftK-qWvqsw7lXHYien2OGwFL1u9pDH_adn7iFWrQb7A1aLM27iNxxGzIBjelnvIisX3j3WGoda5l6MM9NzpjTod2MR2CneS6oHpjF753lLnHc8bNRkzl9vxi5JBqt5-0cGnPfi0ehQLtOpCfOZjYjc3P7ftNC2Xv8njynpqi7A_b15EKV1rKwl4nT6fx0uZ4fec1TQCkpy7YpkTT7-6qecN6hK6EJrrvLsi0-AatHMHslr1Vu9pX_1jrUX_qse0F1d2a1n0Xck81o&cid=CAASJeRoBz5KokM_T4Htx7FIRB5DWK7nkuxql56lPMQ7Wk4RdKVkEgA&rfl=1%2Chttps%253A%252F%252Farstechnica.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 22 Mar 2022 15:29:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
jload
pixel.adsafeprotected.com/ Frame FB9B 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=925175&adsafe_par&uId=&advId=9847203&campId=26925916&pubId=6467859&chanId=165329057&placementId=322700529
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B43fWVKFdhEpXYd0raOPVPQ_M6M0Ecu4NKN5SEJdC50Sp5lLF3L_WkyvXJHTL3zjXDbFhQLDb42Mxxp9ZvvOwrig7h-t8LlqtT28Qor_PB7Y-KVvXqnqrcW3avPrZQ0D-syHKjvtIQtpk_bJPJXs-zWpBpZw&dbm_d=AKAmf-A7lS6mdVzhlrdsv4EVN0TcBTFJETkqZGdGRxWvDZiGjd8R96OFAtl8UOvnaOhhO-EYqRpX2x82M3lSmIEvvNz720rnUNyRwF1iP9XDSqx7MkVgGedJbg1P-e2dQvknGfVOJzInIwYAdFtTFu97hYqby7QZWgUicuanWHS155dfiN60iG_GXQFoDc9jSvZJRlzkXm8QhFN0v1QTXoyO1Zsg7SGE8rCASscjjbruS6wjFnhlNsoFmP7z_5lTb99rrZn_NrH4_CTXWgTjSNbocIuaV_KTPUqOLq5LU2aVNICj16Ag7qaHsXYmK7M65x2jxWvJI6VlIOJFdn5mjtTmm3Xx0vBkPNQ4v8Tbm9qsx9zyXzdJEIQTwnucZe_vv5cXJRwSar4JWzp8SDzO-1eF8Hn4TYq6LE0CqxZclKgps6yBTOG8OtxWI0LxvVFFepDHPEnB1qFqzJJ6KpSc5CcDjaV9pNVMPsSqQpil5GtFegQgbVM2muBjRYq2zmJy1HcSTZcNMszfgZZUUjG3ZjWfHDlWId5WzCWBoZNkYkIrUB7BQwmGlxwO63NuaSDdecV0bjCS43Qw9Y8_ko5bLRfc8-hwBEUwYe2am6VuvlLlOp33dXylN-J1IttP4K30YMdQx6XK5N9Tp8Uty3xYFU4E5rFjk4ZV0CXdm6qz1YNR2bq9_ucMDXhoGXrG8oFdtU4uCgLrrJSMkQL5TPB2aTDQ2IxoF5uxq1mUla086Fs-eJnoxwoYsGMWuyvQX3wY4hQBen8DRbv-Lpa-qL9AVL5NHo1q7iIEF4jAgEAT3UpgJ9IcwXnKAjEaWRhwfhAL44p5k131FVWb71NQSoIkE4ePHcuYkxKIigCXHBMln9MH6bJ9FDO2q2lyEolZF6NtTRBpXEofIYMIFHqcfvWiuT5wLn6M-0RQE94kOLIiDOG3Ky5GL04z5cVrt83TPqjoRjoU1lA5NSV5VSESUQD4smAVuvImsPcEU1G9nDgUF_Yzxh3HXhthd9oMR8Mc0mmQ2DBpnJydL86B1me3Zu5mqxW2yAEtKCtNBzH3dqRbTKCr3fS7RUCd9-FvYbcodI0gjesn0cmlpaGyxowfd497G70w3PkO02XgG-cCHzhmv38YlGGfBWEV3HP9z75sSWALKxR4Afg36bUKPFD0sTCpdXZocSVKMxtlvxrhDhc5NBkXNDRAoJjGTBhY-OsqQpOF_lKVXgTRtFjP0fRlJsLQ-3NW-WPO6u4MteTY5-_Ng6rG8b6M5GSbUw2J9wci26qWmYQ43LEdtaKhoQ09oy1CRm_fmem7DDSQ9d_Hn_mRN5FZa6TrTrNQOdpvfi8GplJ9_8xjdBl-DLMsC-UvyD0j_HiL_3rfBjLwlYnCrGrwgvA-oQNRNiDUf3eHKXn4ZvIdQamhAN9AGIKoSgPJQvwioRIIvVGdKL9S6FSu0yeos_FWIudHnbmAYHC1QNS3NWWy535yT4WVVSdsn7ZvjJbWSLhQqcKs5CGCLPV4X5mOf7TWHyTUvETHV7M9f5no8ZIGCs0gi8CKpH2jkWMj9EoPA_Vl_bt6UJ3dVv7AhWnoHIFZOy95xziFvCo8SgAz62JnVGyirdgDGBqyyaMuzTMhaSXLBGziSAD37Jn3X3Ouab1hpdfkKcviry9Y54gkBv70FJL9Q6IrIqeNEwnJOD1hgBWGunuKWvoB7ihPbRcJ-Jt2oRg5ovbbHWDvi9Bgbcz2LXAmaj2xP5km43pZJwXAGYBz_YUNolyCjgW-EK69KxgorO5QMl-9SuIAJZ5hh40ZnHZ9LtGm9tGtUjQKmDKjwcAnix1jLUTrnKUwyC0k0q3qMuLPhyJ6eQFypgaQywWlAVpCBC9Vfn5TAE6bFwpZCVHOKJlZQwouSjF8jkA15H2rbzvAapfdv-Lhx_6Z1OH2jBtSbkURO5NONLAv_cqxw1yqsm0jaM55z77GAGUDt5yBlD3TrywikwjtEZvxinJe2Civyq9r1cfSsIc_ozhrvZAFarA9EuwsKXVeMadARTTCehu_krAsXl12LZIs18s9qx9F4g9ZKtAtRQbiLOerEVstQaTYspzswPkP4V6yy96g7i5ozcXBo80z7KYNSjiLuzguJ-4dZtktEW_gxNZS-nAA1WZG4sf0Ub0gbMAGy2G4RXAWKopdYfdYGL3jwBcdvfRzQ3I02LOy7o3zqWXSwo9XwY3LoCT40dWWQru76MH8vFyskdwxlikbGVBfJgzgptsqhfs1gvyrKzt8gOXGBRZ-Y18mS1pvpNAYvfpuhMl3YkwzKVLsfmHGbzaRCsx1ptut5eMxW-Yb_f24pyT4i3kiChsvOH9jwUZqCOdxYL2gOx3VxtGm1elCsKKvO9WXCHo8Y66oUyWvWmvw_hRjejxzDXxA6yGbvf-IrxhMx3HRAXeT5rLrvSbB7znWyI72wlW1fIvciI_l4drlnzaOJ3zYXwbTe8pdj5dhgFrXjlfYVvUq4dsU92UTQb9Ll-Vsy0A8xC5t1OKpq9Dp_6jDWWoanZCgdELJA7qQl7qoFpQHQPYkmiFzgoJcostVW0VGukPn_-rcF9pf48bUyIWwbOQwOHpj5SIoE3ar9Dq1Gpmoo1oQWcs6YTEjvXvblMlwN1DSWFFkmx6KwrVIjBsMocRV_hajhYCK9Vx4Ny9krUKrzft8g10WW9xGdVWh5rM7-O15qO2Vkzdkn3NaAppYPdrSiCcJM_VpD_0p0eNRxbXi9Oz-303XGlm-aOLGsHXdA8g5x3k3m5tZ5Q8qNXNA7-dImutME1lqPT546Igm8jIh4uowdZvIdCwymy-ma4GhqlYL7nRPG9ltiZFa37xL6ZJK3R_LcJbdZ_xDfcVq-NiyrebnYTOJUJPl5_jEO69f5UTZ3PgO19o3bqdfuLIRE9aJNHXaFopCYaHuOHFMs1NS2-YssjRyvakRtXBeWyV6YANZjyyfBm7_1nCR6zVCVmX0ltQ2DJpq1r51APlB9aKs0wpgZdl_yk87o0Wc9eFjKDeLmg9JjTWZU3ut4M7n6VLHbaYTLRZ8NaUQU3M0TKftK-qWvqsw7lXHYien2OGwFL1u9pDH_adn7iFWrQb7A1aLM27iNxxGzIBjelnvIisX3j3WGoda5l6MM9NzpjTod2MR2CneS6oHpjF753lLnHc8bNRkzl9vxi5JBqt5-0cGnPfi0ehQLtOpCfOZjYjc3P7ftNC2Xv8njynpqi7A_b15EKV1rKwl4nT6fx0uZ4fec1TQCkpy7YpkTT7-6qecN6hK6EJrrvLsi0-AatHMHslr1Vu9pX_1jrUX_qse0F1d2a1n0Xck81o&cid=CAASJeRoBz5KokM_T4Htx7FIRB5DWK7nkuxql56lPMQ7Wk4RdKVkEgA&rfl=1%2Chttps%253A%252F%252Farstechnica.com%252F%240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.191.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-191-32.compute-1.amazonaws.com
Software
/
Resource Hash
087b027d42fb0896297c144a29592243d64e89d03e236dc42b8bcde5a6f89679

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
ca
choices.truste.com/ Frame FB9B 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=moxie01&aid=moxie_verizon01&cid=26925916&js=st0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B43fWVKFdhEpXYd0raOPVPQ_M6M0Ecu4NKN5SEJdC50Sp5lLF3L_WkyvXJHTL3zjXDbFhQLDb42Mxxp9ZvvOwrig7h-t8LlqtT28Qor_PB7Y-KVvXqnqrcW3avPrZQ0D-syHKjvtIQtpk_bJPJXs-zWpBpZw&dbm_d=AKAmf-A7lS6mdVzhlrdsv4EVN0TcBTFJETkqZGdGRxWvDZiGjd8R96OFAtl8UOvnaOhhO-EYqRpX2x82M3lSmIEvvNz720rnUNyRwF1iP9XDSqx7MkVgGedJbg1P-e2dQvknGfVOJzInIwYAdFtTFu97hYqby7QZWgUicuanWHS155dfiN60iG_GXQFoDc9jSvZJRlzkXm8QhFN0v1QTXoyO1Zsg7SGE8rCASscjjbruS6wjFnhlNsoFmP7z_5lTb99rrZn_NrH4_CTXWgTjSNbocIuaV_KTPUqOLq5LU2aVNICj16Ag7qaHsXYmK7M65x2jxWvJI6VlIOJFdn5mjtTmm3Xx0vBkPNQ4v8Tbm9qsx9zyXzdJEIQTwnucZe_vv5cXJRwSar4JWzp8SDzO-1eF8Hn4TYq6LE0CqxZclKgps6yBTOG8OtxWI0LxvVFFepDHPEnB1qFqzJJ6KpSc5CcDjaV9pNVMPsSqQpil5GtFegQgbVM2muBjRYq2zmJy1HcSTZcNMszfgZZUUjG3ZjWfHDlWId5WzCWBoZNkYkIrUB7BQwmGlxwO63NuaSDdecV0bjCS43Qw9Y8_ko5bLRfc8-hwBEUwYe2am6VuvlLlOp33dXylN-J1IttP4K30YMdQx6XK5N9Tp8Uty3xYFU4E5rFjk4ZV0CXdm6qz1YNR2bq9_ucMDXhoGXrG8oFdtU4uCgLrrJSMkQL5TPB2aTDQ2IxoF5uxq1mUla086Fs-eJnoxwoYsGMWuyvQX3wY4hQBen8DRbv-Lpa-qL9AVL5NHo1q7iIEF4jAgEAT3UpgJ9IcwXnKAjEaWRhwfhAL44p5k131FVWb71NQSoIkE4ePHcuYkxKIigCXHBMln9MH6bJ9FDO2q2lyEolZF6NtTRBpXEofIYMIFHqcfvWiuT5wLn6M-0RQE94kOLIiDOG3Ky5GL04z5cVrt83TPqjoRjoU1lA5NSV5VSESUQD4smAVuvImsPcEU1G9nDgUF_Yzxh3HXhthd9oMR8Mc0mmQ2DBpnJydL86B1me3Zu5mqxW2yAEtKCtNBzH3dqRbTKCr3fS7RUCd9-FvYbcodI0gjesn0cmlpaGyxowfd497G70w3PkO02XgG-cCHzhmv38YlGGfBWEV3HP9z75sSWALKxR4Afg36bUKPFD0sTCpdXZocSVKMxtlvxrhDhc5NBkXNDRAoJjGTBhY-OsqQpOF_lKVXgTRtFjP0fRlJsLQ-3NW-WPO6u4MteTY5-_Ng6rG8b6M5GSbUw2J9wci26qWmYQ43LEdtaKhoQ09oy1CRm_fmem7DDSQ9d_Hn_mRN5FZa6TrTrNQOdpvfi8GplJ9_8xjdBl-DLMsC-UvyD0j_HiL_3rfBjLwlYnCrGrwgvA-oQNRNiDUf3eHKXn4ZvIdQamhAN9AGIKoSgPJQvwioRIIvVGdKL9S6FSu0yeos_FWIudHnbmAYHC1QNS3NWWy535yT4WVVSdsn7ZvjJbWSLhQqcKs5CGCLPV4X5mOf7TWHyTUvETHV7M9f5no8ZIGCs0gi8CKpH2jkWMj9EoPA_Vl_bt6UJ3dVv7AhWnoHIFZOy95xziFvCo8SgAz62JnVGyirdgDGBqyyaMuzTMhaSXLBGziSAD37Jn3X3Ouab1hpdfkKcviry9Y54gkBv70FJL9Q6IrIqeNEwnJOD1hgBWGunuKWvoB7ihPbRcJ-Jt2oRg5ovbbHWDvi9Bgbcz2LXAmaj2xP5km43pZJwXAGYBz_YUNolyCjgW-EK69KxgorO5QMl-9SuIAJZ5hh40ZnHZ9LtGm9tGtUjQKmDKjwcAnix1jLUTrnKUwyC0k0q3qMuLPhyJ6eQFypgaQywWlAVpCBC9Vfn5TAE6bFwpZCVHOKJlZQwouSjF8jkA15H2rbzvAapfdv-Lhx_6Z1OH2jBtSbkURO5NONLAv_cqxw1yqsm0jaM55z77GAGUDt5yBlD3TrywikwjtEZvxinJe2Civyq9r1cfSsIc_ozhrvZAFarA9EuwsKXVeMadARTTCehu_krAsXl12LZIs18s9qx9F4g9ZKtAtRQbiLOerEVstQaTYspzswPkP4V6yy96g7i5ozcXBo80z7KYNSjiLuzguJ-4dZtktEW_gxNZS-nAA1WZG4sf0Ub0gbMAGy2G4RXAWKopdYfdYGL3jwBcdvfRzQ3I02LOy7o3zqWXSwo9XwY3LoCT40dWWQru76MH8vFyskdwxlikbGVBfJgzgptsqhfs1gvyrKzt8gOXGBRZ-Y18mS1pvpNAYvfpuhMl3YkwzKVLsfmHGbzaRCsx1ptut5eMxW-Yb_f24pyT4i3kiChsvOH9jwUZqCOdxYL2gOx3VxtGm1elCsKKvO9WXCHo8Y66oUyWvWmvw_hRjejxzDXxA6yGbvf-IrxhMx3HRAXeT5rLrvSbB7znWyI72wlW1fIvciI_l4drlnzaOJ3zYXwbTe8pdj5dhgFrXjlfYVvUq4dsU92UTQb9Ll-Vsy0A8xC5t1OKpq9Dp_6jDWWoanZCgdELJA7qQl7qoFpQHQPYkmiFzgoJcostVW0VGukPn_-rcF9pf48bUyIWwbOQwOHpj5SIoE3ar9Dq1Gpmoo1oQWcs6YTEjvXvblMlwN1DSWFFkmx6KwrVIjBsMocRV_hajhYCK9Vx4Ny9krUKrzft8g10WW9xGdVWh5rM7-O15qO2Vkzdkn3NaAppYPdrSiCcJM_VpD_0p0eNRxbXi9Oz-303XGlm-aOLGsHXdA8g5x3k3m5tZ5Q8qNXNA7-dImutME1lqPT546Igm8jIh4uowdZvIdCwymy-ma4GhqlYL7nRPG9ltiZFa37xL6ZJK3R_LcJbdZ_xDfcVq-NiyrebnYTOJUJPl5_jEO69f5UTZ3PgO19o3bqdfuLIRE9aJNHXaFopCYaHuOHFMs1NS2-YssjRyvakRtXBeWyV6YANZjyyfBm7_1nCR6zVCVmX0ltQ2DJpq1r51APlB9aKs0wpgZdl_yk87o0Wc9eFjKDeLmg9JjTWZU3ut4M7n6VLHbaYTLRZ8NaUQU3M0TKftK-qWvqsw7lXHYien2OGwFL1u9pDH_adn7iFWrQb7A1aLM27iNxxGzIBjelnvIisX3j3WGoda5l6MM9NzpjTod2MR2CneS6oHpjF753lLnHc8bNRkzl9vxi5JBqt5-0cGnPfi0ehQLtOpCfOZjYjc3P7ftNC2Xv8njynpqi7A_b15EKV1rKwl4nT6fx0uZ4fec1TQCkpy7YpkTT7-6qecN6hK6EJrrvLsi0-AatHMHslr1Vu9pX_1jrUX_qse0F1d2a1n0Xck81o&cid=CAASJeRoBz5KokM_T4Htx7FIRB5DWK7nkuxql56lPMQ7Wk4RdKVkEgA&rfl=1%2Chttps%253A%252F%252Farstechnica.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-32.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
d0406558b344f6b641478db2a64ef61e08ff2737ead53ea5270eb3ecfcd20389

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 09:41:05 GMT
content-encoding
gzip
server
nginx
age
20888
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 7059c9fc065ed611eb4484ede494f844.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
EWR53-C3
content-length
8077
x-amz-cf-id
gMiwiBKog1ss_q5VNfUB7eBMpGhM-7nCmuY3-QOqnvPJqLHWz1Ciuw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FB9B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B43fWVKFdhEpXYd0raOPVPQ_M6M0Ecu4NKN5SEJdC50Sp5lLF3L_WkyvXJHTL3zjXDbFhQLDb42Mxxp9ZvvOwrig7h-t8LlqtT28Qor_PB7Y-KVvXqnqrcW3avPrZQ0D-syHKjvtIQtpk_bJPJXs-zWpBpZw&dbm_d=AKAmf-A7lS6mdVzhlrdsv4EVN0TcBTFJETkqZGdGRxWvDZiGjd8R96OFAtl8UOvnaOhhO-EYqRpX2x82M3lSmIEvvNz720rnUNyRwF1iP9XDSqx7MkVgGedJbg1P-e2dQvknGfVOJzInIwYAdFtTFu97hYqby7QZWgUicuanWHS155dfiN60iG_GXQFoDc9jSvZJRlzkXm8QhFN0v1QTXoyO1Zsg7SGE8rCASscjjbruS6wjFnhlNsoFmP7z_5lTb99rrZn_NrH4_CTXWgTjSNbocIuaV_KTPUqOLq5LU2aVNICj16Ag7qaHsXYmK7M65x2jxWvJI6VlIOJFdn5mjtTmm3Xx0vBkPNQ4v8Tbm9qsx9zyXzdJEIQTwnucZe_vv5cXJRwSar4JWzp8SDzO-1eF8Hn4TYq6LE0CqxZclKgps6yBTOG8OtxWI0LxvVFFepDHPEnB1qFqzJJ6KpSc5CcDjaV9pNVMPsSqQpil5GtFegQgbVM2muBjRYq2zmJy1HcSTZcNMszfgZZUUjG3ZjWfHDlWId5WzCWBoZNkYkIrUB7BQwmGlxwO63NuaSDdecV0bjCS43Qw9Y8_ko5bLRfc8-hwBEUwYe2am6VuvlLlOp33dXylN-J1IttP4K30YMdQx6XK5N9Tp8Uty3xYFU4E5rFjk4ZV0CXdm6qz1YNR2bq9_ucMDXhoGXrG8oFdtU4uCgLrrJSMkQL5TPB2aTDQ2IxoF5uxq1mUla086Fs-eJnoxwoYsGMWuyvQX3wY4hQBen8DRbv-Lpa-qL9AVL5NHo1q7iIEF4jAgEAT3UpgJ9IcwXnKAjEaWRhwfhAL44p5k131FVWb71NQSoIkE4ePHcuYkxKIigCXHBMln9MH6bJ9FDO2q2lyEolZF6NtTRBpXEofIYMIFHqcfvWiuT5wLn6M-0RQE94kOLIiDOG3Ky5GL04z5cVrt83TPqjoRjoU1lA5NSV5VSESUQD4smAVuvImsPcEU1G9nDgUF_Yzxh3HXhthd9oMR8Mc0mmQ2DBpnJydL86B1me3Zu5mqxW2yAEtKCtNBzH3dqRbTKCr3fS7RUCd9-FvYbcodI0gjesn0cmlpaGyxowfd497G70w3PkO02XgG-cCHzhmv38YlGGfBWEV3HP9z75sSWALKxR4Afg36bUKPFD0sTCpdXZocSVKMxtlvxrhDhc5NBkXNDRAoJjGTBhY-OsqQpOF_lKVXgTRtFjP0fRlJsLQ-3NW-WPO6u4MteTY5-_Ng6rG8b6M5GSbUw2J9wci26qWmYQ43LEdtaKhoQ09oy1CRm_fmem7DDSQ9d_Hn_mRN5FZa6TrTrNQOdpvfi8GplJ9_8xjdBl-DLMsC-UvyD0j_HiL_3rfBjLwlYnCrGrwgvA-oQNRNiDUf3eHKXn4ZvIdQamhAN9AGIKoSgPJQvwioRIIvVGdKL9S6FSu0yeos_FWIudHnbmAYHC1QNS3NWWy535yT4WVVSdsn7ZvjJbWSLhQqcKs5CGCLPV4X5mOf7TWHyTUvETHV7M9f5no8ZIGCs0gi8CKpH2jkWMj9EoPA_Vl_bt6UJ3dVv7AhWnoHIFZOy95xziFvCo8SgAz62JnVGyirdgDGBqyyaMuzTMhaSXLBGziSAD37Jn3X3Ouab1hpdfkKcviry9Y54gkBv70FJL9Q6IrIqeNEwnJOD1hgBWGunuKWvoB7ihPbRcJ-Jt2oRg5ovbbHWDvi9Bgbcz2LXAmaj2xP5km43pZJwXAGYBz_YUNolyCjgW-EK69KxgorO5QMl-9SuIAJZ5hh40ZnHZ9LtGm9tGtUjQKmDKjwcAnix1jLUTrnKUwyC0k0q3qMuLPhyJ6eQFypgaQywWlAVpCBC9Vfn5TAE6bFwpZCVHOKJlZQwouSjF8jkA15H2rbzvAapfdv-Lhx_6Z1OH2jBtSbkURO5NONLAv_cqxw1yqsm0jaM55z77GAGUDt5yBlD3TrywikwjtEZvxinJe2Civyq9r1cfSsIc_ozhrvZAFarA9EuwsKXVeMadARTTCehu_krAsXl12LZIs18s9qx9F4g9ZKtAtRQbiLOerEVstQaTYspzswPkP4V6yy96g7i5ozcXBo80z7KYNSjiLuzguJ-4dZtktEW_gxNZS-nAA1WZG4sf0Ub0gbMAGy2G4RXAWKopdYfdYGL3jwBcdvfRzQ3I02LOy7o3zqWXSwo9XwY3LoCT40dWWQru76MH8vFyskdwxlikbGVBfJgzgptsqhfs1gvyrKzt8gOXGBRZ-Y18mS1pvpNAYvfpuhMl3YkwzKVLsfmHGbzaRCsx1ptut5eMxW-Yb_f24pyT4i3kiChsvOH9jwUZqCOdxYL2gOx3VxtGm1elCsKKvO9WXCHo8Y66oUyWvWmvw_hRjejxzDXxA6yGbvf-IrxhMx3HRAXeT5rLrvSbB7znWyI72wlW1fIvciI_l4drlnzaOJ3zYXwbTe8pdj5dhgFrXjlfYVvUq4dsU92UTQb9Ll-Vsy0A8xC5t1OKpq9Dp_6jDWWoanZCgdELJA7qQl7qoFpQHQPYkmiFzgoJcostVW0VGukPn_-rcF9pf48bUyIWwbOQwOHpj5SIoE3ar9Dq1Gpmoo1oQWcs6YTEjvXvblMlwN1DSWFFkmx6KwrVIjBsMocRV_hajhYCK9Vx4Ny9krUKrzft8g10WW9xGdVWh5rM7-O15qO2Vkzdkn3NaAppYPdrSiCcJM_VpD_0p0eNRxbXi9Oz-303XGlm-aOLGsHXdA8g5x3k3m5tZ5Q8qNXNA7-dImutME1lqPT546Igm8jIh4uowdZvIdCwymy-ma4GhqlYL7nRPG9ltiZFa37xL6ZJK3R_LcJbdZ_xDfcVq-NiyrebnYTOJUJPl5_jEO69f5UTZ3PgO19o3bqdfuLIRE9aJNHXaFopCYaHuOHFMs1NS2-YssjRyvakRtXBeWyV6YANZjyyfBm7_1nCR6zVCVmX0ltQ2DJpq1r51APlB9aKs0wpgZdl_yk87o0Wc9eFjKDeLmg9JjTWZU3ut4M7n6VLHbaYTLRZ8NaUQU3M0TKftK-qWvqsw7lXHYien2OGwFL1u9pDH_adn7iFWrQb7A1aLM27iNxxGzIBjelnvIisX3j3WGoda5l6MM9NzpjTod2MR2CneS6oHpjF753lLnHc8bNRkzl9vxi5JBqt5-0cGnPfi0ehQLtOpCfOZjYjc3P7ftNC2Xv8njynpqi7A_b15EKV1rKwl4nT6fx0uZ4fec1TQCkpy7YpkTT7-6qecN6hK6EJrrvLsi0-AatHMHslr1Vu9pX_1jrUX_qse0F1d2a1n0Xck81o&cid=CAASJeRoBz5KokM_T4Htx7FIRB5DWK7nkuxql56lPMQ7Wk4RdKVkEgA&rfl=1%2Chttps%253A%252F%252Farstechnica.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 23:59:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
142159
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Mar 2023 23:59:54 GMT
CS_300X600_BS_BMWS_RC_WIRELESSDEV_SC_DEVPROMO_SA_SMBGN_LG_ENG_TI_NTRD_CM_PHNPROMO_CV_GNRL_OF_BOGO_OD_APL_OV__1000_off_OP_DEVP2_FM_STTB_TL_NO_PA_NA_FF_NA.png
s0.2mdn.net/9847203/ Frame FB9B 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9847203/CS_300X600_BS_BMWS_RC_WIRELESSDEV_SC_DEVPROMO_SA_SMBGN_LG_ENG_TI_NTRD_CM_PHNPROMO_CV_GNRL_OF_BOGO_OD_APL_OV__1000_off_OP_DEVP2_FM_STTB_TL_NO_PA_NA_FF_NA.png
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
831efce211342ecfc80a2112ff2f527c0b70ac2cae0b330f33ac619faae1e427
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 16:47:18 GMT
x-content-type-options
nosniff
age
81715
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
103942
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 17:13:08 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 16:47:18 GMT
event
verizon.demdex.net/ Frame FB9B 		42 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://verizon.demdex.net/event?d_event=imp&d_src=125851&d_site=6467859&d_creative=165329057&d_bu=9847203&d_placement=322700529&d_campaign=26925916
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.169.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-169-207.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-0ff8cc49e.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
SBG3lRbPSQM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
integrator.js
adservice.google.com/adsid/ Frame FD8D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
pixel.gif
load77.exelator.com/ Frame 2076
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=65416946501074486881869476194977929017
  • https://load77.exelator.com/pixel.gif
43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Tue, 22 Mar 2022 15:29:13 GMT
x-age-lb
19
x-77-nzt-ray
sLHbSdGoBBE
x-77-cache
HIT
content-length
43
x-cache
HIT
x-age
934220
x-77-nzt
Alm7sQ+LsEL/TEEOAJySO+jLG7X/EwAAAA
x-lb-ip
156.146.59.232
x-cache-lb
HIT
x-accel-expires
@1648065533
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
etag
"59f0c3fc-2b"
x-lb-pop
newyorkUSNY
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
expires
Fri, 15 Jan 2021 19:58:16 GMT

Redirect headers

date
Tue, 22 Mar 2022 15:29:13 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
ecm3
s.amazon-adsystem.com/ Frame 2174 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=fd99e755-fbdd-c004-083b-6eae918e1a9a
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YXN5CTT2BZQ5YDXWYDYT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2174
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YjnrRwAAADpnQgQL
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YjnrRwAAADpnQgQL
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647962953.446059,VS0,VE0
x-served-by
cache-ewr18152-EWR
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YjnrRwAAADpnQgQL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
3188fd6c-77db-e9b7-f9e2-facc06ea1c33
pr-bh.ybp.yahoo.com/sync/openx/ Frame 2174 		43 B
986 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/3188fd6c-77db-e9b7-f9e2-facc06ea1c33?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:56c0:bbbc:18e0:97e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:13 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 2174
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=a54f9b28-e777-7bfe-c835-ec39f9bdd17a&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&ttd_puid=a54f9b28-e777-7bfe-c835-ec39f9bdd17a&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&ttd_puid=a54f9b28-e777-7bfe-c835-ec39f9bdd17a&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&ttd_puid=a54f9b28-e777-7bfe-c835-ec39f9bdd17a&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame 2174 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODkyMDQ4ZTItMmUwMC0yNTVhLWRkZDUtYjY4MDMzNWYxZjFh
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 2174
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKOHPQp5Wv5k_lhS7BfBad0&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKOHPQp5Wv5k_lhS7BfBad0&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKOHPQp5Wv5k_lhS7BfBad0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6B16 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SFT6CGWC80S9ZXDTFJ87
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 6B16
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEADn2nHyv7W9CtL1F1EWYl4&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEADn2nHyv7W9CtL1F1EWYl4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:13 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEADn2nHyv7W9CtL1F1EWYl4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6B16
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YjnrSETtBJYiRIvboXIHjAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN6ZjlNc2LvDK2x3nmbRQpY&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN6ZjlNc2LvDK2x3nmbRQpY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:13 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEN6ZjlNc2LvDK2x3nmbRQpY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 6B16
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&expiration=1650554953&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&expiration=1650554953&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:13 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&expiration=1650554953&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 6B16
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=6N6kzBX01NwGrD5
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=6N6kzBX01NwGrD5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:13 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0b98cd7e2f2eb5b4a@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=6N6kzBX01NwGrD5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6B16
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662289794877202
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662289794877202
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:13 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
428
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6efff62c5dfbd15f-BUF
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662289794877202
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6B16
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0d8d41f2-870c-413d-ae63-5efc0447587b
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0d8d41f2-870c-413d-ae63-5efc0447587b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:13 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=0d8d41f2-870c-413d-ae63-5efc0447587b
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 6B16
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1813050710606316317
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1813050710606316317
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:13 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1813050710606316317
Date
Tue, 22 Mar 2022 15:29:13 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 6B16 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PDNNM6K7M1PMGPVA974P
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
1409
check.analytics.rlcdn.com/check/ 		23 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1409
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-51.ewr53.r.cloudfront.net
Software
/
Resource Hash
d0ef936654ba84031c1ef90617069aceaab3dac1dd0912b76ebd449f9a566e55

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Mar 2022 15:29:13 GMT
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amzn-requestid
4f478949-d3e9-449a-b767-04e24a05060a
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6239eb49-7d703fd3058b000237b1ab46
x-amz-apigw-id
PZGzhH26DoEFgZg=
content-length
23
x-amz-cf-id
RSqpXlaqJ4JKfJ_sftaUEHKWM1Qlw_U7TwsB9nX1KwTqIip78ChfEA==
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 0455 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://arstechnica.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0
date
Tue, 22 Mar 2022 15:29:13 GMT
1409
check.analytics.rlcdn.com/check/ 		23 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1409
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.162.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-162-51.ewr53.r.cloudfront.net
Software
/
Resource Hash
d0ef936654ba84031c1ef90617069aceaab3dac1dd0912b76ebd449f9a566e55

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Mar 2022 15:29:13 GMT
via
1.1 41ef018c4b3646a152209c05c1b3adf8.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C3
x-amzn-requestid
8bf2196e-148c-41c4-88ae-cb861cb75b0c
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6239eb49-05334b7776d463a77ce00acc
x-amz-apigw-id
PZGziFLbDoEFnmQ=
content-length
23
x-amz-cf-id
uCsyAyQ8m0gHaFcbwIgBU8p2_VVVFswAqvf4hLy2pdj7vRhfN0AgBA==
rtset
bh.contextweb.com/bh/ Frame 1CFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=RnF2MjFOdmZwMFBmTC1tcDlKaHB0Zw&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESELj1VrFNvx3dmsTmi77_UAQ&google_cver=1
49 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESELj1VrFNvx3dmsTmi77_UAQ&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-5799967b4-8dq22
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESELj1VrFNvx3dmsTmi77_UAQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame 1CFE
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=5d3a48d7f4b108eb&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAADLCxZBg21OwM_oJzFAAAAAAA&expiration=1648049353&nuid=&is_secure=true
49 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAADLCxZBg21OwM_oJzFAAAAAAA&expiration=1648049353&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-5799967b4-8dq22
expires
-1

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAADLCxZBg21OwM_oJzFAAAAAAA&expiration=1648049353&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rtset
bh.contextweb.com/bh/ Frame 1CFE
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=95&gdpr=0&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid...
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553&gdpr_in_effect=0&gdpr_consent=
49 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553&gdpr_in_effect=0&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-US
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-5799967b4-8dq22
expires
-1

Redirect headers

location
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553&gdpr_in_effect=0&gdpr_consent=
date
Tue, 22 Mar 2022 15:29:13 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
ecm3
s.amazon-adsystem.com/ Frame 1CFE 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=wQJndR7Ju02E&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
1ZQWSGKQ5G7SM8ECFV11
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame F274 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
852cdf8021fd4c2e8a34887e38d418c3bba54c9b2c34a793f285cc5881190042

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42834
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Wed, 23 Mar 2022 03:23:07 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CONDEVIDEOCONTENT1&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1647962953425&de=42259314908&m=0&ar=359f21c1e97-clean&iw=a0cb2c4&q=10&cb=0&ym=0&cu=1647962953425&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&zMoatVideoId=60abade4dc31e5375248cba6&zMoatAP=true&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&gw=condenastjsvideocontent160527792519&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A468%3A468%3A0%3A712&fs=197273&na=1629034773&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:13 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 8853 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/293baa5d/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/ntS7WHaznjI?start=0&wmode=transparent
X-YouTube-Client-Version
1.20220320.00.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgswbW5OaE1SRzVNQSjF1ueRBg%3D%3D
X-YouTube-Ad-Signals
dt=1647962949816&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C880%2C495&vis=1&wgl=true&ca_type=image

Response headers

date
Tue, 22 Mar 2022 15:29:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame FB9B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsunu8Wi_wtKi0-nVffxoV4ak6BKHx0oairRChnzhpCIXDnZE88y87-SNm9Fxjc6O1Yc0i4pHcneU2JCEAlEy-v6NKgoohu8SMS9UAZ_dY9BOoaR9-HDTd3kg1KvYv-9yk-TdYl6ZMcAX6mZM_T6I33VxDWSndgY5q4RQXBHTciLedrUUjpCXRMW9g7ucbYHQwaHZiF3GiYxUwL4lK5d3qhulFnVcWQiPADQt1D54ktAbgrDdCOpuiyl87Z6zKinZLI5oUQU-coPpjxAWEpv-YNAIivQLTfsuT12qRIw5TkHljQ2aIFKb7jeqOPXaIUqRPjSF89R_6-3YujL3yAS2S1wNwW3VLjeXkBJjy_lCFXsn6Z3nFwdEc_oFr3eFAR6AsIF2HiQ-L1oYaZmSYmlujy0-tDdwPw0rtkq2KcaJyGOZbPsRxpkKa9pf_r92Swj1VDAPIY4uQZnxruXBNXKGnpynFniK3ZLQWGF4Lkt4Y44a1fZoUq2DYIR4tJ3Ry8yhMMuJQarBqI0BiiaWIE_Yd8QuHmtjbNKV9R5DcbcmKW7nJ2aiyRdSM635l16vIaOgMFczX3GuqsxvP094mwNVUGpN1w1lL-wck7RdaUjYQD80kFnHZZiu0_U2w2TqELLvsgLtX28L_w9tHFoNSbFgengIxRaY_EKLyGIZOArFau8WxSzHbvAboBwecfOp7It9RwuvZkBN70c_2DXA6nw0iL1m8hu33m2ZZlWE5T66nShtrjGYwMwslnrLYRjUgb2xtxZqXc0XKAFwFyiFLcMboJCka8qlNl78wN2-AU9kzd-Y9hvWgK5gthpGnyYaNqY803-J5oH0P2zDsHgelQRfSgGlRZzmmlsYYVm-i_ZznJBnqh9T1UnlE_VLILC9hyvwC7ScEXt0YIm3LjXywPADm902WO17AEKcQAMOPixYMQtTGnjhfK_OfwnMmtqibxBGhuci_WVccfm7mjQ0hDKd_Mn39c_kl_YFfIQvYB23abcUPuehaxojG9KwsU2oZ0bUAwMzYKnJPY00gTY8H3qOwp958S6S66JpxZ0wH2yeYp-VrOBjyYVvQ9G3Gei6jWJ7YZAi9nGimjrehtgesMJfRmxTcK-F3fXOAt8IgHofu00RddoTzvQ2NzYusbpxgRhjiRcbifatSPGlA&sai=AMfl-YT1mAXYoqc9f6SJfERwDAXAEJBcgwA0ORJG-umWYuizVC_mqzJaDTlYjUFcvB67sf46oYU1IKb36rnP_Vat5FC7Lj_fLuA9LVO6cj48ggboWBNFlHEk2g2WuiBQvrvM55oLAJizUtYKr7pydCwr3x6k-_ME9eLxxIdRGx8A1_IcoAIbna1zv9DSygoing9lb8kTODuQSPOfAAmyrUSfW-C3&sig=Cg0ArKJSzCeScs7XAb4MEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=231&vt=11&dtpt=230&dett=2&cstd=0&cisv=r20220317.48407&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-B43fWVKFdhEpXYd0raOPVPQ_M6M0Ecu4NKN5SEJdC50Sp5lLF3L_WkyvXJHTL3zjXDbFhQLDb42Mxxp9ZvvOwrig7h-t8LlqtT28Qor_PB7Y-KVvXqnqrcW3avPrZQ0D-syHKjvtIQtpk_bJPJXs-zWpBpZw&dbm_d=AKAmf-A7lS6mdVzhlrdsv4EVN0TcBTFJETkqZGdGRxWvDZiGjd8R96OFAtl8UOvnaOhhO-EYqRpX2x82M3lSmIEvvNz720rnUNyRwF1iP9XDSqx7MkVgGedJbg1P-e2dQvknGfVOJzInIwYAdFtTFu97hYqby7QZWgUicuanWHS155dfiN60iG_GXQFoDc9jSvZJRlzkXm8QhFN0v1QTXoyO1Zsg7SGE8rCASscjjbruS6wjFnhlNsoFmP7z_5lTb99rrZn_NrH4_CTXWgTjSNbocIuaV_KTPUqOLq5LU2aVNICj16Ag7qaHsXYmK7M65x2jxWvJI6VlIOJFdn5mjtTmm3Xx0vBkPNQ4v8Tbm9qsx9zyXzdJEIQTwnucZe_vv5cXJRwSar4JWzp8SDzO-1eF8Hn4TYq6LE0CqxZclKgps6yBTOG8OtxWI0LxvVFFepDHPEnB1qFqzJJ6KpSc5CcDjaV9pNVMPsSqQpil5GtFegQgbVM2muBjRYq2zmJy1HcSTZcNMszfgZZUUjG3ZjWfHDlWId5WzCWBoZNkYkIrUB7BQwmGlxwO63NuaSDdecV0bjCS43Qw9Y8_ko5bLRfc8-hwBEUwYe2am6VuvlLlOp33dXylN-J1IttP4K30YMdQx6XK5N9Tp8Uty3xYFU4E5rFjk4ZV0CXdm6qz1YNR2bq9_ucMDXhoGXrG8oFdtU4uCgLrrJSMkQL5TPB2aTDQ2IxoF5uxq1mUla086Fs-eJnoxwoYsGMWuyvQX3wY4hQBen8DRbv-Lpa-qL9AVL5NHo1q7iIEF4jAgEAT3UpgJ9IcwXnKAjEaWRhwfhAL44p5k131FVWb71NQSoIkE4ePHcuYkxKIigCXHBMln9MH6bJ9FDO2q2lyEolZF6NtTRBpXEofIYMIFHqcfvWiuT5wLn6M-0RQE94kOLIiDOG3Ky5GL04z5cVrt83TPqjoRjoU1lA5NSV5VSESUQD4smAVuvImsPcEU1G9nDgUF_Yzxh3HXhthd9oMR8Mc0mmQ2DBpnJydL86B1me3Zu5mqxW2yAEtKCtNBzH3dqRbTKCr3fS7RUCd9-FvYbcodI0gjesn0cmlpaGyxowfd497G70w3PkO02XgG-cCHzhmv38YlGGfBWEV3HP9z75sSWALKxR4Afg36bUKPFD0sTCpdXZocSVKMxtlvxrhDhc5NBkXNDRAoJjGTBhY-OsqQpOF_lKVXgTRtFjP0fRlJsLQ-3NW-WPO6u4MteTY5-_Ng6rG8b6M5GSbUw2J9wci26qWmYQ43LEdtaKhoQ09oy1CRm_fmem7DDSQ9d_Hn_mRN5FZa6TrTrNQOdpvfi8GplJ9_8xjdBl-DLMsC-UvyD0j_HiL_3rfBjLwlYnCrGrwgvA-oQNRNiDUf3eHKXn4ZvIdQamhAN9AGIKoSgPJQvwioRIIvVGdKL9S6FSu0yeos_FWIudHnbmAYHC1QNS3NWWy535yT4WVVSdsn7ZvjJbWSLhQqcKs5CGCLPV4X5mOf7TWHyTUvETHV7M9f5no8ZIGCs0gi8CKpH2jkWMj9EoPA_Vl_bt6UJ3dVv7AhWnoHIFZOy95xziFvCo8SgAz62JnVGyirdgDGBqyyaMuzTMhaSXLBGziSAD37Jn3X3Ouab1hpdfkKcviry9Y54gkBv70FJL9Q6IrIqeNEwnJOD1hgBWGunuKWvoB7ihPbRcJ-Jt2oRg5ovbbHWDvi9Bgbcz2LXAmaj2xP5km43pZJwXAGYBz_YUNolyCjgW-EK69KxgorO5QMl-9SuIAJZ5hh40ZnHZ9LtGm9tGtUjQKmDKjwcAnix1jLUTrnKUwyC0k0q3qMuLPhyJ6eQFypgaQywWlAVpCBC9Vfn5TAE6bFwpZCVHOKJlZQwouSjF8jkA15H2rbzvAapfdv-Lhx_6Z1OH2jBtSbkURO5NONLAv_cqxw1yqsm0jaM55z77GAGUDt5yBlD3TrywikwjtEZvxinJe2Civyq9r1cfSsIc_ozhrvZAFarA9EuwsKXVeMadARTTCehu_krAsXl12LZIs18s9qx9F4g9ZKtAtRQbiLOerEVstQaTYspzswPkP4V6yy96g7i5ozcXBo80z7KYNSjiLuzguJ-4dZtktEW_gxNZS-nAA1WZG4sf0Ub0gbMAGy2G4RXAWKopdYfdYGL3jwBcdvfRzQ3I02LOy7o3zqWXSwo9XwY3LoCT40dWWQru76MH8vFyskdwxlikbGVBfJgzgptsqhfs1gvyrKzt8gOXGBRZ-Y18mS1pvpNAYvfpuhMl3YkwzKVLsfmHGbzaRCsx1ptut5eMxW-Yb_f24pyT4i3kiChsvOH9jwUZqCOdxYL2gOx3VxtGm1elCsKKvO9WXCHo8Y66oUyWvWmvw_hRjejxzDXxA6yGbvf-IrxhMx3HRAXeT5rLrvSbB7znWyI72wlW1fIvciI_l4drlnzaOJ3zYXwbTe8pdj5dhgFrXjlfYVvUq4dsU92UTQb9Ll-Vsy0A8xC5t1OKpq9Dp_6jDWWoanZCgdELJA7qQl7qoFpQHQPYkmiFzgoJcostVW0VGukPn_-rcF9pf48bUyIWwbOQwOHpj5SIoE3ar9Dq1Gpmoo1oQWcs6YTEjvXvblMlwN1DSWFFkmx6KwrVIjBsMocRV_hajhYCK9Vx4Ny9krUKrzft8g10WW9xGdVWh5rM7-O15qO2Vkzdkn3NaAppYPdrSiCcJM_VpD_0p0eNRxbXi9Oz-303XGlm-aOLGsHXdA8g5x3k3m5tZ5Q8qNXNA7-dImutME1lqPT546Igm8jIh4uowdZvIdCwymy-ma4GhqlYL7nRPG9ltiZFa37xL6ZJK3R_LcJbdZ_xDfcVq-NiyrebnYTOJUJPl5_jEO69f5UTZ3PgO19o3bqdfuLIRE9aJNHXaFopCYaHuOHFMs1NS2-YssjRyvakRtXBeWyV6YANZjyyfBm7_1nCR6zVCVmX0ltQ2DJpq1r51APlB9aKs0wpgZdl_yk87o0Wc9eFjKDeLmg9JjTWZU3ut4M7n6VLHbaYTLRZ8NaUQU3M0TKftK-qWvqsw7lXHYien2OGwFL1u9pDH_adn7iFWrQb7A1aLM27iNxxGzIBjelnvIisX3j3WGoda5l6MM9NzpjTod2MR2CneS6oHpjF753lLnHc8bNRkzl9vxi5JBqt5-0cGnPfi0ehQLtOpCfOZjYjc3P7ftNC2Xv8njynpqi7A_b15EKV1rKwl4nT6fx0uZ4fec1TQCkpy7YpkTT7-6qecN6hK6EJrrvLsi0-AatHMHslr1Vu9pX_1jrUX_qse0F1d2a1n0Xck81o&cid=CAASJeRoBz5KokM_T4Htx7FIRB5DWK7nkuxql56lPMQ7Wk4RdKVkEgA&rfl=1%2Chttps%253A%252F%252Farstechnica.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rad-fl-6227aaa551c2212df5bf806a.css
publish.responsiveads.com/flowlines/6227aaa551c2212df5bf806a/ Frame 92D6 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/flowlines/6227aaa551c2212df5bf806a/rad-fl-6227aaa551c2212df5bf806a.css
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r7.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.57.131.216 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-131-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e8f2f9ba1bdb262792fd853e2877f98091c07d8e890d8ca26061b85d51393caf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
SM2BY999EPVV7ZS5
Connection
keep-alive
Content-Length
557
x-amz-id-2
YarTCPlqjUOY2iQdNMa4AK20Zh22rS8UYFChXHzdwCS9ggeOYN3YhhVYdsb4xRt5M8Se+TNAIPs=
Last-Modified
Tue, 08 Mar 2022 19:12:39 GMT
Server
AmazonS3
ETag
"2f3b1078195104229fe4af7578bfeb0b"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
ads
pubads.g.doubleclick.net/gampad/ Frame 4C27 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x480%7C480x70&iu=%2F3379%2Fconde.ars%2Fplayer%2Finformation-technology%2Farticle&ciu_szs=300x60&gdfp_req=1&env=vp&output=xml_vmap1&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.9%26ctx_page_slug%3Dbehold-a-password-phishing-site-that-can-trick-even-savvy-users%26cnt_tags%3Dbrowser-in-the-browser%252Coauth%252Cphishing%252Cscams%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D13%26usr_bkt_pv%3D1%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D121100%252C131100%252C131135%252C300003%252C210000%252C240000%252C240002%252C240003%252C240004%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240017%252C240015%252C240016%252C240018%252C240019%252Cqx7745%252Cmiovit%252Cap05we%252C65f9pd%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_sid%3Dc6e234da-e66f-4616-8ecf-67f29b24d5cb%26vnd_4d_pid%3Deae3ccff-0843-45ac-8cff-0eff3278f998%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3Dd5efd6f4-e37c-4e37-a0e7-a5c483b8ba35%26ctx_line_items%3D%26height%3D329%26muted%3D0%26right_rail%3D0%26sensitive%3D0%26series%3D5c82bcebbcdfff6f132fc5e6%26width%3D584%26feature_flags%3Dclick-to-play&correlator=4053557672708200&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&vid=60abade4dc31e5375248cba6&cmsid=1495&ppid=d5efd6f4e37c4e37a0e7a5c483b8ba35&sdkv=h.3.506.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&ptt=20&adk=3408565466&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.506.0&sid=372C6923-7219-4FDB-B2FF-6513E2B6EE50&nel=0&eid=44738438%2C44758348%2C44758374&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&dlt=1647962949900&idt=2311&dt=1647962953491&cookie=ID%3D9d3852e4f388491c%3AT%3D1647962950%3AS%3DALNI_MYlhRUT3fbb2y6Y1yeNKgrlNM2leA&scor=2438901934792524&ged=ve4_td3_tt1_pd3_la3000_er8725.310.8878.610_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.506.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
8538e514bd21fc58bf63d7b8a1f66a07db8fb02493a27d18d45dd5ebbb695b39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1663
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=420&dpuuid=6239eb4941a25e61
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://su.addthis.com/red/usync?pid=16&puid=65416946501074486881869476194977929017&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D420%26dpuuid%3D%7B%7Buid%7D%7D
  • https://dpm.demdex.net/ibs:dpid=420&dpuuid=6239eb4941a25e61
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=420&dpuuid=6239eb4941a25e61
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-088644b20.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
fu5E2soBTNc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=420&dpuuid=6239eb4941a25e61
pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
init1.js
api.bounceexchange.com/bounce/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=791&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAWAdgE5CAmcgVgGZaAGWzYALxCicwHcBTAEY5UwfgH1UAEyhUAHE0KYATvxwgANnDQYChJkwAe+KgZX8Y-ZauVRsAQw0bUCAObi4yjVAAWwYAAOOACk9ACCwVQAYpFR9so4Ykg+CKhI9gB0SCAAtrEuMCDKOfY6CAC0SSmaIK4AnrGmVFSxTPSxgvw+mlLl9uUB9jg4vEW9AT6oOJNu5SJilT6l5ekVwMppANbl-ABu-BU49ru7deVwOFYh0Zi7U6Li2SCbqPxQwaQAQpFUGgE-oQizT8gWuDCBtGikUhcQSVVS6SyuWh0QKRRKZUq-GSCBq9RRUSaLSoMLaBM63Q0vX6g2Go2U40m0xcrjmon4i2Wq0qGyQ2z2Bzmx1O50uCQJAKoAGEfsoAeFJS1SAARbAgZ6vd5fH67eURbXNAXKcQaWqufhSSQIPUwRyXD7Kh23eI4ADadyk-BA4juIkEGn4AF0oOs4PxnQlXYNzeJgHUAkGoPE0EgAxG3TkQFJHD77v7E7aNJd067k2kA+IEPYcgW7eHdi7S8oUxX0mJXEU6sHC8WG5HXI4A8o6pXq7Wi-XGwOnFYR23+B3h926yXTa5zZaXMuJyWjSazRardve42pDAAuJlP6QHzg7jgJf+PYpHUS0gEOJ+CVUBpxDg4MISAbJ0yjHpOkb-oIOSiGIlpfvYP7iEUgiiGBaoahIoDeho8TmrAK6CAE3CYPwgRQK6gaYAEwB4GqOQBM49jIBIMA4a4UBAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_486c3deacef91dda746a40d4c0c1cd36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
3e12e6fb7eb2c81584c6bad15afd83e91087610147839259815fec741941dcd9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
content-encoding
gzip
last-modified
Tue, 22 Mar 2022 15:29:13 GMT
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
25
content-type
text/javascript;charset=UTF-8
alt-svc
clear
via
1.1 google
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 92D6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstl-Q-LIStP9i7o7x6hwitBTWj1Fmf2MN5kUT6nGwlr-blK1wSWaH6EIJ8RYawFO4UDnooL-12WTHSDB4Rp4f4T23nIZQ92PBj3ZUU2JFu7VUeWQ6CaAmIwGUFtVSKCQcgH-YjXDD6Z_9mLgZbTe7LQ9g802m9hgEvexpGButGpFhnCZKGNq7lDsZyGoRaCJOja_JHP3rMwrmwYBJIXOkKW9bb2Eml-StTgGBMmrEnW1F12-R43UQYXFWkbXT-t5aWlA2C8-HZ8qR2ZyhqWDn8i3SUoNpw_AHNRjcMc-x_Me4ZHGzAp6FENbERGbLRfAGVHV_BIYibG4xZ1bKFElv8EXpmRczXVZ3vsZg&sig=Cg0ArKJSzOA1LsXKwJusEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 22 Mar 2022 15:29:13 GMT
4.js
static.adsafeprotected.com/ Frame FB9B
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/897507/59604290/4.js?ias_dspID=3&ias_campId=25838044&ias_pubId=pub-3844877863303739&ias_chanId=1&ias_placementId=15714995187&bidurl=https://arstechnica.com/inf...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:21dd:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Un_.8Vp_TKwliNJVsYlZHVB1x_sghLWA
content-encoding
gzip
etag
W/"96e16e7453ae2e6952bc6d2a20ea29f7"
age
370930
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Mar 2022 19:10:48 GMT
server
AmazonS3
date
Fri, 18 Mar 2022 08:27:04 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 3dd77c5199bed8cf64af9bc1af1f0d84.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
oS5V-QH647BmpI8vcNCi-jxv7_vAC2KszGpS9JTBMp0I6kpoCMEvBw==

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
x-server-name
app10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame A77D 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 03:16:10 GMT
content-encoding
gzip
age
9979984
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 3dd77c5199bed8cf64af9bc1af1f0d84.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
content-type
application/javascript
x-amz-cf-id
haBEUkkJTmj1OBf9xPGgaUzrSbNZ5tAYW7eAc41ttQOQRj7aboIM0g==
dt
dt.adsafeprotected.com/ Frame FB9B 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=897507&asId=bb924dad-14b6-4a84-8fc3-b5e835ef7fc0&tv=%7Bc:7BxZ1d,pingTime:-3,time:107,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:32%7D,%7Bpiv:0,vs:o,r:l,t:106%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:107,n:106,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B97~1%5D,as:%5B97~300.600%5D%7D%7D,%7Bsl:o,t:106,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t0PaBLC+11%7C12%7C13%7C14%7C151%7C1521%7C16%7C171%7C1721%7C18%7C19%7C1a%7C1b11%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j*.897507-59604290%7C1j1%7C1k%7C1l%7C1m,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.221.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-221-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame FB9B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=897507&asId=bb924dad-14b6-4a84-8fc3-b5e835ef7fc0&tv=%7Bc:7BxZ1f,pingTime:-6,time:109,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:109,n:106,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B97~1%5D,as:%5B97~300.600%5D%7D%7D,%7Bsl:o,t:106,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t0PaBLC+11%7C12%7C13%7C14%7C151%7C1521%7C16%7C171%7C1721%7C18%7C19%7C1a%7C1b11%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j*.897507-59604290%7C1j1%7C1k%7C1l%7C1m,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:arstechnica.com*&br=c
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.221.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-221-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=477&dpuuid=001f451012abaa9827fe20b9199bd709a5cfc66c9868f7ea5bf88f76ae73729fb0da87c991749652
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=65416946501074486881869476194977929017
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=001f451012abaa9827fe20b9199bd709a5cfc66c9868f7ea5bf88f76ae73729fb0da87c991749652
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=001f451012abaa9827fe20b9199bd709a5cfc66c9868f7ea5bf88f76ae73729fb0da87c991749652
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-0e6967e0f.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
9otdkPi7RfY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Tue, 22 Mar 2022 15:29:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=001f451012abaa9827fe20b9199bd709a5cfc66c9868f7ea5bf88f76ae73729fb0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.784c14fad3ed09aa7f26.js
platform.twitter.com/embed/ Frame 80E6 		418 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.784c14fad3ed09aa7f26.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D33) /
Resource Hash
62e15c717c858b539583d56df60087d0f0851a69480f52e5637a50fd60d1e53e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Age
579220
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
118888
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D33)
Etag
"837121804a3c0a218129592fe2f12885+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.vendors~ondemand.Tweet.d4dc6d9f20302d27b041.js
platform.twitter.com/embed/ Frame 80E6 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.d4dc6d9f20302d27b041.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D0D) /
Resource Hash
96840d8bad80f92a013bab64796aa1a29ae6f08e8b5d519e25f37877098b391d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Age
579220
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
10666
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D0D)
Etag
"f62e0963926319acfa13d3ac4b7b0d38+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.44711848a6d644a51d82.js
platform.twitter.com/embed/ Frame 80E6 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.44711848a6d644a51d82.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1D) /
Resource Hash
ffcca73fcf57a9104b8b1c23c45b32b01994b657acff47a8b8737a51b5049657

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Age
579220
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
5646
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D1D)
Etag
"4d13e6c6f6b371c7531e1f6cb42e8677+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.Tweet.3debca4342f31b7db9e1.js
platform.twitter.com/embed/ Frame 80E6 		57 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.3debca4342f31b7db9e1.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D2B) /
Resource Hash
171b2560bfb2a27b4387a2f3c5b2454535409c0c15b6bcb084f5327ed0db2188

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-0&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1505034619078459394&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Age
579220
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
13185
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D2B)
Etag
"982e43879d90b230cc9448e954bc2cbe+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.784c14fad3ed09aa7f26.js
platform.twitter.com/embed/ Frame 812C 		418 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.784c14fad3ed09aa7f26.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D33) /
Resource Hash
62e15c717c858b539583d56df60087d0f0851a69480f52e5637a50fd60d1e53e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Age
579220
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
118888
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D33)
Etag
"837121804a3c0a218129592fe2f12885+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.vendors~ondemand.Tweet.d4dc6d9f20302d27b041.js
platform.twitter.com/embed/ Frame 812C 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.vendors~ondemand.Tweet.d4dc6d9f20302d27b041.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D0D) /
Resource Hash
96840d8bad80f92a013bab64796aa1a29ae6f08e8b5d519e25f37877098b391d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Age
579220
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
10666
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D0D)
Etag
"f62e0963926319acfa13d3ac4b7b0d38+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.44711848a6d644a51d82.js
platform.twitter.com/embed/ Frame 812C 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.TimelineList~ondemand.TimelineProfile~ondemand.Tweet.44711848a6d644a51d82.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D1D) /
Resource Hash
ffcca73fcf57a9104b8b1c23c45b32b01994b657acff47a8b8737a51b5049657

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Age
579220
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length
5646
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D1D)
Etag
"4d13e6c6f6b371c7531e1f6cb42e8677+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
embed.ondemand.Tweet.3debca4342f31b7db9e1.js
platform.twitter.com/embed/ Frame 812C 		57 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.3debca4342f31b7db9e1.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.6b5d3661e7231f9606f3.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:131d:1d30:1f1d:238b:1e56 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D2B) /
Resource Hash
171b2560bfb2a27b4387a2f3c5b2454535409c0c15b6bcb084f5327ed0db2188

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?creatorScreenName=dangoodin001&dnt=false&embedId=twitter-widget-1&features=eyJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2hvcml6b25fdHdlZXRfZW1iZWRfOTU1NSI6eyJidWNrZXQiOiJodGUiLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3NrZWxldG9uX2xvYWRpbmdfMTMzOTgiOnsiYnVja2V0IjoiY3RhIiwidmVyc2lvbiI6bnVsbH0sInRmd19zcGFjZV9jYXJkIjp7ImJ1Y2tldCI6Im9mZiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1504802056372166694&lang=en&origin=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&sessionId=7e3baa24cf9b9970a323e301bc772a4d6eee8c05&siteScreenName=arstechnica&theme=light&widgetsVersion=2582c61%3A1645036219416&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Age
579220
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
13185
x-tw-cdn
VZ
Last-Modified
Tue, 15 Mar 2022 22:32:57 GMT
Server
ECS (nyb/1D2B)
Etag
"982e43879d90b230cc9448e954bc2cbe+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
main.gr.19.8.299.js
static.adsafeprotected.com/ Frame FB9B 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.299.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925175&adsafe_par&uId=&advId=9847203&campId=26925916&pubId=6467859&chanId=165329057&placementId=322700529
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:37:02 GMT
content-encoding
gzip
age
1277532
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Mar 2022 19:11:01 GMT
server
AmazonS3
etag
W/"587738d3e44b43a2620f42eb51d89fbf"
vary
Accept-Encoding
x-amz-version-id
kp2GPcLunARmvxyYiu0RKpd0_UaoR.nW
via
1.1 3dd77c5199bed8cf64af9bc1af1f0d84.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
content-type
application/javascript
x-amz-cf-id
WYQ8crCGL4ILtCSCv3ZtpSA9XKo9gJ_ZcdNXORdRIoEvZCQIkeZN2w==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 29E5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 20 Mar 2022 23:59:56 GMT
expires
Mon, 20 Mar 2023 23:59:56 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
142157
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1EF1 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 21 Mar 2022 19:21:12 GMT
expires
Tue, 22 Mar 2022 19:21:12 GMT
cache-control
public, max-age=86400
age
72481
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame FB9B 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f44d481ead8051ef5e202177f9836d2dd6429a5b5e3d70157b7331398c37e9e3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame FB9B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=897507&asId=bb924dad-14b6-4a84-8fc3-b5e835ef7fc0&tv=%7Bc:7BxZ2S,pingTime:-2,time:210,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1397,beZ:1398,mfA:1401,cmA:1403,inA:1404,inZ:1410,prA:1410,prZ:1422,si:1431,poA:1433,poZ:1465,cmZ:1465,mfZ:1465,loA:1506,loZ:1509,ltA:1606,ltZ:1606%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:32%7D,%7Bpiv:0,vs:o,r:l,t:106%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:210,n:106,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B97~1%5D,as:%5B97~300.600%5D%7D%7D,%7Bsl:o,t:106,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B104~0%5D,as:%5B104~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t0PaBLC+11%7C12%7C13%7C14%7C151%7C1521%7C16%7C171%7C1721%7C18%7C19%7C1a%7C1b11%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j*.897507-59604290%7C1j1%7C1k%7C1l%7C1m,idMap:1j*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:173,readyFired:false%7D&br=c
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.221.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-221-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
x-server-name
dt14.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
rad-fl-6227aaa551c2212df5bf806a.css
publish.responsiveads.com/flowlines/6227aaa551c2212df5bf806a/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://publish.responsiveads.com/flowlines/6227aaa551c2212df5bf806a/rad-fl-6227aaa551c2212df5bf806a.css
Requested by
Host: publish.responsiveads.com
URL: https://publish.responsiveads.com/libs/radical.r7.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.57.131.216 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-131-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e8f2f9ba1bdb262792fd853e2877f98091c07d8e890d8ca26061b85d51393caf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
SM2BY999EPVV7ZS5
Connection
keep-alive
Content-Length
557
x-amz-id-2
YarTCPlqjUOY2iQdNMa4AK20Zh22rS8UYFChXHzdwCS9ggeOYN3YhhVYdsb4xRt5M8Se+TNAIPs=
Last-Modified
Tue, 08 Mar 2022 19:12:39 GMT
Server
AmazonS3
ETag
"2f3b1078195104229fe4af7578bfeb0b"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=0
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=conde.ars&zMoatAdUnit2=rail&zMoatAdUnit3=information-technology&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1110&gp=879.015625&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962949354&de=584683710897&rx=134794783198&cu=1647962949354&m=4477&ar=359f21c1e97-clean&iw=8105762&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=879.015625&lb=10067&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=53&vx=53%3A-%3A-&pe=1%3A468%3A468%3A0%3A712&as=1&ag=1130&an=92&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1130&kw=902&aj=1&pg=84&pf=84&ib=1&cc=1&bw=1130&bx=92&ci=1130&jz=902&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=902&cd=184&ah=902&am=184&xd=00&rf=0&re=1&ft=767&fv=0&fw=767&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.ars&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=197273&na=1008104678&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:13 GMT
ibs:dpid=358&dpuuid=6141021567606092823
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=6141021567606092823
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6141021567606092823
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v030-090ef17ba.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Bf94NpI4SgY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
05957835-240d-446b-b138-40a4b0f814eb
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6141021567606092823
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C9AF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_486c3deacef91dda746a40d4c0c1cd36.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.68.201 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=106893
expires
Wed, 23 Mar 2022 21:10:46 GMT
date
Tue, 22 Mar 2022 15:29:13 GMT
vary
Accept-Encoding
creatives-base-styles.96663738.min.css
assets.bounceexchange.com/tag/css/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/tag/css/creatives-base-styles.96663738.min.css
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_486c3deacef91dda746a40d4c0c1cd36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
ad1e6142ee4942d81f5db672be8ecbe0a3252751e92ee31d1167426fcb3b3f9b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 05:30:48 GMT
content-encoding
gzip
age
1159105
x-guploader-uploadid
ADPycdsbavX1lVsw9-Ij1irMEDkHnL9zfncrbULZRWFF6PM8BiIr4IWvGl5-M_OiKw0_6dGnhe2aBwgiX2u26TcNZ8CBhvR45A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
6010
last-modified
Mon, 07 Feb 2022 14:51:25 GMT
server
UploadServer
etag
"b02b20e16378200891ef95dfe357cd77"
vary
Accept-Encoding
x-goog-hash
crc32c=0SBkxg==, md5=sCsg4WN4IAiR75Xf41fNdw==
x-goog-generation
1644245485313408
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
6010
accept-ranges
bytes
content-type
text/css
expires
Thu, 09 Mar 2023 05:30:48 GMT
stylesheet.css
assets.bounceexchange.com/fonts/opensans_400_normal_normal/ 		528 B
583 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/fonts/opensans_400_normal_normal/stylesheet.css
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-7329c51a38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
217f3f8de5b206d3b25924c717ac57a8b0c8a2cf3d189b6a8451d0b8f4ffd3cf

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 08:05:59 GMT
content-encoding
gzip
age
1149794
x-guploader-uploadid
ADPycdsz8v4aVqxpyTfl3TT25hf4JWXwXygHpzWVxqfISjNMOMJoePeFluw-5-bsGXenR7cRHK79_OajiOj8Er3jXUacvIxNXA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
273
last-modified
Wed, 31 Jul 2019 20:03:37 GMT
server
UploadServer
etag
"6a8a95fa5ee6a7122999ecbbbbba6b5f"
vary
Accept-Encoding
x-goog-hash
crc32c=Rbw7Mg==, md5=aoqV+l7mpxIpmey7u7prXw==
x-goog-generation
1564603417262207
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
273
accept-ranges
bytes
content-type
text/css
expires
Thu, 09 Mar 2023 08:05:59 GMT
visit
events.bouncex.net/track.gif/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLoATjyWRnUADnV1RnpJNgBlFAAzFCQQJ3pXd1UAMlAIGCQEeuR+pBxu8ChoCj4eNFN0BFgkUhw0yEhTYWo24xp6Ol26JrBIBLTMEHiURnjsg9oeeoIkLJRIEAJMAFoT+LOCUgIaAAnncdNRqHdmHI7jYEGl-rxPihPnMwGABE9EaY0uAcZg0J9eghvmlXp9Ll9IM1Ep8EMAsISUMBgEDPvBkJs9rQxr1oP0wP9YG8ProcJJVMxmDyJvzBcLMECxTopT0JvF4JBssAmiAUDZLGAcJQXNpqKBeAgCAB9VX63IQuQ7cFU2D2kI0ahzDBWyBA0xux0eppveKWD3u8FZAi8FCkG3jO3hwPgxqkRDh6ihcHBi6WK2YFA5JNO6ip9PgiPUHOhhBWy4nNBPEEV5Ol2PliGZj1oWOWJBA-OFgMlsturvgnvkZAD+sIRv94se0cZrPUAFoDC8K08Rcp9tj1d05BW9eb7eYXdttMHj28eqmK1IfUERKXzAESCPhAoXjNzur+JMCtBAXjIK0wFgGwwHiZpYSQS9lwrcdqAgmwsigE4txAlAwKeGxHBbEd93DFwABFpRgG4CAiEAECNE0PWARcGLIyt6mASBi3FdQXDyVRqDyNpK3NLiNF4-jBLkeg8nUPJmE8ZCUAIYtWGQ0hTEvVZ1k5ZMuTuI4fjOC4rhuLI7geJ4Xnlb5Tnfddmy5MFOy5KEYThBEkRRFA0QxJAsRxMA8QJIkSTJClvmpCJaXpL4wCZFk2UQJBOX2JDV28lThNMJjCOqZDeEvAq0o9eDCIzf8PXiDjRJ4viBKE5CICKh1jE+PLVzQGDizyEpKzMwjVNXXgQGa+QSwlVRJDyATmHUag5DkEoXBKOSepXD1SGq3KxLqyTK0uLI5hANBME2FrjVNaRVDkcEXGY01mUytStpa7jxPq6FWK+8j2VQDBsGgGxMiEZAcHSTIck6X75gB+lkveTAcAKIpSnKSpJChpKYZgCxXkeZ4cBUfghCkKVof+mALVAeIEF9f0cAtMAIk1UxOnVY5smQaBSWgj44cwnApQwAhoBuWBsH7G4LRwABVGpOmF0WCHFqkgSlhA5FlmpjAVy0lZV-sCxyWXzkw2pIFeBAwF1kX+jQBGcBEABNG2+TnBGjbokQEAENgnaeCJXfiKBFQUWB6lTAhXdMAhjljdWxTm5hqCDj43kwLBIATkQdajaWpQEWwiRGnBqBKeSKJLt7draaTZIrqmLgQEuJqmma5oWpaVuYHrOi9OlaIEKvOkQABHV1MBpkupVDWjsDeHI48OsUdoktpu7Z8JM5QUwQDhiAPhwC20DkTpG5phmR+VpAL8LmxOmxnBfqAA
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NIqhuEAxtgHYysgB0rAewC29GBwBmA1EJC4YAjgFoW7DgPQCwAT3pUADFSr09pegCMI2dQBNFIRaEKF4U28GwxCHjmEWEYLMrYsoo8Srio3ADWitAQSoQgUFBaisiEEEz0AGSgkLAIiKzpuMJQjDAgZugQhJjEAOwAQtRUsNYQAgD6sP7VEK1klIYRyAOG1ADCrXkQXbhawONGFK2Mcqw1g1TThkIC1iDoPZ4w-YOrhuJHGdu7VOvcNV0cIELLQ63X6LcTO2uoDbPHgsMBSHQTS5Ub6-Iz-QxgI41VBaF5vD5QmEfeFURHoZGokEQMEoi7DaE3bH3DRgSDWLpiMlfSl3VpxVBdGl0hkcJlXFl-e7WcTALqoaoCVhRPlUNS4MUQEDWCFw+6sDhdCAyGDHQjIMyEViRCyoGVY1mGPVmIQBFj0rUgHVdKRmAJmgVGBoAEVy4GgcCQggEUTg-gAXhBMKQABwAVl9+QDiBAHHYUkQkmQHGsiAAjHoAGykQwNTC57L7DqYPTZeAQA0BCAwayYKjRwvZXoBZtlgsAFgaAE4C1RB7HSLHB33Bx2OrBWE2WwXC7nB6O9H2qKQYw1ozPB9GE-6ED3yxkAI5jVOLsvZTZwDj4GDvZhvYC9gfD0fjvd9u-oB9cBAYAYCgTJ-AUTAgLAUhsjnbhI2sbJCAENAF0wOszGyP1H0wdJMiAA
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
article_view
events.bouncex.net/track.gif/ 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/article_view?wklz=IYJwLglgxgNgpgXgKQHYBCSBMmkBYAMYAngA5xY4DMAghaJLOdlgMIXFkVI13jTxdMbbJDADmPbGjgALAPYwAJqyz5gqksADOWgO5yQyzPhIyIWswDsA5qq0QwTQjOBhVUYJdVgQ0ANaqcABucF7GWsBBQUSqAK5acCBagsKYsSAwXJKYMmBgJMmSAGJYRaBajlAyltDAAHRQcgC2pRCWAGYGTa4QcpYAtJXVCnLWMZhFxswT+JSlAEayCor9wP2aOvqG62YWbdb99o6DLmD9HgM+-v3BoYeR0f3xickTKRQQ3dZMVLTYuflCn8ShMoIpLHVykMah46pY4G4JroSOc+o5LIiirESDA5MBFK9JvhpkVZqVTOYrAcUAA2fAAD0oAA58HUAFZkWzTVKKOBaKC+EiQPpZP6YABS8UR+F0MlCqiIcli3nksWsuQVSoA5EZ8Al5cZbiBxiZdlTvL4oAFjErpWA5SAmMJ8GgHBhjI0mnzVMBcTY6lwUAARABkTTkvIQ+BDujg8yOcAgigQmBZNJDQXMDiTCAAjDTcCgAJw0zBFgCslHLRdwRfw6d5magieTdJpuaLZfwuEwlGZKCZdaLTJDmm+mbguhzuZDCQAjrFQs2c5gQ7AIKE8p8+WBgE0SHmC8XSxXmSW1zANxjgCQICEkr1LAhd9ZKCHG9BEIpZ0qQM2ELG8whsA3wYggzwgEAA
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:13 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
sync
ssp.behave.com/
Redirect Chain
  • https://ssp.behave.com/push_sync
  • https://ssp.behave.com/ul_cb/push_sync
  • https://x.bidswitch.net/sync?ssp=bouncex
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=bouncex&bsw_user_id=62e8ec88-d2ea-41ea-a477-629331ac8f33
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=1d2bf79a-2aa2-4d4b-b6d5-7622945e46de&ssp=bouncex
  • https://ssp.behave.com/sync?tp_id=2&tp_uid=62e8ec88-d2ea-41ea-a477-629331ac8f33
43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.behave.com/sync?tp_id=2&tp_uid=62e8ec88-d2ea-41ea-a477-629331ac8f33
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
35.207.10.239 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.10.207.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
//ssp.behave.com/sync?tp_id=2&tp_uid=62e8ec88-d2ea-41ea-a477-629331ac8f33
Date
Tue, 22 Mar 2022 15:29:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
b1638463217479.png
publish.responsiveads.com/ads/6227aaa551c2212df5bf8069/img/ Frame 92D6 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/6227aaa551c2212df5bf8069/img/b1638463217479.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.57.131.216 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-131-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ce8beb4b5a3b9e7da71655922c936c9848e8253be8e42407a40825e8354fb01a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
x-amz-request-id
N2YHRQWEBZ2CKE2J
Connection
keep-alive
Content-Length
6896
x-amz-id-2
Jftpe7KU4Yvao71JKV+R4sDZruUzdYEFYk15NuaZd5ZrCbvx+IHCiYX4+/UbCA+HqYPXbczbNTk=
Last-Modified
Wed, 09 Mar 2022 20:36:30 GMT
Server
AmazonS3
ETag
"2b5ca2cfd0560119ea56ea4ad38325d9"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=30523141
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
a8932416219209.png
publish.responsiveads.com/ads/6227aaa551c2212df5bf8069/img/ Frame 92D6 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/6227aaa551c2212df5bf8069/img/a8932416219209.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.57.131.216 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-131-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c1da348f81e7e30c5c1af36261d4b08be41572c5f477475d9801149038a230d3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
x-amz-request-id
M7SP346XTMZNF8MD
Connection
keep-alive
Content-Length
14779
x-amz-id-2
uAJG6J/hR31OJJ/D92pLtsv07zfU3ARgEceIasJTqjwgDJ6SXYiFSBKvJ7C2Z30OjeSzt29RHrY=
Last-Modified
Wed, 09 Mar 2022 20:36:30 GMT
Server
AmazonS3
ETag
"aea2a783103f40db78ac9eefb90ecbf0"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=30523089
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
a9740128106043.png
publish.responsiveads.com/ads/6227aaa551c2212df5bf8069/img/ Frame 92D6 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/6227aaa551c2212df5bf8069/img/a9740128106043.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.57.131.216 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-131-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6f6da05bc856483fa1396166d53bfc51a1ce7cff6b72946d4f3bbe51f493b501

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:13 GMT
x-amz-request-id
M7SHDVGEWJX087BA
Connection
keep-alive
Content-Length
14196
x-amz-id-2
/5ClEGP4bK5t8seS09iD9O49sIvec787L3XMi6KMdzUDPAzAaPBuBtRaMUzegeappHJJEODAigI=
Last-Modified
Wed, 09 Mar 2022 20:36:30 GMT
Server
AmazonS3
ETag
"0c76513d3d35f2443247352228aff23a"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=30523141
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
___tp.gif
analytics.responsiveads.com/ Frame 92D6 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.responsiveads.com/___tp.gif?rada=&radb=&aid=6227aaa551c2212df5bf8069&fl=6227aaa551c2212df5bf806a&deployment=62290fb251c2212df5bf8b1c&vid=&pu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&dm=arstechnica.com&asid=5945896294&ascid=138384132668&pcat=3&sr=1600x1200&vs=1600x1200&as=1600x433&o=null&ald=null&ascb=885225794&uuid=77429bd1-8072-4b72-9b56-4aa001beb8e0&ec=0&bl=en-US&pt=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users%20%7C%20Ars%20Technica&e=impression&cb=1647962953938
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.255.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-255-175.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
image/gif
ads
pubads.g.doubleclick.net/gampad/ Frame C6DF 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x360%7C480x70&iu=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&ciu_szs=300x60&gdfp_req=1&env=vp&output=xml_vmap1&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.9%26ctx_page_slug%3Dbehold-a-password-phishing-site-that-can-trick-even-savvy-users%26cnt_tags%3Dbrowser-in-the-browser%252Coauth%252Cphishing%252Cscams%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D13%26usr_bkt_pv%3D1%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D121100%252C131100%252C131135%252C300003%252C210000%252C240000%252C240002%252C240003%252C240004%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240017%252C240015%252C240016%252C240018%252C240019%252Cqx7745%252Cmiovit%252Cap05we%252C65f9pd%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_sid%3Dc6e234da-e66f-4616-8ecf-67f29b24d5cb%26vnd_4d_pid%3Deae3ccff-0843-45ac-8cff-0eff3278f998%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3Dd5efd6f4-e37c-4e37-a0e7-a5c483b8ba35%26ctx_line_items%3D%26timeout%3D500%26height%3D155%26muted%3D1%26right_rail%3D0%26sensitive%3D0%26series%3D5c82bcebbcdfff6f132fc5e6%26width%3D276&correlator=4352584379934005&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&vid=60abade4dc31e5375248cba6&cmsid=1495&ppid=d5efd6f4e37c4e37a0e7a5c483b8ba35&sdkv=h.3.506.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=1502141071&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.506.0&sid=7685A54B-E3D5-4498-B039-0C82BF601421&nel=0&eid=44725355%2C44758374&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&dlt=1647962950546&idt=2275&dt=1647962953944&cookie=ID%3D9d3852e4f388491c%3AT%3D1647962950%3AS%3DALNI_MYlhRUT3fbb2y6Y1yeNKgrlNM2leA&scor=3845645210239641&ged=ve4_td3_tt1_pd3_la3000_er820.1122.973.1422_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.506.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
1db77e2d6302a66b6474669f44912ff5c6772c07ce503addadd7f2d1c45fd492
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1645
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
6227ab1b51c2212df5bf8079_orig_2400k.mp4
video2.responsiveads.com/6227ab1b51c2212df5bf8079/ Frame 92D6 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://video2.responsiveads.com/6227ab1b51c2212df5bf8079/6227ab1b51c2212df5bf8079_orig_2400k.mp4?ci=6227aaa551c2212df5bf8069
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:fd7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
daae99d1018824ce99b27667cd67b2ae91ad83f40d112007a28633bd4b2d5b78

Request headers

Referer
https://arstechnica.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
cf-cache-status
HIT
age
961375
Content-Range
bytes 0-3155508/3155509
x-amz-replication-status
REPLICA
x-amz-request-id
F49C45NFRG21SSZJ
x-amz-id-2
MKYwHpsjJxepg63BMPXp1Zzb7wcu8u7ZavO0sgHuFt8aD5dWTtHkERlzCbuy3iZg+FNC6hcnmhg=
last-modified
Tue, 08 Mar 2022 19:14:49 GMT
server
cloudflare
etag
"24a200f2b131b480b1a3e7b54dfa954f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
cache-control
public, max-age=31536000
x-amz-version-id
kX1qziSr3LoBGwzRVRAQrxOZMYcotwWj
Content-Length
3155509
cf-ray
6efff62ebf48d15b-BUF
expires
Wed, 22 Mar 2023 15:29:14 GMT
___tp.gif
analytics.responsiveads.com/ Frame 92D6 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.responsiveads.com/___tp.gif?fls=1600x433&rada=&radb=&aid=6227aaa551c2212df5bf8069&fl=6227aaa551c2212df5bf806a&deployment=62290fb251c2212df5bf8b1c&vid=&pu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&dm=arstechnica.com&asid=5945896294&ascid=138384132668&pcat=3&sr=1600x1200&vs=1600x1200&as=1600x433&o=null&ald=null&ascb=885225794&uuid=77429bd1-8072-4b72-9b56-4aa001beb8e0&ec=0&e=interact.video&v=started&elId=auto&parentelementId=a2&cb=1647962953985
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.255.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-255-175.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
image/gif
b11071181337244.png
publish.responsiveads.com/ads/6227aaa551c2212df5bf8069/img/ Frame 92D6 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/ads/6227aaa551c2212df5bf8069/img/b11071181337244.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.57.131.216 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-131-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0c9c19b44ffa3c3f80c48454587303ae3d2f2a0df72cd3e5484bbcd75cce33e9

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
x-amz-request-id
M7SXXEP1W5SBJEA2
Connection
keep-alive
Content-Length
5573
x-amz-id-2
Lo/flI56fyxzbpsbIUKYw4DQ0qYACl4x31rb2EVx/gBvGeQsPTdbH0EtDDJ52s1oODJyQVS1quE=
Last-Modified
Wed, 09 Mar 2022 20:36:30 GMT
Server
AmazonS3
ETag
"95343ccd88a4fad6b4601bcb671da2f7"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=30523140
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
___tp.gif
analytics.responsiveads.com/ Frame 92D6 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.responsiveads.com/___tp.gif?fls=1600x433&rada=&radb=&aid=6227aaa551c2212df5bf8069&fl=6227aaa551c2212df5bf806a&deployment=62290fb251c2212df5bf8b1c&vid=&pu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&dm=arstechnica.com&asid=5945896294&ascid=138384132668&pcat=3&sr=1600x1200&vs=1600x1200&as=1600x433&o=null&ald=null&ascb=885225794&uuid=77429bd1-8072-4b72-9b56-4aa001beb8e0&ec=0&e=interact.video&v=pause&elId=auto&parentelementId=a2&cb=1647962953996
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.255.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-255-175.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
image/gif
___tp.gif
analytics.responsiveads.com/ Frame 92D6 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.responsiveads.com/___tp.gif?fls=1600x433&rada=&radb=&aid=6227aaa551c2212df5bf8069&fl=6227aaa551c2212df5bf806a&deployment=62290fb251c2212df5bf8b1c&vid=&pu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&dm=arstechnica.com&asid=5945896294&ascid=138384132668&pcat=3&sr=1600x1200&vs=1600x1200&as=1600x433&o=null&ald=null&ascb=885225794&uuid=77429bd1-8072-4b72-9b56-4aa001beb8e0&ec=0&e=interact.video&v=play&elId=auto&parentelementId=a2&cb=1647962953997
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.255.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-255-175.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
image/gif
sca.17.5.12.js
static.adsafeprotected.com/ Frame 2E1A 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:7200:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 27 Nov 2021 03:16:10 GMT
content-encoding
gzip
age
9979985
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 3dd77c5199bed8cf64af9bc1af1f0d84.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
EWR53-C2
content-type
application/javascript
x-amz-cf-id
wzoIq7DqsCBKoxF4HTNoEn2hVOxZYoaDnhRgtJkw8ZexDGccWDwykw==
mon
pixel.adsafeprotected.com/ Frame FB9B 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=925175&adsafe_par&uId=&advId=9847203&campId=26925916&pubId=6467859&chanId=165329057&placementId=322700529&adsafe_url=https%3A%2F%2Farstechnica.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:2cc77e28-c5f7-8e4d-678a-b0414cfd97eb,c:7BxZ7r,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5c47ff9957-jpr5s,rg:va,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:329,fm:t0PaBNU+11%7C12%7C13%7C14%7C151%7C1521%7C16%7C171%7C1721%7C18%7C19%7C1a%7C1b11%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j*.925175%7C1j1%7C1j2%7C1j3%7C1j4%7C1k%7C1l%7C1m%7C1n,idMap:1j*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:352,oid:d3d9236f-a9f4-11ec-b5cc-5e826a686b39,v:19.8.299,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.191.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-191-32.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
x-server-name
app20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel
cm.g.doubleclick.net/ Frame 1EF1
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEOXfPq355lWJAy9CxMD4yCE&google_cver=1&google_push=AYg5qPJ9D2EKnTkOvEAMsPlmxNeGq74iP5pZAgUkD2jqwcrihPrUBVE08tucujboSDBqrz_SvTqA8-lGWxscakZR...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gbliOetISACPmSfe7E0kUQ&google_push=AYg5qPJ9D2EKnTkOvEAMsPlmxNeGq74iP5pZAgUkD2jqwcrihPrUBVE08tucujboSDBqrz_SvTqA8-lGWxscakZRR1oLKMdkTU0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gbliOetISACPmSfe7E0kUQ&google_push=AYg5qPJ9D2EKnTkOvEAMsPlmxNeGq74iP5pZAgUkD2jqwcrihPrUBVE08tucujboSDBqrz_SvTqA8-lGWxscakZRR1oLKMdkTU0
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
Server
MT3 4267 dd20a5c master ord-pixel-x55 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=gbliOetISACPmSfe7E0kUQ&google_push=AYg5qPJ9D2EKnTkOvEAMsPlmxNeGq74iP5pZAgUkD2jqwcrihPrUBVE08tucujboSDBqrz_SvTqA8-lGWxscakZRR1oLKMdkTU0
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Mar 2022 15:29:13 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 1EF1 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJH8x8s6qS9o3XwcHhEoigk&google_cver=1&google_push=AYg5qPKU5vPT5jex-91tsHk0snCSHlm0a8CFgT9vUl5zIa70RYUa8TZQmGmcmwieNS5c3Iqm1jPMEdkX9DeYJgPMUXHDCjxF99-v
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 1EF1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEM8oNe7TQhdAVDG8v5b4sVc&google_cver=1&google_push=AYg5qPImQiJG6TvEzdH6qtluQ4j8teiku89_Rnlg8rqA4k7bCFJh5QGGYCn8T5wUWaeAhffmJzSGmB-Q...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEM8oNe7TQhdAVDG8v5b4sVc&google_cver=1&google_push=AYg5qPImQiJG6TvEzdH6qtluQ4j8teiku89_Rnlg8rqA4k7bCFJh5QGGYCn8T5wUWaeAhffmJzS...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkyNzMzOTM1OTg5NzMxNTc4OQ&google_push=AYg5qPImQiJG6TvEzdH6qtluQ4j8teiku89_Rnlg8rqA4k7bCFJh5QGGYCn8T5wUWaeAhffmJzSGmB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkyNzMzOTM1OTg5NzMxNTc4OQ&google_push=AYg5qPImQiJG6TvEzdH6qtluQ4j8teiku89_Rnlg8rqA4k7bCFJh5QGGYCn8T5wUWaeAhffmJzSGmB-Qoxeo_CMzLuv0s6O-hXsM
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDkyNzMzOTM1OTg5NzMxNTc4OQ&google_push=AYg5qPImQiJG6TvEzdH6qtluQ4j8teiku89_Rnlg8rqA4k7bCFJh5QGGYCn8T5wUWaeAhffmJzSGmB-Qoxeo_CMzLuv0s6O-hXsM
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 1EF1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIsRgP2K8AjeDLTlOO6FKb4&google_cver=1&google_push=AYg5qPIc585Kf4B_n8B1mEro5k9PUngDyizObsUTQFEcgQCGA41YHuWCM3W9knb5Wvx-v9irTAy...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEyQUxBVEgtSy1MTlNS&google_push=AYg5qPIc585Kf4B_n8B1mEro5k9PUngDyizObsUTQFEcgQCGA41YHuWCM3W9knb5Wvx-v9irTAy-fYy4DpUZ1fbUmNMz15FTS9WP
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEyQUxBVEgtSy1MTlNS&google_push=AYg5qPIc585Kf4B_n8B1mEro5k9PUngDyizObsUTQFEcgQCGA41YHuWCM3W9knb5Wvx-v9irTAy-fYy4DpUZ1fbUmNMz15FTS9WP
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEyQUxBVEgtSy1MTlNS&google_push=AYg5qPIc585Kf4B_n8B1mEro5k9PUngDyizObsUTQFEcgQCGA41YHuWCM3W9knb5Wvx-v9irTAy-fYy4DpUZ1fbUmNMz15FTS9WP
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1EF1
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPKsN_mIUdCjd77aZ3drPCp0wpX3ldi_NzhKALk3zfUbD4RT1unKJ7RB3yOOoW1_O0jtWZ4O8h4mY7...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPKsN_mIUdCjd77aZ3drPCp0wpX3ldi_NzhKALk3zfUbD4RT1unKJ7RB3yOOoW1_O0jtWZ4O8h4mY78rT5Pgl06mCUKV5lXy&google_hm=442fe751-492b-4837-8d...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPKsN_mIUdCjd77aZ3drPCp0wpX3ldi_NzhKALk3zfUbD4RT1unKJ7RB3yOOoW1_O0jtWZ4O8h4mY78rT5Pgl06mCUKV5lXy&google_hm=442fe751-492b-4837-8dea-3e27d117c247
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:14 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-86
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AYg5qPKsN_mIUdCjd77aZ3drPCp0wpX3ldi_NzhKALk3zfUbD4RT1unKJ7RB3yOOoW1_O0jtWZ4O8h4mY78rT5Pgl06mCUKV5lXy&google_hm=442fe751-492b-4837-8dea-3e27d117c247
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1EF1
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFQbJSwftDWPNr8wWMPyaaM&google_cver=1&google_push=AYg5qPK_pwuRi35CEyvXBqODdhisWVEM8b8TwfXt34XB5D7NqmBvszg1KHBH9cX_qmyQ9IY_e6IyeuNz-55BNPxSU...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFQbJSwftDWPNr8wWMPyaaM&google_cver=1&google_push=AYg5qPK_pwuRi35CEyvXBqODdhisWVEM8b8TwfXt34XB5D7NqmBvszg1KHBH9cX_qmyQ9IY_e6IyeuNz-55BNPxSU...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPK_pwuRi35CEyvXBqODdhisWVEM8b8TwfXt34XB5D7NqmBvszg1KHBH9cX_qmyQ9IY_e6IyeuNz-55BNPxSUI9HG0vzCTp_&google_hm=10d5e2f9f5cc70ae3f95ae6b
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPK_pwuRi35CEyvXBqODdhisWVEM8b8TwfXt34XB5D7NqmBvszg1KHBH9cX_qmyQ9IY_e6IyeuNz-55BNPxSUI9HG0vzCTp_&google_hm=10d5e2f9f5cc70ae3f95ae6b
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPK_pwuRi35CEyvXBqODdhisWVEM8b8TwfXt34XB5D7NqmBvszg1KHBH9cX_qmyQ9IY_e6IyeuNz-55BNPxSUI9HG0vzCTp_&google_hm=10d5e2f9f5cc70ae3f95ae6b
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap6ewr1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame 1EF1
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEF8JtsmthTSp-JQOxhWiChQ&google_cver=1&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 1EF1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KbwaNJPYWy5V2z9UgaXUyfeWXod22VcCG5vu58CtuZiOTooN7bBagZD-jI4BLoJkIZ7vrG
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
365868.gif
idsync.rlcdn.com/ Frame 2076 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=65416946501074486881869476194977929017
Requested by
Host: condenast.demdex.net
URL: https://condenast.demdex.net/dest5.html?d_nsid=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:14 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
78dbf26fc8687b650f46e91adf23f5fa.svg
assets.bounceexchange.com/assets/uploads/clients/2806/creatives/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.bounceexchange.com/assets/uploads/clients/2806/creatives/78dbf26fc8687b650f46e91adf23f5fa.svg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
fcdcbbce0aef5215c568c1562d672cce64aaefbd8ae7fed87c82dff32c360481

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 14:35:51 GMT
age
3203
x-guploader-uploadid
ADPycduhUoNd2r2JVs1bIt79SuKG8w5zmeWXp7jL2LbX4oZDCbTZITGUxBwFz5vXAw2hAJ68PqBfLbgUcpMrUsE2IT8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
6491
last-modified
Sat, 03 Aug 2019 00:30:22 GMT
server
UploadServer
etag
"78dbf26fc8687b650f46e91adf23f5fa"
x-goog-hash
crc32c=7u5wuw==, md5=eNvyb8hoe2UPRuka3yP1+g==
x-goog-generation
1564792222603319
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=604800
x-goog-stored-content-length
6491
accept-ranges
bytes
content-type
image/svg+xml
expires
Tue, 29 Mar 2022 14:35:51 GMT
dt
dt.adsafeprotected.com/ Frame FB9B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=897507&asId=bb924dad-14b6-4a84-8fc3-b5e835ef7fc0&tv=%7Bc:7BxZ8m,pingTime:-2.1,time:550,type:a,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:32%7D,%7Bpiv:0,vs:o,r:l,t:106%7D,%7Bpiv:84,vs:i,r:,t:295%7D,%7Bpiv:53,vs:pp,t:466%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:171,o:295,n:106,pp:84,pm:0%7D,slEvents:%5B%7Bsl:n,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B97~1%5D,as:%5B97~300.600%5D%7D%7D,%7Bsl:o,t:106,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B189~0%5D,as:%5B189~300.600%5D%7D%7D,%7Bsl:i,t:295,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:84,obst:0,th:0,reas:,bkn:%7Bpiv:%5B171~75%5D,as:%5B171~300.600%5D%7D%7D,%7Bsl:pp,t:466,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:53,obst:0,th:0,reas:,bkn:%7Bpiv:%5B84~50%5D,as:%5B84~300.600%5D%7D%7D%5D,slEventCount:4,em:true,fr:false,e:,tt:rjss,dtt:199,fm:t0PaBLC+11%7C12%7C13%7C14%7C151%7C1521%7C16%7C171%7C1721%7C18%7C19%7C1a%7C1b11%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j*.897507-59604290%7C1j1%7C1k%7C1l%7C1m,idMap:1j.2cc77e28-c5f7-8e4d-678a-b0414cfd97eb.65_925175%7C1j*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:173,readyFired:false%7D&br=c
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.221.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-221-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame FB9B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925175&asId=2cc77e28-c5f7-8e4d-678a-b0414cfd97eb&tv=%7Bc:7BxZ8R,pingTime:-3,time:439,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:351%7D,%7Bpiv:0,vs:o,r:l,t:438%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:439,n:438,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:351,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B105~1,0~0%5D,as:%5B105~300.600%5D%7D%7D,%7Bsl:o,t:438,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t0PaBNU+11%7C12%7C13%7C14%7C151%7C1521%7C16%7C171%7C1721%7C18%7C19%7C1a%7C1b11%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j*.925175%7C1j1%7C1j2%7C1j3%7C1j4%7C1k%7C1l%7C1m%7C1n,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.221.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-221-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame FB9B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925175&asId=2cc77e28-c5f7-8e4d-678a-b0414cfd97eb&tv=%7Bc:7BxZ8T,pingTime:-6,time:441,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:441,n:438,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:351,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B105~1,0~0%5D,as:%5B105~300.600%5D%7D%7D,%7Bsl:o,t:438,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t0PaBNU+11%7C12%7C13%7C14%7C151%7C1521%7C16%7C171%7C1721%7C18%7C19%7C1a%7C1b11%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j*.925175%7C1j1%7C1j2%7C1j3%7C1j4%7C1k%7C1l%7C1m%7C1n,idMap:1j*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:arstechnica.com*&br=c
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.221.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-221-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
x-server-name
dt20.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js
pagead2.googlesyndication.com/bg/ Frame 29E5 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 16:43:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
81949
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13802
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Mar 2023 16:43:25 GMT
video-initialize.gif
publish.responsiveads.com/tool_assets/videoExtras/ Frame 92D6 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://publish.responsiveads.com/tool_assets/videoExtras/video-initialize.gif
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.57.131.216 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-57-131-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
86a30f8e9db11bbae0c635e28ecfc851adf400bc0dc8643cea492c95abb99f76

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
Last-Modified
Wed, 12 Sep 2018 11:38:47 GMT
Server
AmazonS3
x-amz-request-id
71F1WS90565F9TG8
ETag
"fcb3aa0d9ced7c3d1df8572b94106aa2"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET,HEAD
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
Content-Length
9044
x-amz-id-2
G/F7NPYloe9J5JpwqCmRLdrOgK3DtnUplD3N4IREtBze7+9j+4HlvYzXm5bDyFTxzvOiCE2nsd4=
tweet
cdn.syndication.twimg.com/ Frame 812C 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_skeleton_loading_13398%3Acta%3Btfw_space_card%3Aoff&id=1504802056372166694&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.aef85bf61d706d7edafa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D0C) / Express
Resource Hash
0353271bdf99d07d4caf78c8170e12828a60f577af59a13ca5e7fd978d793068
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"5db-x4LXRwUtgWM4lG+EUPyLz/NdXng"
age
43
x-powered-by
Express
x-cache
HIT
access-control-allow-methods
GET
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
strict-transport-security
max-age=631138519
content-length
774
x-xss-protection
0
x-response-time
41
last-modified
Tue, 22 Mar 2022 15:28:31 GMT
server
ECS (nyb/1D0C)
x-frame-options
SAMEORIGIN
date
Tue, 22 Mar 2022 15:29:14 GMT
vary
Accept-Encoding
x-tw-cdn
VZ, VZ, VZ"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
209398b32ab78cb2ec5c9daabffe360584297633da1144068dd1ac1959e8ea6d
accept-ranges
bytes
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
dt
dt.adsafeprotected.com/ Frame FB9B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925175&asId=2cc77e28-c5f7-8e4d-678a-b0414cfd97eb&tv=%7Bc:7BxZav,pingTime:-2,time:541,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:1086,bdZ:1199,beA:1539,beZ:1540,mfA:1868,cmA:1870,inA:1870,inZ:1875,prA:1875,prZ:1883,si:1891,poA:1892,poZ:1910,cmZ:1910,mfZ:1910,loA:1980,loZ:1983,ltA:2080,ltZ:2080,idA:1910,idZ:1949%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:true,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:351%7D,%7Bpiv:0,vs:o,r:l,t:438%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:541,n:438,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:351,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B105~1,0~0%5D,as:%5B105~300.600%5D%7D%7D,%7Bsl:o,t:438,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B103~0%5D,as:%5B103~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t0PaBLC+11%7C12%7C13%7C14%7C151%7C1521%7C16%7C171%7C1721%7C18%7C19%7C1a%7C1b11%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j*.925175%7C1j1%7C1j2%7C1j3%7C1j4%7C1k%7C1l%7C1m%7C1n,idMap:1j.bb924dad-14b6-4a84-8fc3-b5e835ef7fc0.62_897507-59604290%7C1j*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:188,readyFired:true%7D&br=c
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.221.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-221-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
x-server-name
dt12.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
eligible
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=K4RwvAjAZAzgpgcwLZwHYBcD6BLAJjMKAYwEMkAHE7BVPSABgDYBmAJlYHZYB7YAJyJwwAI16pBADygkEadGABWMKEm64h9KAHc4wmNnRw6rABxMoAN2z70dCIwAsHAJyNWzgKzMPzh8-PqVoJ0jEwQzu70DqzMzCYcJv7OJlCUslZwWnawcCDAaMG4YMzEADbYcrYoMOhk5JCOLm6e0cyMZRUYJOTYFnB8+tyoYLUIJYHYgmC4QA
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
ibs:dpid=481&dpuuid=L12ALATH-K-LNSR
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://token.rubiconproject.com/token?pid=6404&puid=65416946501074486881869476194977929017&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=L12ALATH-K-LNSR?gdpr=0
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=481&dpuuid=L12ALATH-K-LNSR?gdpr=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-054038772.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
0LhacuMST1Y=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=481&dpuuid=L12ALATH-K-LNSR?gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
opensans-regular-2.woff2
assets.bounceexchange.com/fonts/opensans_400_normal_normal/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/fonts/opensans_400_normal_normal/opensans-regular-2.woff2
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/fonts/opensans_400_normal_normal/stylesheet.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5

Request headers

Referer
https://assets.bounceexchange.com/fonts/opensans_400_normal_normal/stylesheet.css
Origin
https://arstechnica.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 12 Mar 2022 01:35:36 GMT
content-encoding
gzip
age
914018
x-guploader-uploadid
ADPycdtU0ppHdwvSBvBIngrB2DDmKM2W4g4kxgfrA5sKpAlybBx7G9wj-OpPvZipxpP5Rxg42zvM5m6fFFwgcskb47abGUzlxA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
15555
last-modified
Wed, 31 Jul 2019 20:03:41 GMT
server
UploadServer
etag
"7bfc45994fd6bdcba8475417607ed96b"
vary
Accept-Encoding
x-goog-hash
crc32c=9JOq7g==, md5=e/xFmU/WvcuoR1QXYH7Zaw==
x-goog-generation
1564603421047166
access-control-allow-origin
*
access-control-expose-headers
etag,Content-Type
cache-control
public, max-age=31536000
x-goog-stored-content-length
15555
accept-ranges
bytes
content-type
binary/octet-stream
expires
Sun, 12 Mar 2023 01:35:36 GMT
envelope
api.rlcdn.com/api/identity/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1409
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
via
1.1 google
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/ 		0
580 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=3egfyfq&fmt=json
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://arstechnica.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
expires
Wed, 22 Mar 2023 15:29:14 GMT
checksync.php
contextual.media.net/ Frame 3B4B 		34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3a52b590311733cb28ef8c3922b5c24bda2efbd17a25f2b41814d5dc6f4c3065
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=170506
expires
Thu, 24 Mar 2022 14:51:00 GMT
date
Tue, 22 Mar 2022 15:29:14 GMT
content-length
11614
pd
us-u.openx.net/w/1.0/ Frame CDAD 		757 B
481 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
2eee1727c59c542a9e8cc0d1ebbc5f8a458694c79281c092bd04c01d7fd785a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 22 Mar 2022 15:29:14 GMT
content-type
text/html
content-length
462
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ixmatch.html
js-sec.indexww.com/um/ Frame 70EB 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Server
Apache
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Tue, 22 Mar 2022 15:29:14 GMT
Content-Length
1388
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 38A4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 17 Mar 2022 06:19:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 22 Mar 2022 15:29:14 GMT
Age
32998
X-Served-By
cache-lga13626-LGA, cache-ewr18165-EWR
X-Cache
HIT, HIT
X-Cache-Hits
96, 85590
X-Timer
S1647962954.359690,VS0,VE0
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 4B91 		34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3a52b590311733cb28ef8c3922b5c24bda2efbd17a25f2b41814d5dc6f4c3065
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=170506
expires
Thu, 24 Mar 2022 14:51:00 GMT
date
Tue, 22 Mar 2022 15:29:14 GMT
content-length
11614
usync.html
eus.rubiconproject.com/ Frame 2ECD 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 22 Mar 2022 15:29:14 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 8F4E 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Server
Apache
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Tue, 22 Mar 2022 15:29:14 GMT
Content-Length
1388
Connection
keep-alive
pd
us-u.openx.net/w/1.0/ Frame 5DFC 		757 B
481 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
2eee1727c59c542a9e8cc0d1ebbc5f8a458694c79281c092bd04c01d7fd785a8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.1
p3p
CP="CUR ADM OUR NOR STA NID"
date
Tue, 22 Mar 2022 15:29:14 GMT
content-type
text/html
content-length
462
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
async_usersync.html
acdn.adnxs.com/dmp/ Frame F526 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1647962574
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.18.0 (Ubuntu)
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Thu, 17 Mar 2022 06:19:05 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Tue, 22 Mar 2022 15:29:14 GMT
Age
32998
X-Served-By
cache-lga13626-LGA, cache-ewr18133-EWR
X-Cache
HIT, HIT
X-Cache-Hits
96, 85296
X-Timer
S1647962954.365641,VS0,VE0
Vary
Accept-Encoding
moatvideo.js
z.moatads.com/condenastinlineint626489506216/ Frame FD8D 		317 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastinlineint626489506216/moatvideo.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a65f5f6768f05f759345.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b530b7a174b5a22906440ec7ecc1bcc1232b34bc4f9ade2e3af37563f888fa5d

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 17:16:15 GMT
server
AmazonS3
x-amz-request-id
KSE8HSKVN2PC91DR
etag
"0c938c1901b1dfe45de269aa5b4cb9a2"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=50488
accept-ranges
bytes
content-length
108363
x-amz-id-2
7U5BAZ7BkJQUj9S6TGEa1J/1umyOEiD4TQybcuV7SqNOGelkGQE1PpZ0Apjab6GEjJiu0XpUmK4=
track
capture.condenastdigital.com/ Frame FD8D 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-22T15%3A29%3A14.325Z&_c=Video%20Ad&_t=Ad%20Metadata&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&cId=60abade4dc31e5375248cba6&cKe=Unsolved%20Mysteries%2CArs%20Technica%20Unsolved%20Mysteries%2CQuantum%20Leap%2CUnsolved%20Mysteries%20Quantum%20Leap%2CQuantum%20leap%20show%2Cquantum%20leap%20ending%2Cquantum%20leap%20bakula%2CDonald%20P%20Bellisario%2CQuantum%20Leap%20Finale%2CQuantum%20Leap%20JFK%2CQuantum%20Leap%20Lee%20Harvey%20Oswald%2CQuantum%20Leap%20interview%2CScott%20Bakula%2CDean%20Stockwell%2CQuantum%20Leap%20Ziggy%2CQuantum%20Leap%20Al%2CQuantum%20Leap%20NBC%2CNBC%20Quantum%20Leap%2CQuantum%20Leap%20Episodes%2Cquantum%20leap%20intro%2Cquantum%20leap%20ars%20technica%2Cars%20technica%20quantum%20leap&cPd=2021-05-25T15%3A00%3A00%2B00%3A00&cTi=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=854&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&pWw=276&pWh=155.25&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&uId=793acb54-8a60-48cc-91e9-0be61845aed6&xid=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%222be6198%22%2C%22guid%22%3A%22bed541c0-6921-c9ef-4b7a-e241b75a79db%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_b0ed5a6f-d8a5-4f14-a6b5-421a821e65c7_text2vec1_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:14 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
dt
dt.adsafeprotected.com/ Frame FB9B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=897507&asId=bb924dad-14b6-4a84-8fc3-b5e835ef7fc0&tv=%7Bc:7BxZcD,pingTime:-10,time:815,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1647962954347%7C%7C47072dffb59f019e7adcd53fd95f98ac%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Caaf4bcf42825df666eeb7ddc2795cfcc%7C%7C642ecc335ddaa61d574f07604a87040b%7C%7Ca5b83e7f8e5948c95f986c0d2de7fac6%7C%7C72d51cf56825ababe6c2a0048c5b650d%7C%7C6d688c4496c08b0051b481645c394d6b%7C%7C1629390669%7D
Requested by
Host: 3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
URL: https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.221.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-221-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
1f1fa-1f1e6.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 812C 		233 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f1fa-1f1e6.svg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ad31e4e2ca36d66a9484937b76f003c8534d205da98fc90fe9d8fb7706e043b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
189
etag
"rEvLSWyjSaIbBeQAvYrF3A=="
x-served-by
cache-fty21354-FTY, cache-ewr18182-EWR
last-modified
Wed, 21 Feb 2018 22:30:48 GMT
date
Tue, 22 Mar 2022 15:29:14 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 04 Nov 2022 07:15:06 GMT
jot
syndication.twitter.com/i/ Frame 812C 		43 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647962954384%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-1%22%2C%22widget_origin%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22arstechnica%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22dangoodin001%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22b82980d95a44a%3A1646854163148%22%2C%22item_ids%22%3A%5B%221504802056372166694%22%5D%2C%22item_details%22%3A%7B%221504802056372166694%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
12
pragma
no-cache
last-modified
Tue, 22 Mar 2022 15:29:14 GMT
server
tsa_b
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
d6fd66f1a492b8b0328d7fe808a6d4e088acfe8e9b6a25704dd601562f018c63
x-transaction
c7a003025cb16bdf
expires
Tue, 31 Mar 1981 05:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame C9AF 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24230498&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.113 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
447116752f524648df509ea00c19e8f8c02e6d8d2e222a3bd6181da27233b173

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:13 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads
pubads.g.doubleclick.net/gampad/ Frame C6DF 		59 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&sz=640x360%7C480x70&ciu_szs=300x60&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.9%26ctx_page_slug%3Dbehold-a-password-phishing-site-that-can-trick-even-savvy-users%26cnt_tags%3Dbrowser-in-the-browser%252Coauth%252Cphishing%252Cscams%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D13%26usr_bkt_pv%3D1%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D121100%252C131100%252C131135%252C300003%252C210000%252C240000%252C240002%252C240003%252C240004%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240017%252C240015%252C240016%252C240018%252C240019%252Cqx7745%252Cmiovit%252Cap05we%252C65f9pd%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_sid%3Dc6e234da-e66f-4616-8ecf-67f29b24d5cb%26vnd_4d_pid%3Deae3ccff-0843-45ac-8cff-0eff3278f998%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3Dd5efd6f4-e37c-4e37-a0e7-a5c483b8ba35%26ctx_line_items%3D%26timeout%3D500%26height%3D155%26muted%3D1%26right_rail%3D0%26sensitive%3D0%26series%3D5c82bcebbcdfff6f132fc5e6%26width%3D276&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&pmnd=0&pmxd=30000&pmad=2&max_ad_duration=30000&vrid=1152515&ppid=d5efd6f4e37c4e37a0e7a5c483b8ba35&sid=7685A54B-E3D5-4498-B039-0C82BF601421&adk=1502141071&correlator=4352584379934005&dlt=1647962950546&dt=1647962954453&ged=ve4_td3_tt1_pd3_la3000_er665.1122.820.1398_vi0.0.1200.1600_vp100_ts0_eb24299&idt=2275&is_amp=0&omid_p=Google1%2Fh.3.506.0&osd=2&scor=3845645210239641&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&us_privacy=1---&vis=1&u_so=l&eid=44725355%2C44758374&hl=en&frm=0&cmsid=1495&sdki=44d&sdkv=h.3.506.0&sdr=1&video_doc_id=60abade4dc31e5375248cba6&nel=0&kfa=0&tfcd=0&ctv=0&cookie=ID%3D9d3852e4f388491c%3AT%3D1647962950%3AS%3DALNI_MYlhRUT3fbb2y6Y1yeNKgrlNM2leA
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.506.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
f4daab968eb3ea9e6820544f46f5002c21148f60e370e97de1748f2832e676fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8231
x-xss-protection
0
google-lineitem-id
5881677489,5878174980,5860374211,5881428153,5881672695
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138383011217,138383698166,138378283999,138383038628,138383009576
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=134096&dpuuid=2022032215291400014977407446
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://x.dlx.addthis.com/e/demdex_sync?na_exid=65416946501074486881869476194977929017&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022032215291400014977407446
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022032215291400014977407446
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-0f6a5c59b.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ONls/W+ASBI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022032215291400014977407446
pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Tue, 22 Mar 2022 15:29:14 GMT
wvlcHVWx_normal.jpeg
pbs.twimg.com/profile_images/554969596101267456/ Frame 812C 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/554969596101267456/wvlcHVWx_normal.jpeg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D28) /
Resource Hash
2f416fde3bc2645024530e06439f3902aa96fd9c6d8226043bb28de43a915ba8
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
x-content-type-options
nosniff
age
421394
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
1503
x-response-time
10
surrogate-key
profile_images profile_images/bucket/2 profile_images/554969596101267456
last-modified
Tue, 13 Jan 2015 11:51:57 GMT
server
ECS (nyb/1D28)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
9310d86dac6b7213de154c98d08d1ade882e47bb0bdaaca8724ab2ecdbb381e6
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
2806
dfp.bouncex.net/pub/ 		6 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp.bouncex.net/pub/2806?li=5945896294|4884048123
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-7329c51a38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
f59bf314ed9b4f7a0d58529459e9ba5b955885e91fcde208063bdcd9d0a80f1e

Request headers

Accept
*/*
Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
via
1.1 google
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
clear
content-length
6
receive
pixel.tapad.com/idsync/ex/ Frame CDAD 		95 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=a331e8d4-bc70-4679-82d4-74efca311076
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame CDAD
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=8b8b18a1-3f1d-41b7-9b12-2d336e1e2513
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8b8b18a1-3f1d-41b7-9b12-2d336e1e2513&apid=UPd35c2be1-a9f4-11ec-9212-029922c6cb47
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8b8b18a1-3f1d-41b7-9b12-2d336e1e2513&apid=UPd35c2be1-a9f4-11ec-9212-029922c6cb47
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8b8b18a1-3f1d-41b7-9b12-2d336e1e2513&apid=UPd35c2be1-a9f4-11ec-9212-029922c6cb47
date
Tue, 22 Mar 2022 15:29:14 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
362358.gif
idsync.rlcdn.com/ Frame CDAD
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=f089e44e-2a30-4d9e-974c-6ccac026b0a2
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAw0ow8pr2Qkn9aXo_S6tHI&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAw0ow8pr2Qkn9aXo_S6tHI&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAw0ow8pr2Qkn9aXo_S6tHI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame CDAD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6141021567606092823
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6141021567606092823
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:14 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
08c5239d-2050-4c09-a6cd-097d8079461e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6141021567606092823
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame CDAD 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=fd99e755-fbdd-c004-083b-6eae918e1a9a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:14 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MC8H9AC9NEFN9M8CV1C7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame CDAD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4137273106857289133&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4137273106857289133&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4137273106857289133&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
receive
pixel.tapad.com/idsync/ex/ Frame 5DFC 		95 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=a331e8d4-bc70-4679-82d4-74efca311076
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame 5DFC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=8b8b18a1-3f1d-41b7-9b12-2d336e1e2513
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8b8b18a1-3f1d-41b7-9b12-2d336e1e2513&apid=UPd35c2be1-a9f4-11ec-9212-029922c6cb47
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8b8b18a1-3f1d-41b7-9b12-2d336e1e2513&apid=UPd35c2be1-a9f4-11ec-9212-029922c6cb47
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=8b8b18a1-3f1d-41b7-9b12-2d336e1e2513&apid=UPd35c2be1-a9f4-11ec-9212-029922c6cb47
date
Tue, 22 Mar 2022 15:29:14 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
47154.gif
idsync.rlcdn.com/ Frame 5DFC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=f089e44e-2a30-4d9e-974c-6ccac026b0a2
  • https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D
  • https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=81b96239-eb48-4800-8f99-27deec4d2451
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=81b96239-eb48-4800-8f99-27deec4d2451
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Date
Tue, 22 Mar 2022 15:29:15 GMT
Server
MT3 4267 dd20a5c master ord-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=81b96239-eb48-4800-8f99-27deec4d2451
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Mar 2022 15:29:14 GMT
sd
us-u.openx.net/w/1.0/ Frame 5DFC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=6141021567606092823
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6141021567606092823
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:14 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2ab7d3c4-5756-401d-9c81-8987f35294a5
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=6141021567606092823
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 5DFC 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=fd99e755-fbdd-c004-083b-6eae918e1a9a
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:14 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
MDFZY99FYEG40FHA7FSY
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 5DFC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4137273106857289133&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4137273106857289133&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4137273106857289133&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usync.js
eus.rubiconproject.com/ Frame 2ECD 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
852cdf8021fd4c2e8a34887e38d418c3bba54c9b2c34a793f285cc5881190042

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=42833
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9539
Expires
Wed, 23 Mar 2022 03:23:07 GMT
FOIhfslXIBkKzS-
pbs.twimg.com/media/ Frame 812C 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FOIhfslXIBkKzS-?format=jpg&name=small
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D18) /
Resource Hash
a71fe8d26011757be6f1db9efc2ba1a4d877ebc940082e4058a92b89685155b2
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
x-content-type-options
nosniff
age
355196
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
34731
x-response-time
17
surrogate-key
media media/bucket/9 media/1504802053922693145
last-modified
Fri, 18 Mar 2022 12:47:02 GMT
server
ECS (nyb/1D18)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
7c4f2a6d1cb4e4f7918a6a2220a16e97866f48b51956ffb6bdb8d1f411bc7728
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
tweet
cdn.syndication.twimg.com/ Frame 80E6 		1 KB
931 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet?features=tfw_experiments_cookie_expiration%3A1209600%3Btfw_horizon_tweet_embed_9555%3Ahte%3Btfw_skeleton_loading_13398%3Acta%3Btfw_space_card%3Aoff&id=1505034619078459394&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.aef85bf61d706d7edafa.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D12) / Express
Resource Hash
b5f629456e28910d5f2bfd507f1b6f613f66fe81666b59ecd37270c5b9bd73b1
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
etag
W/"5c4-p0Jt2CD0jdrYfnB8xjliXXCCW88"
age
43
x-powered-by
Express
x-cache
HIT
access-control-allow-methods
GET
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
strict-transport-security
max-age=631138519
content-length
780
x-xss-protection
0
x-response-time
50
last-modified
Tue, 22 Mar 2022 15:28:31 GMT
server
ECS (nyb/1D12)
x-frame-options
SAMEORIGIN
date
Tue, 22 Mar 2022 15:29:14 GMT
vary
Accept-Encoding
x-tw-cdn
VZ, VZ, VZ"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
x-connection-hash
1da1784c59b92cd9a67378ea1deb103cb1630d612d152aadbbcde90f73d8f348
accept-ranges
bytes
x-content-type-options
nosniff
access-contol-allow-origin
platform.twitter.com
ibs:dpid=540&dpuuid=f5187042-5f14-4af5-9f23-8cb08038da53
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=65416946501074486881869476194...
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=f5187042-5f14-4af5-9f23-8cb08038da53
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=540&dpuuid=f5187042-5f14-4af5-9f23-8cb08038da53
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-03f01e5a4.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
gUlzoPD+SVA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=540&dpuuid=f5187042-5f14-4af5-9f23-8cb08038da53
date
Tue, 22 Mar 2022 15:29:14 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
async_usersync
ib.adnxs.com/ Frame 38A4 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:14 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
67479d3a-1fed-442c-b484-3ace78b8c70e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame F526 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:14 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a735a676-6f4a-49cf-ae3e-03e0179e20d4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
action_links.json
fr-actions.trackonomics.net/prod/arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/ 		243 B
587 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fr-actions.trackonomics.net/prod/arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/action_links.json
Requested by
Host: cdn-magiclinks.trackonomics.net
URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/condenast_eujdmc753_arstechnica.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-125.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0425991aea95d11c71e8d494da23254108a00c1b16fb494d5e8655caf509434

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
via
1.1 724c8c129f28bfce25c0430050f1ae72.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
EWR50-C1
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
Error from cloudfront
content-type
application/xml
access-control-allow-origin
*
access-control-allow-methods
GET
x-amz-cf-id
7TzZF7O3cIXlV3X9vcTrOqu_gMMGkWB2cJN9Bye-UH_wgPT114Ckkw==
i.png
trx-hub.com/i/m/ 		128 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbVBDE-bURAALKFKGEA9DfRCI1TWZxZNYAHSbElG7iRoSkgsRBwAWicXHEQBRDwATxsAJgAGZOSbVIBmGwAjajNYjHCwcOUhIRRkEqkzLCF6-HChLCdIs0hwjwiYdwBrcOoANzkWsGHhhPDeIWpoIRsQCmhqeHnV6FNl8Cg4QLRMTlESAF0KTVmIX1gaOkUQTQEsOQh1dh1CEDSM8JzwjIAFQAjABWQjJACchGBABZPAB2bLJABaO2UqneEAEnxAACFCsUyAACMDEipVGrk+qNTjE1pOYkQToQYk9JnQAbEkZyekTKbE2bzITEgA+xIAggtiYDnK53EwKFgsAovsqMMCAGywhGQzVQ0E65GaABWipAPJwbwgCVkpnYUlWlVCOB2l0cvnmsBVph88jkYEcsGovBNGEomgRoOykgWUXlHjdKqkwN9YQwAaDIbDEaj2STGCkyVMDnjbkTJCAA
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-128.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 07:29:08 GMT
via
1.1 cb7f1fdf6954dd7324e8117a63207a3c.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:40:25 GMT
server
AmazonS3
age
28807
etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
content-length
128
x-amz-cf-id
-1HUUIjL1QtF8OUZRJ0zVVQLb0vcJ9l5ooB0EexIXqLONY76PyEeQQ==
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-22T15%3A29%3A14.743Z&_t=impressionViewable&cBr=Ars%20Technica&cKe=browser%20in%20the%20browser%7COAuth%7Cphishing%7Cscams&cCh=information%20technology&cTi=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=1325&cId=1842550&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pWw=1600&pWh=1200&pPw=1600&pPh=10200&pSw=1600&pSh=1200&uID=793acb54-8a60-48cc-91e9-0be61845aed6&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&uDt=desktop&dim1=%7B%22channel%22%3A%22information-technology%22%2C%22platform%22%3A%22wordpress%22%2C%22template%22%3A%22article%22%2C%22viewport%22%3A%22desktop%22%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22hero%22%2C%22size%22%3A%229x1%22%7D&_o=ars-technica&_c=ad_metrics&xID=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&environment=prod&origin=ars-technica
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:14 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
t
elsa.memoinsights.com/ 		105 B
347 B 		Script
General
Check archive.org
Download Go to
Full URL
https://elsa.memoinsights.com/t?pid=62012a7a19351c07620394e0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&author%5B%5D=Dan%20Goodin&title=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users&date=2022-03-21T18%3A47%3A05Z&referrer=&ref_url=&page_url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&cb=MEMO.API.callbacks.cbpztiygi&v=v3.0.5&t=5000&e=5000&s=0
Requested by
Host: cdn.memo.co
URL: https://cdn.memo.co/js/memo.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.142.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-142-9.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
c11257bf22776c9a017bc84b08b955bc94fa7d565ad1b93392e88f0808bae71a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
105
x-request-id
94e5920dd89e937e4f862bb283bfd71a
content-type
application/javascript
pubcid.php
hbx.media.net/ Frame 3B4B 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Tue, 22 Mar 2022 15:29:14 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:59:14 GMT
sync
gum.criteo.com/ Frame 3B4B 		88 B
417 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
704ffc62ab738cf2442ffaf8bf1bc7e97503373b65860c070a15d758b9b9bd44
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
5133
strict-transport-security
max-age=31536000; preload;
content-length
209
expires
60
cksync.html
contextual.media.net/ Frame 5114
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Drkt%26refUrl%3D%26vid%3D796295478729096455466348860...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2909645546634886000V10&type=rkt&refUrl=&vid=79629547872909645546634886000V10&ovsid=1813050710606316317
219 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2909645546634886000V10&type=rkt&refUrl=&vid=79629547872909645546634886000V10&ovsid=1813050710606316317
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/

Response headers

server
Apache
content-length
219
content-type
text/html;charset=UTF-8
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:14 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT

Redirect headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2909645546634886000V10&type=rkt&refUrl=&vid=79629547872909645546634886000V10&ovsid=1813050710606316317
Content-Length
0
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame 3B4B
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=9dd0c12359d08ed&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D29...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=con&refUrl=&vid=79629547872909645546634886000V10&ovsid=AAADKxt_0Co_YQM11XjHAAAAAAA&expiration=1648049355&is_secure=true
45 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=con&refUrl=&vid=79629547872909645546634886000V10&ovsid=AAADKxt_0Co_YQM11XjHAAAAAAA&expiration=1648049355&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 22 Mar 2022 15:29:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=con&refUrl=&vid=79629547872909645546634886000V10&ovsid=AAADKxt_0Co_YQM11XjHAAAAAAA&expiration=1648049355&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame 3B4B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Dmma%26refUrl%3D%26vid%3D796295478729096455466348...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=mma&refUrl=&vid=79629547872909645546634886000V10&ovsid=81b96239-eb48-4800-8f99-27deec4d2451
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=mma&refUrl=&vid=79629547872909645546634886000V10&ovsid=81b96239-eb48-4800-8f99-27deec4d2451
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 22 Mar 2022 15:29:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
Server
MT3 4267 dd20a5c master ord-pixel-x21 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=mma&refUrl=&vid=79629547872909645546634886000V10&ovsid=81b96239-eb48-4800-8f99-27deec4d2451
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Mar 2022 15:29:13 GMT
cksync
cs.media.net/ Frame 3B4B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MjkwOTY0NTU0NjYzNDg4NjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENSTd-iebpEVI5faXuEolEk&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENSTd-iebpEVI5faXuEolEk&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENSTd-iebpEVI5faXuEolEk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 3B4B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Ddxu%26refUrl%3D%26vid%3D79629547872909645546634...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=dxu&refUrl=&vid=79629547872909645546634886000V10&ovsid=6N6kzBX01NwGrD5
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=dxu&refUrl=&vid=79629547872909645546634886000V10&ovsid=6N6kzBX01NwGrD5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 22 Mar 2022 15:29:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-076acf487c2036c77@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=dxu&refUrl=&vid=79629547872909645546634886000V10&ovsid=6N6kzBX01NwGrD5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 3B4B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=56e72df9-e68c-42c0-9392-bf3196168128
45 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=56e72df9-e68c-42c0-9392-bf3196168128
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 22 Mar 2022 15:29:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=56e72df9-e68c-42c0-9392-bf3196168128
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2579573
content-length
0
expires
Tue, 22 Mar 2022 00:00:00 GMT
sync
x.bidswitch.net/ Frame 3B4B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=62e8ec88-d2ea-41ea-a477-629331ac8f33&ssp=medianet&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10596547713675543060&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f5187042-5f14-4af5-9f23-8cb08038da53&ssp=medianet&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214870604098008945134&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10596547713675543060&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10596547713675543060&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10596547713675543060&ssp=<SSP_VALUE>&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 3B4B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Dzem%26refUrl%3D%26vid%3D79629547872909645546634886...
  • https://stags.bluekai.com/site/23178?id=hzHZL_4QNgthsM8mf_bi&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLIPJEFUTC7GRIU4Z3UNBZU2ODNMZPWE...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=hzHZL_4QNgthsM8mf_bi&refUrl=&type=zem&vid=79629547872909645546634886000V10&vsid=2909645546634886000V10
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=hzHZL_4QNgthsM8mf_bi&refUrl=&type=zem&vid=79629547872909645546634886000V10&vsid=2909645546634886000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 22 Mar 2022 15:29:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=hzHZL_4QNgthsM8mf_bi&refUrl=&type=zem&vid=79629547872909645546634886000V10&vsid=2909645546634886000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
dmp.adblade.com/srv/sync/gateway/ Frame 3B4B 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 3B4B
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2909645546634886000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=1d2bf79a-2aa2-4d4b-b6d5-7622945e46de&cs=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=1d2bf79a-2aa2-4d4b-b6d5-7622945e46de&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 22 Mar 2022 15:29:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=1d2bf79a-2aa2-4d4b-b6d5-7622945e46de&cs=1
Date
Tue, 22 Mar 2022 15:29:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
710489.gif
id.rlcdn.com/ Frame 3B4B 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:14 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 3B4B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=05c5f2ba-e4d6-4fba-8f01-3cff13067e70
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=05c5f2ba-e4d6-4fba-8f01-3cff13067e70
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=05c5f2ba-e4d6-4fba-8f01-3cff13067e70
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
sync
ups.analytics.yahoo.com/ups/58222/ Frame 3B4B
Redirect Chain
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2909645546634886000V10
0
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2909645546634886000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2909645546634886000V10
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=0, no-cache, no-store
expires
Tue, 22 Mar 2022 15:29:14 GMT
date
Tue, 22 Mar 2022 15:29:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
1f1fa-1f1e6.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 80E6 		233 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f1fa-1f1e6.svg
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.modules.aef85bf61d706d7edafa.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8ad31e4e2ca36d66a9484937b76f003c8534d205da98fc90fe9d8fb7706e043b
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
189
etag
"rEvLSWyjSaIbBeQAvYrF3A=="
x-served-by
cache-fty21354-FTY, cache-ewr18182-EWR
last-modified
Wed, 21 Feb 2018 22:30:48 GMT
date
Tue, 22 Mar 2022 15:29:14 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Fri, 04 Nov 2022 07:15:06 GMT
25fe.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 80E6 		186 B
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/25fe.svg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b34a51e8ad2166238f42c99d4d580fc5f874eb96520fcb1e2debe57557d5d544
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
170
etag
"fU8C9zVK7gsw5+WjVXn/9A=="
x-served-by
cache-fty21329-FTY, cache-ewr18182-EWR
last-modified
Mon, 17 Sep 2018 19:16:38 GMT
date
Tue, 22 Mar 2022 15:29:14 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 23 Feb 2023 10:43:50 GMT
270d.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 80E6 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/270d.svg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7200732666cad7e17b06c3adefa0f0aaf80e21abf925229038ece9c54fb2419f
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
1282
etag
"jNdygPw3QiolBZ0tbdWXlw=="
x-served-by
cache-fty21369-FTY, cache-ewr18182-EWR
last-modified
Wed, 21 Feb 2018 22:32:28 GMT
date
Tue, 22 Mar 2022 15:29:14 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Wed, 08 Jun 2022 10:37:23 GMT
1f5d2.svg
abs-0.twimg.com/emoji/v2/svg/ Frame 80E6 		2 KB
684 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs-0.twimg.com/emoji/v2/svg/1f5d2.svg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.43.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df4dfce91360eb1c6782869a1c8965e522b5f50eaf76ac527fe176db6f371251
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, HIT, x-tw-cdn;desc=FT
content-length
543
etag
"M5HORxXzyBTWBnkRQ45b9w=="
x-served-by
cache-fty21371-FTY, cache-ewr18182-EWR
last-modified
Wed, 21 Feb 2018 22:31:08 GMT
date
Tue, 22 Mar 2022 15:29:14 GMT
vary
Accept-Encoding
x-tw-cdn
FT
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
expires
Thu, 16 Mar 2023 06:33:32 GMT
jot
syndication.twitter.com/i/ Frame 80E6 		43 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1647962954843%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%222582c61%3A1645036219416%22%2C%22dnt%22%3Afalse%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22arstechnica%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22dangoodin001%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%22b82980d95a44a%3A1646854163148%22%2C%22item_ids%22%3A%5B%221505034619078459394%22%5D%2C%22item_details%22%3A%7B%221505034619078459394%22%3A%7B%22item_type%22%3A0%7D%7D%7D
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.200 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
10
pragma
no-cache
last-modified
Tue, 22 Mar 2022 15:29:14 GMT
server
tsa_b
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
d6fd66f1a492b8b0328d7fe808a6d4e088acfe8e9b6a25704dd601562f018c63
x-transaction
f2585d9082a9b355
expires
Tue, 31 Mar 1981 05:00:00 GMT
pubcid.php
hbx.media.net/ Frame 4B91 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Tue, 22 Mar 2022 15:29:14 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:59:14 GMT
sync
gum.criteo.com/ Frame 4B91 		88 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
aa021bcbfed90971e1173fa412b9daa0faac50fdeab902c92a3e80bba3b202d0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
4163
strict-transport-security
max-age=31536000; preload;
content-length
208
expires
60
cksync
cs.media.net/ Frame 4B91
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MjkwOTY0NTU0NjYzNDg4NjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENSTd-iebpEVI5faXuEolEk&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENSTd-iebpEVI5faXuEolEk&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESENSTd-iebpEVI5faXuEolEk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.html
contextual.media.net/ Frame 5606
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Drkt%26refUrl%3D%26vid%3D796295489329096455466348860...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2909645546634886000V10&type=rkt&refUrl=&vid=79629548932909645546634886000V10&ovsid=1813050710606316317
219 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2909645546634886000V10&type=rkt&refUrl=&vid=79629548932909645546634886000V10&ovsid=1813050710606316317
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/

Response headers

server
Apache
content-length
219
content-type
text/html;charset=UTF-8
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:14 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT

Redirect headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2909645546634886000V10&type=rkt&refUrl=&vid=79629548932909645546634886000V10&ovsid=1813050710606316317
Content-Length
0
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame 4B91
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=56e72df9-e68c-42c0-9392-bf3196168128
45 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=56e72df9-e68c-42c0-9392-bf3196168128
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 22 Mar 2022 15:29:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=56e72df9-e68c-42c0-9392-bf3196168128
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2191884
content-length
0
expires
Tue, 22 Mar 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 4B91
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dmedianet
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=d3257ede-eb67-416f-bb37-58f8f15ba8d6&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=62e8ec88-d2ea-41ea-a477-629331ac8f33&gdpr=&gdpr_consent=&gdpr_pd=
45 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=62e8ec88-d2ea-41ea-a477-629331ac8f33&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 22 Mar 2022 15:29:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=62e8ec88-d2ea-41ea-a477-629331ac8f33&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 22 Mar 2022 15:29:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
dmp.adblade.com/srv/sync/gateway/ Frame 4B91 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 4B91
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2909645546634886000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=1d2bf79a-2aa2-4d4b-b6d5-7622945e46de&cs=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=1d2bf79a-2aa2-4d4b-b6d5-7622945e46de&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 22 Mar 2022 15:29:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=1d2bf79a-2aa2-4d4b-b6d5-7622945e46de&cs=1
Date
Tue, 22 Mar 2022 15:29:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
710489.gif
id.rlcdn.com/ Frame 4B91 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:14 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 4B91
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=05c5f2ba-e4d6-4fba-8f01-3cff13067e70
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=05c5f2ba-e4d6-4fba-8f01-3cff13067e70
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=05c5f2ba-e4d6-4fba-8f01-3cff13067e70
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
sync
ups.analytics.yahoo.com/ups/58222/ Frame 4B91
Redirect Chain
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2909645546634886000V10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2909645546634886000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
52.45.33.138 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-33-138.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2909645546634886000V10
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=0, no-cache, no-store
expires
Tue, 22 Mar 2022 15:29:14 GMT
date
Tue, 22 Mar 2022 15:29:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cksync.php
contextual.media.net/ Frame 4B91
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=7f9e922d376b08ec&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=con&refUrl=&vid=79629548932909645546634886000V10&ovsid=AAADKxt_0Co_YwMgGrPDAAAAAAA&expiration=1648049355&is_secure=true
45 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=con&refUrl=&vid=79629548932909645546634886000V10&ovsid=AAADKxt_0Co_YwMgGrPDAAAAAAA&expiration=1648049355&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 22 Mar 2022 15:29:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=con&refUrl=&vid=79629548932909645546634886000V10&ovsid=AAADKxt_0Co_YwMgGrPDAAAAAAA&expiration=1648049355&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame 4B91
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Dmma%26refUrl%3D%26vid%3D796295489329096455466348...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=mma&refUrl=&vid=79629548932909645546634886000V10&ovsid=81b96239-eb48-4800-8f99-27deec4d2451
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=mma&refUrl=&vid=79629548932909645546634886000V10&ovsid=81b96239-eb48-4800-8f99-27deec4d2451
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 22 Mar 2022 15:29:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
Server
MT3 4267 dd20a5c master ord-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=mma&refUrl=&vid=79629548932909645546634886000V10&ovsid=81b96239-eb48-4800-8f99-27deec4d2451
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Mar 2022 15:29:13 GMT
cksync.php
contextual.media.net/ Frame 4B91
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Ddxu%26refUrl%3D%26vid%3D79629548932909645546634...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=dxu&refUrl=&vid=79629548932909645546634886000V10&ovsid=6N6kzBX01NwGrD5
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=dxu&refUrl=&vid=79629548932909645546634886000V10&ovsid=6N6kzBX01NwGrD5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 22 Mar 2022 15:29:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:14 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ef6c994d04c293da@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2909645546634886000V10&type=dxu&refUrl=&vid=79629548932909645546634886000V10&ovsid=6N6kzBX01NwGrD5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 4B91
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2909645546634886000V10%26type%3Dzem%26refUrl%3D%26vid%3D79629548932909645546634886...
  • https://stags.bluekai.com/site/23178?id=hzHZL_4QNgthsM8mf_bi&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLIPJEFUTC7GRIU4Z3UNBZU2ODNMZPWE...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=hzHZL_4QNgthsM8mf_bi&refUrl=&type=zem&vid=79629548932909645546634886000V10&vsid=2909645546634886000V10
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=hzHZL_4QNgthsM8mf_bi&refUrl=&type=zem&vid=79629548932909645546634886000V10&vsid=2909645546634886000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Tue, 22 Mar 2022 15:29:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=hzHZL_4QNgthsM8mf_bi&refUrl=&type=zem&vid=79629548932909645546634886000V10&vsid=2909645546634886000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 3329 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 22 Mar 2022 15:29:15 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame F840
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjnrRwAAADpnQgQL&gdpr=0&gdpr_consent=
1 B
337 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjnrRwAAADpnQgQL&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 22 Mar 2022 15:29:15 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
njrpug002:0:497
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjnrRwAAADpnQgQL&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 varnish
x-served-by
cache-ewr18152-EWR
x-cache
HIT
x-cache-hits
0
x-timer
S1647962955.160134,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 183A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:81b96239-eb48-4800-8f99-27deec4d2451&gdpr=0&gdpr_consent=
42 B
342 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:81b96239-eb48-4800-8f99-27deec4d2451&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 22 Mar 2022 15:29:15 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug012:0:2973
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 22 Mar 2022 15:29:14 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4267 dd20a5c master ord-pixel-x50 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:81b96239-eb48-4800-8f99-27deec4d2451&gdpr=0&gdpr_consent=
Expires
Tue, 22 Mar 2022 15:29:13 GMT
Pug
image2.pubmatic.com/AdServer/ Frame EEF1
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFc0lFN0VjOWNBQUF6LXM4VGFSZw&bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=syn%2Cpp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AAEsIE7Ec9cAAAz-s8TaRg&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cpm%26bee_sync_current_partn...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp,sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=2
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEsIE7Ec9cAAAz-s8TaRg
42 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEsIE7Ec9cAAAz-s8TaRg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 22 Mar 2022 15:29:15 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
10:0:944
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 22 Mar 2022 15:29:15 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAEsIE7Ec9cAAAz-s8TaRg
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 2787
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
341 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 22 Mar 2022 15:29:15 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug010:0:488
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Tue, 22 Mar 2022 15:29:14 GMT
server
Kestrel
content-length
0
cache-control
no-cache
pragma
no-cache
expires
Tue, 22 Mar 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1506308
strict-transport-security
max-age=31536000; preload;
141
match.deepintent.com/usersync/ Frame A8B9 		0
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
content-type
image/gif
content-length
0
date
Tue, 22 Mar 2022 15:29:14 GMT
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame 9992
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=64AQATBEQPhUXTeCOAk6ZGAJ-Sw
42 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=64AQATBEQPhUXTeCOAk6ZGAJ-Sw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 22 Mar 2022 15:29:15 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug015:0:632
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Tue, 22 Mar 2022 15:29:15 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=64AQATBEQPhUXTeCOAk6ZGAJ-Sw
Content-Length
159
Connection
keep-alive
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame D274
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=6bafe6a2-2746-4d2e-ae06-bc0f946be187&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C
42 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.200.205.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-200-205-250.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
content-type
image/gif
content-length
42
server
Kestrel

Redirect headers

server
nginx
date
Tue, 22 Mar 2022 15:29:15 GMT
x-lat
njrpug007:0:569
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
Pug
simage2.pubmatic.com/AdServer/ Frame ACBD
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d4dfaa00-a9f4-11ec-a7b6-6837becf923c
42 B
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d4dfaa00-a9f4-11ec-a7b6-6837becf923c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 22 Mar 2022 15:29:15 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug011:0:1558
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Tue, 22 Mar 2022 15:29:15 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
server
Cowboy
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=d4dfaa00-a9f4-11ec-a7b6-6837becf923c
X-RealServer-NX
lga-delivery-5
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
i.match
a.tribalfusion.com/ Frame E6BA 		43 B
713 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6efff6349b75d15b-BUF
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame BFA8
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=657826907971
42 B
206 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=657826907971
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 22 Mar 2022 15:29:15 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug018:0:469
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Length
0
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=657826907971
Pug
simage2.pubmatic.com/AdServer/ Frame 951F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6N6kzBX01NwGrD5&gdpr=0&gdpr_consent=
42 B
212 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6N6kzBX01NwGrD5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 22 Mar 2022 15:29:15 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug013:0:677
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Tue, 22 Mar 2022 15:29:14 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:6N6kzBX01NwGrD5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0b98cd7e2f2eb5b4a@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame E83D
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=110&redir=https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F%7BuserId%7D%3Fzcc%3D0%26sspret%3D1&rndcb=7827955524
  • https://tags.bluekai.com/site/17724?id=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553&redir=https%3A%2F%2Fbcp.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D617f57b8-9492-449d-beb6-d13cab1...
  • https://bcp.crwdcntrl.net/map/c=1389/tp=STSC/tpid=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F617f57b8-9492-449d-beb6-d13cab1fdcf0-623...
  • https://bcp.crwdcntrl.net/map/ct=y/c=1389/tp=STSC/tpid=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553?https%3A%2F%2Fsync.1rx.io%2Fusersync3%2Fcentro%2F1508%2F617f57b8-9492-449d-beb6-d13cab1fdcf...
  • https://sync.1rx.io/usersync3/centro/1508/617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553?zcc=0&sspret=1&rndcb=7827955524
  • https://sync.targeting.unrulymedia.com/csync/RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005
42 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 22 Mar 2022 15:29:15 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug016:0:807
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
Tengine
Date
Tue, 22 Mar 2022 15:29:15 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005
ETag
RXa83b66042e3249f2bbad627050f1e26e005
Pug
simage2.pubmatic.com/AdServer/ Frame 7BD4
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7012493551709562395&uid=Q701249355170956...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7012493551709562395
42 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7012493551709562395
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 22 Mar 2022 08:56:55 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug027:0:474
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
Apache/2.4.6 (CentOS)
Content-Length
154
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7012493551709562395
X-Powered-By
PHP/7.3.33
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary
Accept-Encoding
Cache-Control
max-age=15779
Date
Tue, 22 Mar 2022 15:29:15 GMT
Connection
keep-alive
Pug
image2.pubmatic.com/AdServer/ Frame 2ADD
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=013ca0b1-10dc-494d-bb71-056e8a93ca64
1 B
425 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=013ca0b1-10dc-494d-bb71-056e8a93ca64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 22 Mar 2022 15:29:14 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
va1pug005:0:472
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Tue, 22 Mar 2022 15:29:15 GMT
content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=013ca0b1-10dc-494d-bb71-056e8a93ca64
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame D7CF
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=439985829DE84A8C9B5342B56A27F74A
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
  • https://match.bnmla.com/usersync?dspid=170&uuid=FCBFFBF89C1640D1A81A2F6FB803C46C
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=d99a7983-ad45-4aff-b7e3-1d6625d71961
42 B
478 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=d99a7983-ad45-4aff-b7e3-1d6625d71961
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Tue, 22 Mar 2022 10:00:16 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug024:0:315
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Tue, 22 Mar 2022 15:29:15 GMT
Content-Length
0
Connection
keep-alive
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=d99a7983-ad45-4aff-b7e3-1d6625d71961
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame DC67
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9fa89cc4-9382-4853-8b25-2117ad6ca439-tuct93370cb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9fa89cc4-9382-4853-8b25-2117ad6ca439-tuct93370cb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 varnish
x-served-by
cache-ewr18148-EWR
x-cache
MISS
x-cache-hits
0
x-timer
S1647962955.100822,VS0,VE24
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=9fa89cc4-9382-4853-8b25-2117ad6ca439-tuct93370cb&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 varnish
x-served-by
cache-ewr18121-EWR
x-cache
MISS
x-cache-hits
0
x-timer
S1647962955.018697,VS0,VE3
x-vcl-time-ms
3
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C9AF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2NQD-eqcT-y7u_2OOHZFfA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
23.208.68.201 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-201.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=106891
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Wed, 23 Mar 2022 21:10:46 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
362358.gif
idsync.rlcdn.com/ Frame C9AF
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAw0ow8pr2Qkn9aXo_S6tHI&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAw0ow8pr2Qkn9aXo_S6tHI&google_cver=1
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEAw0ow8pr2Qkn9aXo_S6tHI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C9AF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=81b96239-eb48-4800-8f99-27deec4d2451
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=81b96239-eb48-4800-8f99-27deec4d2451
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:13 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 22 Mar 2022 15:29:15 GMT
Server
MT3 4267 dd20a5c master ord-pixel-x52 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=81b96239-eb48-4800-8f99-27deec4d2451
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 22 Mar 2022 15:29:14 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C9AF
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E446C6FC9B8A47FAA8BFF7595C7C81CD
42 B
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E446C6FC9B8A47FAA8BFF7595C7C81CD
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug001:0:479
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
server
openresty
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:E446C6FC9B8A47FAA8BFF7595C7C81CD
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 21 Mar 2022 15:29:15 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C9AF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4137273106857289133&gdpr=0&gdpr_consent=&us_privacy=
1 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4137273106857289133&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 10:01:23 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug028:0:391
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4137273106857289133&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame C9AF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=05c5f2ba-e4d6-4fba-8f01-3cff13067e70
42 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=05c5f2ba-e4d6-4fba-8f01-3cff13067e70
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug020:0:588
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=05c5f2ba-e4d6-4fba-8f01-3cff13067e70
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C9AF 		43 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C?gdpr=0&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:56c0:bbbc:18e0:97e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:14 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame C9AF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_8.CgUVE2uX5F7nltzpllehB3b9oubw-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_8.CgUVE2uX5F7nltzpllehB3b9oubw-~A&gdpr=0&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:42 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-_8.CgUVE2uX5F7nltzpllehB3b9oubw-~A&gdpr=0&gdpr_consent=
date
Tue, 22 Mar 2022 15:29:14 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame C9AF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6141021567606092823&gdpr=0&gdpr_consent=
42 B
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6141021567606092823&gdpr=0&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 06:23:18 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug007:0:370
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:14 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
f6f127f0-12f1-4605-8127-bc5452c5fb3f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6141021567606092823&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C9AF
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=461325ebf99808ee&is_secure=true&networkId=17100&version=1&nuid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADK9Fl9e6oFAM28G98AAAAAAA&expiration=1648049355&nuid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C&...
42 B
435 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADK9Fl9e6oFAM28G98AAAAAAA&expiration=1648049355&nuid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 09:17:48 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug023:0:567
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAADK9Fl9e6oFAM28G98AAAAAAA&expiration=1648049355&nuid=D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame C9AF
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=d4e8e5e2-a9f4-11ec-9a60-ab47edd9be64&gdpr=0&gdpr_consent=
1 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=d4e8e5e2-a9f4-11ec-9a60-ab47edd9be64&gdpr=0&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug011:0:689
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=d4e8e5e2-a9f4-11ec-9a60-ab47edd9be64&gdpr=0&gdpr_consent=
Date
Tue, 22 Mar 2022 15:29:14 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
d4e8e5e3-a9f4-11ec-9a60-ab47edd9be64
Pug
image2.pubmatic.com/AdServer/ Frame C9AF
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=07dFsoDnQrPIsEXogeRbs9KyQLLI4UKz1LWln4sQ
42 B
485 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=07dFsoDnQrPIsEXogeRbs9KyQLLI4UKz1LWln4sQ
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 06:23:33 GMT
cache-control
no-store, no-cache, private
x-lat
va2pug005:0:439
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=07dFsoDnQrPIsEXogeRbs9KyQLLI4UKz1LWln4sQ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame C9AF 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.203.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-203-194.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
content-length
0
content-type
text/plain
sn.ashx
pmp.mxptint.net/ Frame C9AF
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1B341_ED237649_36809EBA&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
204.2.255.233 Newark, United States, ASN2914 (NTT-LTD-2914, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-330949755; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-330949755; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Tue, 22 Mar 2022 10:00:16 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug024:0:432
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame C9AF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=62e8ec88-d2ea-41ea-a477-629331ac8f33
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=62e8ec88-d2ea-41ea-a477-629331ac8f33
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=a4a1d4c7-6fe7-47be-ba7e-456dcca1ffcf&ssp=pubmatic&expires=30&user_group=5&bsw_param=62e8ec88-d2ea-41ea-a477-629331ac8f33
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=62e8ec88-d2ea-41ea-a477-629331ac8f33&gdpr=&gdpr_consent=&gdpr_pd=
1 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=62e8ec88-d2ea-41ea-a477-629331ac8f33&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug016:0:447
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=62e8ec88-d2ea-41ea-a477-629331ac8f33&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 22 Mar 2022 15:29:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame C9AF
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553&gdpr=0&gdpr_consent=
42 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553&gdpr=0&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
cache-control
no-store, no-cache, private
x-lat
10:0:1716
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C9AF
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4927339359897315789
42 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4927339359897315789
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug005:0:858
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4927339359897315789
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dt
dt.adsafeprotected.com/ Frame FB9B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=897507&asId=bb924dad-14b6-4a84-8fc3-b5e835ef7fc0&tv=%7Bc:7BxZmx,pingTime:1,time:1429,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:32%7D,%7Bpiv:0,vs:o,r:l,t:106%7D,%7Bpiv:84,vs:i,r:,t:295%7D,%7Bpiv:53,vs:pp,t:466%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:171,o:295,n:106,pp:963,pm:0%7D,slEvents:%5B%7Bsl:n,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B97~1%5D,as:%5B97~300.600%5D%7D%7D,%7Bsl:o,t:106,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B189~0%5D,as:%5B189~300.600%5D%7D%7D,%7Bsl:i,t:295,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:84,obst:0,th:0,reas:,bkn:%7Bpiv:%5B171~75%5D,as:%5B171~300.600%5D%7D%7D,%7Bsl:pp,t:466,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:53,obst:0,th:0,reas:,bkn:%7Bpiv:%5B963~50%5D,as:%5B963~300.600%5D%7D%7D%5D,slEventCount:4,em:true,fr:false,e:,tt:rjss,dtt:241,fm:t0PaBLC+11%7C12%7C13%7C14%7C151%7C1521%7C16%7C171%7C1721%7C18%7C19%7C1a%7C1b11%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j*.897507-59604290%7C1j1%7C1k%7C1l%7C1m,idMap:1j.2cc77e28-c5f7-8e4d-678a-b0414cfd97eb.65_925175%7C1j*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.221.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-221-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
usermatch
ssum-sec.casalemedia.com/ Frame 9D79 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
73f27d4243718efdda113078a6c3c882f42e5e7372326fe25ed2d410cbae7aae

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|130|206|13|81|51|156
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 22 Mar 2022 15:29:14 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:14 GMT
Content-Length
1673
Connection
keep-alive
activeview
pagead2.googlesyndication.com/pcs/ Frame FB9B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQf1Ut4o1f8DLPPqjdYqNOCxucZMD1BhiaPwHwnknYT1-QOL_JqQyir-ths0Qxl7ZhMu97qPVAgRA1Wse2cJ9wZDljfbevK9ARg6w6xKtI1lAZpek&sai=AMfl-YRx5pu72tScZdFHTrQdTwpMUEGpESJ17r0Z18qTR2W7G8iAifoFE3R6SvaalXVhheWzrTCnAD_3VYQCDdqoeCj2mOIHKXKGES1zPx7vuAJTzAnG889gZ6_GJI6D&sig=Cg0ArKJSzJSOQ4p7tUS4EAE&cid=CAASJeRoBz5KokM_T4Htx7FIRB5DWK7nkuxql56lPMQ7Wk4RdKVkEgA&id=lidar2&mcvt=1218&p=879,1110,1479,1410&mtos=0,118,1218,1218,1218&tos=0,118,1100,0,0&v=20220321&bin=7&avms=nio&bs=0,0&mc=0.84&if=1&vu=1&app=0&itpl=20&adk=1483574547&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1647962952135&rpt=1577&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=601&dpuuid=77930602580799&random=1647962955
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://dp2.33across.com/ps/?pid=897&random=1388264777
  • https://dpm.demdex.net/ibs:dpid=601&dpuuid=77930602580799&random=1647962955
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=601&dpuuid=77930602580799&random=1647962955
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-0b0a839ea.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
wMN/1fdhRvQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:14 GMT
referrer-policy
unsafe-url
server
33XP002
x-33x-status
200004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://dpm.demdex.net/ibs:dpid=601&dpuuid=77930602580799&random=1647962955
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4813 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7f285000f74e5fef5cf2edfa7c1383a3a3f2472362d4a4e9eb5297b006c90b7b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|88|130|191|13|196|221
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Tue, 22 Mar 2022 15:29:15 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
Content-Length
1750
Connection
keep-alive
csi
csi.gstatic.com/ Frame C6DF 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l12alce9&c=6088512747745&slotId=3044256373872.5&qqid=CO77hbSE2vYCFRUXswAd4YwGGA&gqid=Sus5Yu6KHdGn7gKQ-rLYCA&fb=ima_html5-lima&sdkv=h.3.506.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=12&vhc=0&ghmsh_eids=44725355%2C44758374
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.506.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C6DF 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuqmulTMgefM2wctRrMgjiq9TknJeCzJhz4e9J3MccRQbT1FGCRN94JMCw9obmSO1Pp1e3O_uSUeN1x8DFDjZNXCTCKggUihpKuHpNq8F2KOlwx4IMY4i9doyesQnU6GtHk3qAFm51I5b0D9WVGNcDP1CyL9TVDL--zttYKE_4a1OI_1-F4G-K5gER59PWT_xpsutkDswThyck3n6YZnwOm1yJi_I6Hcbyk8GEdwvaqDqQU67CJewKO1-Nyrn9wMk8ZbjAMBdA96k6-gqK_BwLGN_5DNlJeBmLO08wM_iz02JDi9WCw6_TwY5y36gocgy9SoqVY5LcjPk3nPR1ikfXGf0asnVLoqe3UfWlD5zL5ozzmSOc&sai=AMfl-YR360CgOMTM5DVD1MpyBVZ7niz1aS8PCjBDkeSNrO-kJrA36dFcId5QeNavEQJ7jYS77kLPvxPN-Hi2UlGkFMKTPkLnzcAuE-s2_3eYtlbWcSYhE3NIhpbU5EiHTjAfJ0v-HCPHFJYzbMbA151l&sig=Cg0ArKJSzBNXuNLKjzf7EAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&sdkv=h.3.506.0&vci=CnEIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgNEQ00gBCoJNTIzMDg3Njk0MgkxNjc5MDM4OTlAxARSMwi-BxAPJQAAcEEoAToLMTY3OTAzODk5LTFCBEdEQ01QAFoQOUdoVFpYV0Jmb0tnQ1B6QhgB&adurl=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 92D6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmMQiabb5yh-PgYDOcQm3BfpVm5trxiM-drOU19nPiWA60R7YQ6QqBhG5NE21STYFOn4RiuMT8wYv0YZzDvM7P4SNv6YvHJb4EhKyo2Yck5mqAS2q1&sig=Cg0ArKJSzIc3slcxu6EDEAE&id=lidar2&mcvt=1217&p=125,0,558,1600&mtos=1217,1217,1217,1217,1217&tos=1217,0,0,0,0&v=20220321&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2385402828&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1647962952299&rpt=1220&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
___tp.gif
analytics.responsiveads.com/ Frame 92D6 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.responsiveads.com/___tp.gif?rada=&radb=&aid=6227aaa551c2212df5bf8069&fl=6227aaa551c2212df5bf806a&deployment=62290fb251c2212df5bf8b1c&vid=&pu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&dm=arstechnica.com&asid=5945896294&ascid=138384132668&pcat=3&sr=1600x1200&vs=1600x1200&as=1600x433&o=null&ald=null&ascb=885225794&uuid=77429bd1-8072-4b72-9b56-4aa001beb8e0&ec=0&e=impressions&vi=true&vit=1000&cb=1647962955097
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.255.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-255-175.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:15 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
image/gif
_O44b6Um_normal.jpg
pbs.twimg.com/profile_images/1504858246900817923/ Frame 80E6 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1504858246900817923/_O44b6Um_normal.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1D07) /
Resource Hash
3b9b7c1072cdf9a8d408829791cdfcf4b829805c2240306d3c1df8a5e4d2b086
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
age
341777
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
2035
x-response-time
19
surrogate-key
profile_images profile_images/bucket/2 profile_images/1504858246900817923
last-modified
Fri, 18 Mar 2022 16:30:19 GMT
server
ECS (nyb/1D07)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
dab719125ee1998c11e0c8db2e6781ea68ef71649fcc1ca7bd6c99c12375ee1d
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
track
capture.condenastdigital.com/ Frame FD8D 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-22T15%3A29%3A15.179Z&_c=Video%20Ad&_t=Ad%20Loaded&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&cId=60abade4dc31e5375248cba6&cKe=Unsolved%20Mysteries%2CArs%20Technica%20Unsolved%20Mysteries%2CQuantum%20Leap%2CUnsolved%20Mysteries%20Quantum%20Leap%2CQuantum%20leap%20show%2Cquantum%20leap%20ending%2Cquantum%20leap%20bakula%2CDonald%20P%20Bellisario%2CQuantum%20Leap%20Finale%2CQuantum%20Leap%20JFK%2CQuantum%20Leap%20Lee%20Harvey%20Oswald%2CQuantum%20Leap%20interview%2CScott%20Bakula%2CDean%20Stockwell%2CQuantum%20Leap%20Ziggy%2CQuantum%20Leap%20Al%2CQuantum%20Leap%20NBC%2CNBC%20Quantum%20Leap%2CQuantum%20Leap%20Episodes%2Cquantum%20leap%20intro%2Cquantum%20leap%20ars%20technica%2Cars%20technica%20quantum%20leap&cPd=2021-05-25T15%3A00%3A00%2B00%3A00&cTi=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=854&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&pWw=276&pWh=155.25&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&uId=793acb54-8a60-48cc-91e9-0be61845aed6&xid=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%222be6198%22%2C%22guid%22%3A%22bed541c0-6921-c9ef-4b7a-e241b75a79db%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_b0ed5a6f-d8a5-4f14-a6b5-421a821e65c7_text2vec1_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22523087694%22%2C%22adType%22%3A%22unknown%22%2C%22creativeId%22%3A%22167903899%22%2C%22wrapperAdIds%22%3A%5B%225881677489%22%5D%2C%22wrapperAdSystems%22%3A%5B%22GDFP%22%5D%2C%22dfpLineItem%22%3A%225881677489%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A0%7D&videoViews=1&adId=523087694
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:15 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CONDENASTINLINEINT1&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1647962954664&de=553761600701&m=0&ar=359f21c1e97-clean&iw=9d39110&q=12&cb=0&ym=0&cu=1647962954664&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=-%3A-%3A5881677489%3A138383011217&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&dfp=0%2C1&la=5881677489&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&gw=condenastinlineint626489506216&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A468%3A468%3A0%3A712&fs=197273&na=1876749847&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:15 GMT
csi
csi.gstatic.com/ Frame FD8D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l12albk4&c=6088512747745&slotId=3044256373872.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2ECD
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=WXjx6Hh_SIqqDgsKJmTadQ&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WXjx6Hh_SIqqDgsKJmTadQ
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WXjx6Hh_SIqqDgsKJmTadQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Server
52.94.220.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:16 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
9ZT8DM1DAWZTZV9W0PMJ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=WXjx6Hh_SIqqDgsKJmTadQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 2ECD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTY2MTAyMjIwZjliZWFhYzFkNGZjNzFhNjZkNzg0ODQ0NDNiN2FjZQ&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTY2MTAyMjIwZjliZWFhYzFkNGZjNzFhNjZkNzg0ODQ0NDNiN2FjZQ&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
H3
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTY2MTAyMjIwZjliZWFhYzFkNGZjNzFhNjZkNzg0ODQ0NDNiN2FjZQ&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2ECD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG1XLDqZ_Be1SjuF0_RCBn8&google_cver=1
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG1XLDqZ_Be1SjuF0_RCBn8&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
af308bb17a856a105b8c87aaae7d7f8c
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEG1XLDqZ_Be1SjuF0_RCBn8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 2ECD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L12ALATH-K-LNSR&us_privacy=1---
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L12ALATH-K-LNSR&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 65FEF1F52CB64984A8ECFF3A9A91A053 Ref B: NYCEDGE1610 Ref C: 2022-03-22T15:29:15Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXa0EaQySN2thj/Isn+jg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L12ALATH-K-LNSR&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2ECD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&gdpr=0&gdpr_consent=&expires=30
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=05c5f2ba-e4d6-4fba-8f01-3cff13067e70&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 2ECD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/z-8MQNP61Kfn0ULpysWhJw?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8305021932469246601
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8305021932469246601
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
19ea072139d67f7022c6e463249c998e
Content-Type
image/gif

Redirect headers

date
Tue, 22 Mar 2022 15:29:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8305021932469246601
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 2ECD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEyQUxBVEgtSy1MTlNS&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEyQUxBVEgtSy1MTlNS&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
H3
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDEyQUxBVEgtSy1MTlNS&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 2ECD 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
ibs:dpid=771&dpuuid=CAESEMZQmC5zYRulRGm4oq-8cVY&google_cver=1
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjU0MTY5NDY1MDEwNzQ0ODY4ODE4Njk0NzYxOTQ5Nzc5MjkwMTc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMZQmC5zYRulRGm4oq-8cVY&google_cver=1?gdpr=0&gdpr_consent=
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMZQmC5zYRulRGm4oq-8cVY&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-04f3aa68e.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
4dde8rLnToM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEMZQmC5zYRulRGm4oq-8cVY&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
FOL1AZKXsAMRGRs
pbs.twimg.com/media/ Frame 80E6 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/FOL1AZKXsAMRGRs?format=jpg&name=small
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:1410:489:141e:20bb:12f6 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nyb/1DCD) /
Resource Hash
610819a0c480519aca0afac1e47abea6b114c732c7f5ee04ed2bd517a6bc4687
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
age
74493
x-cache
HIT
server-timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ,edge;dur=1
content-length
23207
x-response-time
16
surrogate-key
media media/bucket/6 media/1505034612598353923
last-modified
Sat, 19 Mar 2022 04:11:08 GMT
server
ECS (nyb/1DCD)
strict-transport-security
max-age=631138519
x-tw-cdn
VZ, VZ, VZ"
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
cfa114d714810f98a253f795f58e9d2317e8e543b46dbe0bb107577cdb61ea91
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
dt
dt.adsafeprotected.com/ Frame FB9B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925175&asId=2cc77e28-c5f7-8e4d-678a-b0414cfd97eb&tv=%7Bc:7BxZrT,pingTime:-10,time:1619,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1647962954347%7C%7C47072dffb59f019e7adcd53fd95f98ac%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Caaf4bcf42825df666eeb7ddc2795cfcc%7C%7C642ecc335ddaa61d574f07604a87040b%7C%7Ca5b83e7f8e5948c95f986c0d2de7fac6%7C%7C72d51cf56825ababe6c2a0048c5b650d%7C%7C6d688c4496c08b0051b481645c394d6b%7C%7C1629390669,im:%7Bimprf:%7Bttecl:1007,ecd:40,tsecr:144%7D%7D,sca:%7Bspg:bb924dad-14b6-4a84-8fc3-b5e835ef7fc0%7D,env:%7Bccd:%7Bversion:1,uspString:1---%7D%7D%7D
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.221.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-221-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
log
c21lg-d.media.net/ Frame 3B4B 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=95abb6e4-039a-44d3-acd4-0c484f8776d1&cs=15&vsid=2909645546634886000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 22 Mar 2022 15:29:15 GMT
YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9D79 		43 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB?gdpr_consent=&us_privacy=1---&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:56c0:bbbc:18e0:97e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 9D79
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6141021567606092823&us_privacy=1---
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6141021567606092823&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5b6d7a85-c786-40b2-9adf-19c9644dbc64
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6141021567606092823&us_privacy=1---
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 9D79
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEsIE7Ec9cAAAz-s8TaRg&expiration=1649172555
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEsIE7Ec9cAAAz-s8TaRg&expiration=1649172555
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEsIE7Ec9cAAAz-s8TaRg&expiration=1649172555
Date
Tue, 22 Mar 2022 15:29:15 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 9D79
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB&gdpr_consent=&us_privacy=1---&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB
43 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a07:56c0:bbbc:18e0:97e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB
date
Tue, 22 Mar 2022 15:29:15 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 9D79
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=077222040784cc31d02957f2&expiration=[EXPIRATION]
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=077222040784cc31d02957f2&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=077222040784cc31d02957f2&expiration=[EXPIRATION]
Date
Tue, 22 Mar 2022 15:29:15 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
rum
dsum-sec.casalemedia.com/ Frame 9D79
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&us_privacy=1---
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=pvzwovWs96O9-_D49K_uo6f59aK9qvejof4bxpzN
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=pvzwovWs96O9-_D49K_uo6f59aK9qvejof4bxpzN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=pvzwovWs96O9-_D49K_uo6f59aK9qvejof4bxpzN
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum.casalemedia.com/ Frame 9D79
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index&us_privacy=1---
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=index
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=5fa719d4-8452-4932-bbdc-f7ca46c1b25d&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=62e8ec88-d2ea-41ea-a477-629331ac8f33
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=62e8ec88-d2ea-41ea-a477-629331ac8f33
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:16 GMT

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=62e8ec88-d2ea-41ea-a477-629331ac8f33
Date
Tue, 22 Mar 2022 15:29:15 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
crum
dsum.casalemedia.com/ Frame 9D79
Redirect Chain
  • https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1&us_privacy=1---
  • https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=477a6364-4aa2-4979-a7fc-6fe14ccfc4bf
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=477a6364-4aa2-4979-a7fc-6fe14ccfc4bf
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

X-ServerName
Track002-iad
Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:13 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=156&external_user_id=477a6364-4aa2-4979-a7fc-6fe14ccfc4bf
Cache-Control
private,no-cache
Content-Type
text/html; charset=utf-8
Content-Length
222
Expires
-1
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 9D79 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YjnrSETtBJYiRIvboXIHjAAA%26986?us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:15 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2771
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 16:15:26 GMT
48
r5---sn-ab5szn7e.c.2mdn.net/videoplayback/id/3637ac91f189b086/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791493514/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,m... Frame FD8D
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/3637ac91f189b086/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791493514/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sig...
  • https://r5---sn-ab5szn7e.c.2mdn.net/videoplayback/id/3637ac91f189b086/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791493514/sparams/acao,ctier,expire,id,ip,ipbits,i...
2 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://r5---sn-ab5szn7e.c.2mdn.net/videoplayback/id/3637ac91f189b086/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791493514/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/960B171FFCDFF554D68BA3463993D97678316E.65788A5A28C4C5852740A5081FE0184055499D40/key/cms1/cms_redirect/yes/mh/LC/mip/2602:ffc8:2:104::7/mm/42/mn/sn-ab5szn7e/ms/onc/mt/1647962785/mv/u/mvi/5/pl/48?cpn=9GhTZXWBfoKgCPzB&file=file.mp4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
2607:f8b0:4006:33::b Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:15 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sat, 12 Mar 2022 00:38:25 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-2170716/2170717
Cache-Control
private, max-age=86400
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
2170717
Expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r5---sn-ab5szn7e.c.2mdn.net/videoplayback/id/3637ac91f189b086/itag/343/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3791493514/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/960B171FFCDFF554D68BA3463993D97678316E.65788A5A28C4C5852740A5081FE0184055499D40/key/cms1/cms_redirect/yes/mh/LC/mip/2602:ffc8:2:104::7/mm/42/mn/sn-ab5szn7e/ms/onc/mt/1647962785/mv/u/mvi/5/pl/48?cpn=9GhTZXWBfoKgCPzB&file=file.mp4
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
673
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4813 		43 B
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB?gdpr_consent=&us_privacy=1---&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a07:56c0:bbbc:18e0:97e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 4813
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6141021567606092823&us_privacy=1---
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6141021567606092823&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 675.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6ace1074-0c4d-4ba9-b71a-3b38bdcf9f2e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6141021567606092823&us_privacy=1---
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4813
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&us_privacy=1---
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjnrRwAAADpnQgQL&us_privacy=1---
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjnrRwAAADpnQgQL&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647962955.484045,VS0,VE0
x-served-by
cache-ewr18152-EWR
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjnrRwAAADpnQgQL&us_privacy=1---
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame 4813
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie?us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEsIE7Ec9cAAAz-s8TaRg&expiration=1649172555
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEsIE7Ec9cAAAz-s8TaRg&expiration=1649172555
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAEsIE7Ec9cAAAz-s8TaRg&expiration=1649172555
Date
Tue, 22 Mar 2022 15:29:15 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum.casalemedia.com/ Frame 4813
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&us_privacy=1---
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=cd08e909-f151-0518-4e49dd2b
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=cd08e909-f151-0518-4e49dd2b
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 google
server
nginx/1.20.2
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=cd08e909-f151-0518-4e49dd2b
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
119
crum
dsum-sec.casalemedia.com/ Frame 4813
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d&us_privacy=1---
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0772220407a3bae13afcafa3&expiration=[EXPIRATION]
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0772220407a3bae13afcafa3&expiration=[EXPIRATION]
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&external_user_id=0772220407a3bae13afcafa3&expiration=[EXPIRATION]
Date
Tue, 22 Mar 2022 15:29:15 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Powered-By
Express
Content-Length
0
Vary
Origin
crum
dsum-sec.casalemedia.com/ Frame 4813
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&us_privacy=1---
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&us_privacy=1---&prevuid=04030001_6239eb4b89a0e&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_6239eb4b89a0e
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_6239eb4b89a0e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:15 GMT

Redirect headers

date
Tue, 22 Mar 2022 15:29:15 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_6239eb4b89a0e
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
qmap
sync.crwdcntrl.net/ Frame 4813 		49 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YjnrSETtBJYiRIvboXIHjAAA%26986&gdpr=&gdpr_consent=&us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.157.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-157-37.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.36.67
content-type
image/gif
content-length
49
expires
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4813 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YjnrSETtBJYiRIvboXIHjAAA%26986?us_privacy=1---
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:15 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2771
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 16:15:26 GMT
dt
dt.adsafeprotected.com/ Frame FB9B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925175&asId=2cc77e28-c5f7-8e4d-678a-b0414cfd97eb&tv=%7Bc:7BxZtH,pingTime:1,time:1731,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:351%7D,%7Bpiv:0,vs:o,r:l,t:438%7D,%7Bpiv:53,vs:pp,r:,t:547%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:547,n:438,pp:1184,pm:0%7D,slEvents:%5B%7Bsl:n,t:351,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B105~1,0~0%5D,as:%5B105~300.600%5D%7D%7D,%7Bsl:o,t:438,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B109~0%5D,as:%5B109~300.600%5D%7D%7D,%7Bsl:pp,t:547,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:53,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1184~50%5D,as:%5B1184~300.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:251,fm:t0PaBLC+11%7C12%7C13%7C14%7C151%7C1521%7C16%7C171%7C1721%7C18%7C19%7C1a%7C1b11%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j*.925175%7C1j1%7C1j2%7C1j3%7C1j4%7C1k%7C1l%7C1m%7C1n,idMap:1j.bb924dad-14b6-4a84-8fc3-b5e835ef7fc0.62_897507-59604290%7C1j*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.221.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-221-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
log
c21lg-d.media.net/ Frame 4B91 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=95abb6e4-039a-44d3-acd4-0c484f8776d1&cs=15&vsid=2909645546634886000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 22 Mar 2022 15:29:15 GMT
ca
choices.trustarc.com/ Frame FB9B 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=moxie_verizon01&pid=moxie01&cid=26925916&js=st_1&sz=1x1&c=te-5abc
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=moxie01&aid=moxie_verizon01&cid=26925916&js=st0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-62.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
4a10461ab57652e802d25c8c0be3895be08320b90f91a8b6adaa08a38b4e06f7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 13:42:18 GMT
content-encoding
gzip
server
nginx
age
6417
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 3dd77c5199bed8cf64af9bc1af1f0d84.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
EWR53-C2
content-length
2183
x-amz-cf-id
e3P7S7xj0mj6hpHfGbhuNgVVqe-ZC6t_6D4UaOXqeL1hWHpzcyj3uQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame FB9B 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=moxie_verizon01&pid=moxie01&cid=26925916&js=st_2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=moxie01&aid=moxie_verizon01&cid=26925916&js=st0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-62.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 07:47:04 GMT
content-encoding
gzip
server
nginx
age
27731
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 3dd77c5199bed8cf64af9bc1af1f0d84.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
EWR53-C2
x-amz-cf-id
KbmZ45H9gKJQeh490SDyDHqY6vxxeduCvhP4QMFZI_r8jsQ8ENS_pA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame FB9B 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=moxie_verizon01&pid=moxie01&cid=26925916&w=1&h=1&c=cca0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-62.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 3dd77c5199bed8cf64af9bc1af1f0d84.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
EWR53-C2
vary
Origin
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
lc6suhrthG9jC0C6uIJJSbsgKIoB-SMskKPrZWKhYhaCeGNPVr42mg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ibs:dpid=992&dpuuid=bi9xa3sr84e8
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=65416946501074486881869476194977929017
  • https://dpm.demdex.net/ibs:dpid=992&dpuuid=bi9xa3sr84e8
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=992&dpuuid=bi9xa3sr84e8
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-098edd3e8.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
quifRi3YQ48=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://dpm.demdex.net/ibs:dpid=992&dpuuid=bi9xa3sr84e8
cache-control
no-cache
cf-ray
6efff6381cecd157-BUF
content-length
0
log
c21lg-d.media.net/ Frame 3B4B 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=XuY5qJ9oYZ1RT7cxUcR82vN82TgwmKvb&cs=15&vsid=2909645546634886000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C2026%2C159%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C3007%2C201%2C4%2C246%2C203%2C126%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C3016%2C214%2C3015%2C338%2C77%2C182%2C261%2C184%2C141%2C188%2C222%2C225%2C226%2C80%2C10000%2C229%2C108%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 22 Mar 2022 15:29:15 GMT
log
c21lg-d.media.net/ Frame 4B91 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=_CWvS7NK7FGWBJIOwk2CfDhPumyJiyEC&cs=15&vsid=2909645546634886000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.196.180.24 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-196-180-24.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 22 Mar 2022 15:29:15 GMT
reloadCampaigns.js
api.bounceexchange.com/bounce/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=1201&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAWAdgE5CAmcgVnoAZzNgAvEKBzAdwFMAjHKmC8A+qgAmUKgA4GhTACdeOEABs4aDAUIMGAD3xU9S3jF6LliqNgCGatagQBzUXEVqoAC2DAADjgApADMAIKBVABiEZG2ijgiSF4IqEi2AHRIIAC2MU4wIIrZtloIALSJyeogzgCeMcZUVDEMwTH8vF7qEmW2ZX62ODjchT1+Xqg4Ey5lQiIVXiVlaeXAiqkA1mW8AG685Ti2Ozu1ZXA4FkFRmDuTwqJZIBuovFCBpABCEVRqft8h4SaPn8V1oYQitCiEKicQSvCSKTSmRy0Mi+UKxVKFXhVTUNXqVEhkUazUJUVaqI6XTUPT6AyGI0UYwmUyczlmwl4CyWKwq6yQW12+1mRxOZwu8VR-yoAGFvop-uCmv9SAARbAgJ4vN6fb47RXhXVNIWKUR45zOXgScQIA0wewXd6qiJypowHbAA1EMiUGhgl16yRekgUah0YK0cjEcjyANNWwgA0MOM-P7KpVUYEBCFKomo2GVREZLK5MlohAFIoldCrHEIap1VEk1EUstU7q9fqDYajfos6bsuZc4CLYDLWyrfmCvYHUWnc6XKXK2XfQZJlM7Pz69OhfApiQG74H5euqgKnfS0mnpAe4M+sP+ldNITH5phNpPqjOJDnt+hcgyCmpZ-smn4SEGF5NLohD4OQNAMMQVDBMEMikDIMYAdKp5qLeO7eqGfrECmaTZAMqDOAgVx-u8XxNPg8jBE0pCHkaVDHF6KY4Z6eEhr6dBEWqTpOjcsIANq3BIvAgKItxCPwai8AAulAaxwLwInxKJAyWqIwC1H4SlQHEaBIApGk4KJ2QgBI9gyXc8mGfaagXOZonGakCmiAgtjZI5DrqTsYnuaZYhpCIziFLUylOS5gWac49gKYotReT5fnOQFYkJQ4FgpWFvARcl0X+a55qWtaTjFRlrkmmaNTlTaVWxWJEgwH4oiKPJIACspiUgNwrlIAgoi8MUqBqKIOBwIIP6oB0ihNZlmlTfw2TCCI1qjbY42iIU-DCItGpamIoDSWocSWrAJX8H4nCYLw-hQKJimYH4wB4BqpGOBOSBiDA53ODYrV+M9UCRsQtDoWGxCYMDoPEDIMjEAhMhGMENyLHdW6SAQShqHpBlQMDHVdQKePeb5UBxagtgOUAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_486c3deacef91dda746a40d4c0c1cd36.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
0774ea6ef528b18860bd8d9647dd2e0082ae7cbe837dd70296e8197fc8202c26

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
content-encoding
gzip
last-modified
Tue, 22 Mar 2022 15:29:15 GMT
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
15
content-type
text/javascript;charset=UTF-8
alt-svc
clear
via
1.1 google
expires
0
reloadcampaigns
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmHitDBAQA+gJxoGIXj1YBmAIIySwQtL68AwjNQYQIkgE9k62YpnUSaOIxlaZiCDChgxaCVLvm+AMxc5Tez5La0YRLCRA7x4-MAC7Hm1g4CsbfQQSEAwIYEMvJV9-QMSZDBdGXPDI-JlY+I0SvjKwCsMRDKycvI1ouuKknkgMPRgRNCwawrj+mRAKEGARIZGxiZ6CmKKEgZgfZBFgBgg4AGtJnnKIAHdtmTgsERBEdFccQjocOBo6BfO+274bzoiDQJEyoyeLxEOTooL+Ww07AAIgAyUCQWAIFDobD4CKIEDMKg0eiMNHgaDwJCoTC4PBGEzMXb7Q6QU4oxxCZgABhRVxAH1BIEEzB4AA5uQA2FHiUEigCMkoALOwAJySniqgCsci1qqVqqlKKEAjgwpgzElUvlqs13KVPDkcjF7DFhtVYpRujmaBAVwVKICAEc1FgzSKlSibL6sGC0ATSNTmIqVerNVqM-LedGQLGoMg0PNgBIIFhmCQoBg5MafWamYGIIRgHX+XQUZXcyRmMQFkA
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
adsct
analytics.twitter.com/i/ Frame 2076 		43 B
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=65416946501074486881869476194977929017&p_id=38594
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
11
date
Tue, 22 Mar 2022 15:29:14 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
3e79950d5857994817a5f23952d49f6712e1c333ba753a37f9556c7c18d3c2a1
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 29E5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BwzT-SOs5YoqTMbiUoPMPho6R6AoAAAAAOAHgBAI&bg=!aGulay_NAAba2mK92to7ACkAdvg8Wrw618b1asyHKVz9rYEURwxg5-n8ku8vGvhlpe2wg4QUIMyFwQIAAARXUgAAAAJoAQcKAEBT-VC284Ot3qwX43jD5L_hGaOB_WovDt-MXQm4hRm92cWqjbLONopKRNP-mG72Xf7eYNaRszOfr7rydfi2tde4mQMhFvDP8t81nDQv0udahFhWxrw08QWsxCZHJJjFrj62QExdMzNemzbDjNVQG9y5IW83E62H0BaoLBQvhILI_Xo9D7wIfroeIxI1xCyhOf7Q2M89gGkwHlPKyN4WuHe9YsHWgVVmIrjucBeirlrdummD2vfMJYHM1ZNEeYnyzMJx1F3JZfx12cDpo6IMHDufuGDdn5PBCJB-oWXPn5Ufne8IzNZP7YtsxGo7u3QoO_F_1R-EdOI-po9yGnFPky6f332nqDW4IDmI0ItuxR5qvcAT_P3FCoScjELIQ1K49PsLZb6y81NY3G_EIfLIY7Ai9-BfjijhuRuNzGY4nmCiVaelkdBt_7iZ3cAf7booA2QtyJRiauMhkRww_Htp6m1px7uIj0dRRG_fx3SPsqqhLn0-Dk2BZzETUf-9k2JBiAOCJdrmhuUGks5wA_6vShKdqF4NxTZQjyJmEZ9-uhOhvO_xy95MuBovW1UhROuYGzvjx3qOPt2EzzOPrXHeZlhXxwfb6G0lgBYj0GVFj2IF6LBy8b3glerYSEPYY2Bb85yyigijA4Tiry9Thidcqll6mfyCFrRQSG89Ax_Tlv2H4UY5j306kFbTdiXagU7DjP_l9YIGW2QUJ7-IrKHM2HewPmFGX9RfY1NyZkTN3JvX0WiKGsFl_D2EId23JebRd6N8sz4BM2NXWS7HkPM2vVRQO4jMZM5SYELZauHKBsH7cviQk9kW7aikl8jXvfUAvr4VaJsmzs5HbH9uLLFnzq8aR0eae4l0MEySFfEawjMU7jqju11F6oCCugTckJff13GtiOnWljxFhPsibi1eyRy97sUa6P8SP-lNIqcTNGollVHiFV17iJH27XJxL1CcYi_IOb3Ri5f_1A3dtJX-8hI1Qk_utpT0QK5y1aTQXciJKPm4bMjNQPJKXak2sJFQNntXzi6hZwyrlcrDtd5Xxdrnvq9CTBGjwVLAwkyG5cja6YCWYBls1vM5JiZP9BXAEOSgy6NVk1HSewgCXjvuN6sdLNrn1KU7YAPqJXQ2AJzbxSSBfb1l_OnQu-nuL5KxIBDQ9iE-
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
eligible
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/eligible?wklz=M4Uw5gtiB2AuD6BLAJsAvAMgMYEMIAcdExoU0BGABgDYBmAJnoHYNgB7AVwCcsQ0AjTtF4APDDjAxYaAFbAMENsj6UMAdxD9giWCDL0AHDQwA3RNthly1ACxMAnNXr2ArLRf2b948rO8y1DTk9s6UNvS0tAZMBt72BhiEkmYgalasIACOHDD+yGgu2AA2iFKWUMCwePgUtg5Ori4etMWlcDj4iCYgXNps0GhVYC2+iLxoyEA
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 38A4 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
818d6d73-e08f-48af-bdb6-a7ec090f4375
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=1175&gdpr=0&dpuuid=7h0R4b1NFuD1GhG7vE4P4O8YFOH1Sxbg6R9OG5L4
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=7h0R4b1NFuD1GhG7vE4P4O8YFOH1Sxbg6R9OG5L4
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=7h0R4b1NFuD1GhG7vE4P4O8YFOH1Sxbg6R9OG5L4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-0d5348860.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
9eBtEyPdQoQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=7h0R4b1NFuD1GhG7vE4P4O8YFOH1Sxbg6R9OG5L4
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame C6DF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BU6gGSus5Yu6uHpWuzLUP4ZmawAHNx9KXRgAAABABILfjuCA4AViR25TCgwRgye6Oi8CkjBCyAQ9hcnN0ZWNobmljYS5jb226AQs0MDB4MzAwX3htbMgBBdoBd2h0dHBzOi8vYXJzdGVjaG5pY2EuY29tL2luZm9ybWF0aW9uLXRlY2hub2xvZ3kvMjAyMi8wMy9iZWhvbGQtYS1wYXNzd29yZC1waGlzaGluZy1zaXRlLXRoYXQtY2FuLXRyaWNrLWV2ZW4tc2F2dnktdXNlcnMvmAKa2gHAAgLgAgDqAjwvMzM3OS9jb25kZS5hcnMvaW5saW5lLXBsYXllci9pbmZvcm1hdGlvbi10ZWNobm9sb2d5L2FydGljbGX4AvLRHpAD4AOYA-ADqAMB4AQB0gUGELGNzfQVkAYBoAYkqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHH9IIBwiAYRABGF3YCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=UjRSKukH6LY&label=video_ad_loaded&acvw=&sdkv=h.3.506.0&vci=CnEIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgNEQ00gBCoJNTIzMDg3Njk0MgkxNjc5MDM4OTlAxARSMwi-BxAPJQAAcEEoAToLMTY3OTAzODk5LTFCBEdEQ01QAFoQOUdoVFpYV0Jmb0tnQ1B6QhgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame C6DF 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsslN7V1UFnV5gA91MyyoQTaGVH_TTE1PWBi9my_sD_F_qP0HJ4YQY6o3IptxC9cQy0AEB-7nYp1UkDe7rskSXt1HL46cJwBLYZINfpQDCns6TbFsh1-_AD2huBcfKLoJYr6UWfiemN1Bp-UqTM7jMWkSSUwzB3VtGAm_REBj8vksVdj1avXFr5WOJJBmcTGmW3F3gQByC77-bC9pFzY3WYyqYknnp3WRgO_jdlPSJkaqilf1kvB0LQWfpp1bMCZIW5WblXEPVDxnwQwRyJ28grJs-5TgIutMZN_Dqm0Z46wu03RmVU_hLeLks9_O0SlaI3bhO_9QYuhULfrXLcm8AM1qaqxVcT4w8D2SQ4xgs5t6YFZz_d31qLw5IpO-KVbZescy3P5SzgYRyRqumBSiLXYHKDG935Ia7Y5f_6Nyz1UE_JCVnExavE&sai=AMfl-YSRgpQsiyGl6-nWcjfUUt-j4QaK9CiblaNkf4hGXoqZHiqO4BGI-5eva8MPWYeVLneWGUGKVTDP-9DCPyLoij1034jyIznP3oiSMB3ACLTVRP4JYQdnRlSxUZD0MGkaedUueO2CDageQ537P4WJ&sig=Cg0ArKJSzDPGxVMxROEMEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&fbs_aeid=[gw_fbsaeid]&urlfix=1&sdkv=h.3.506.0&adurl=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
csi
csi.gstatic.com/ Frame C6DF 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l12ale7i&c=6088512747745&slotId=3044256373872.5&qqid=CO77hbSE2vYCFRUXswAd4YwGGA&gqid=Sus5Yu6KHdGn7gKQ-rLYCA&fb=ima_html5-lima&sdkv=h.3.506.0&mrd=4&aab=1&itv=1&gpm_i=12&gpm_c=12&gpm_a=11&smb=1000&br=958&mt=video%2Fmp4&vs=640x360&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Capplication%2Fx-mpegurl&hvmf=false&vms=1&bit=343&vsrc=doubleclick_dmm&met.4=ff.l12alepd
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.506.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame C6DF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BU6gGSus5Yu6uHpWuzLUP4ZmawAHNx9KXRgAAABABILfjuCA4AViR25TCgwRgye6Oi8CkjBCyAQ9hcnN0ZWNobmljYS5jb226AQs0MDB4MzAwX3htbMgBBdoBd2h0dHBzOi8vYXJzdGVjaG5pY2EuY29tL2luZm9ybWF0aW9uLXRlY2hub2xvZ3kvMjAyMi8wMy9iZWhvbGQtYS1wYXNzd29yZC1waGlzaGluZy1zaXRlLXRoYXQtY2FuLXRyaWNrLWV2ZW4tc2F2dnktdXNlcnMvmAKa2gHAAgLgAgDqAjwvMzM3OS9jb25kZS5hcnMvaW5saW5lLXBsYXllci9pbmZvcm1hdGlvbi10ZWNobm9sb2d5L2FydGljbGX4AvLRHpAD4AOYA-ADqAMB4AQB0gUGELGNzfQVkAYBoAYkqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHH9IIBwiAYRABGF3YCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=UjRSKukH6LY&label=vast_creativeview&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2671%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D414449270%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4065%26pngs%3D9,14,15%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1647962955067&sdkv=h.3.506.0&vci=CnQIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgNEQ00gBCoJNTIzMDg3Njk0MgkxNjc5MDM4OTlAxARSNgi-BxAPJQAAcEEoAToLMTY3OTAzODk5LTFCBEdEQ01I6ARQAFoQOUdoVFpYV0Jmb0tnQ1B6QhgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C6DF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkAKTZUyDfrWhs9c-apCat13LkHA4IyngLugaHle0oCgIGkzvGLqvfkm9y3_9RRMRbUn2XxFFJZ7b3hYKEkPkTrv1DTyN8&sig=Cg0ArKJSzE6628BxeRMfEAE&id=lidarv&acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2671%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D414449270%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4069%26pngs%3D9,14,15%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1647962955067&avm=1
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI7vuFtITa9gIVFRezAB3hjAYYEAEYACCbhYhQ;met=1;acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D...
ade.googlesyndication.com/ddm/activity/ Frame C6DF 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7vuFtITa9gIVFRezAB3hjAYYEAEYACCbhYhQ;met=1;acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2671%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D414449270%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4069%26pngs%3D9,14,15%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1647962955067;ecn1=1;etm1=0;eid1=200101;
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C6DF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVafsfN9XTw8KCBRd9T7ceiCl3OV9C3Q0CIL6Ax88Ggub1H_lEYnI2SKpfgETxAFgRRa5udIDJk-sLfXEHPgyLck3PA8QV5Z22nvRfmNqbRqvNJd9F&sig=Cg0ArKJSzHRVnIt5QJNpEAE&id=lidarv&acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2671%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D414449270%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4069%26pngs%3D9,14,15%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1647962955067&avm=1
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI7vuFtITa9gIVFRezAB3hjAYYEAEYACCbhYhQ;met=1;acvw=sv%3D922%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0...
ade.googlesyndication.com/ddm/activity/ Frame C6DF 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7vuFtITa9gIVFRezAB3hjAYYEAEYACCbhYhQ;met=1;acvw=sv%3D922%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2671%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D414449270%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4073%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1647962955067;dc_rfl=1,https%253A%252F%252Farstechnica.com%252Finformation-technology%252F2022%252F03%252Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%252F%240;ecn1=1;etm1=0;eid1=11;
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame C6DF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BU6gGSus5Yu6uHpWuzLUP4ZmawAHNx9KXRgAAABABILfjuCA4AViR25TCgwRgye6Oi8CkjBCyAQ9hcnN0ZWNobmljYS5jb226AQs0MDB4MzAwX3htbMgBBdoBd2h0dHBzOi8vYXJzdGVjaG5pY2EuY29tL2luZm9ybWF0aW9uLXRlY2hub2xvZ3kvMjAyMi8wMy9iZWhvbGQtYS1wYXNzd29yZC1waGlzaGluZy1zaXRlLXRoYXQtY2FuLXRyaWNrLWV2ZW4tc2F2dnktdXNlcnMvmAKa2gHAAgLgAgDqAjwvMzM3OS9jb25kZS5hcnMvaW5saW5lLXBsYXllci9pbmZvcm1hdGlvbi10ZWNobm9sb2d5L2FydGljbGX4AvLRHpAD4AOYA-ADqAMB4AQB0gUGELGNzfQVkAYBoAYkqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHH9IIBwiAYRABGF3YCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=UjRSKukH6LY&label=part2viewed&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2671%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D414449270%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4073%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1647962955067&sdkv=h.3.506.0&vci=CnQIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgNEQ00gBCoJNTIzMDg3Njk0MgkxNjc5MDM4OTlAxARSNgi-BxAPJQAAcEEoAToLMTY3OTAzODk5LTFCBEdEQ01I6ARQAFoQOUdoVFpYV0Jmb0tnQ1B6QhgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI7vuFtITa9gIVFRezAB3hjAYYEAEYACCbhYhQ;met=1;acvw=sv%3D922%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D20,0,0,0,0%26mtos%3D20,20,20,20,20%26amtos%3D0,0,0,0,0%26m...
ade.googlesyndication.com/ddm/activity/ Frame C6DF 		42 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7vuFtITa9gIVFRezAB3hjAYYEAEYACCbhYhQ;met=1;acvw=sv%3D922%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D20,0,0,0,0%26mtos%3D20,20,20,20,20%26amtos%3D0,0,0,0,0%26mcvt%3D20%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D20%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D20%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D20%26dfvs%3D20%26dvpt%3D20%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2671%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D414449270%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4079%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,20;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1647962955067;ecn1=1;etm1=0;eid1=16;
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame C6DF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BU6gGSus5Yu6uHpWuzLUP4ZmawAHNx9KXRgAAABABILfjuCA4AViR25TCgwRgye6Oi8CkjBCyAQ9hcnN0ZWNobmljYS5jb226AQs0MDB4MzAwX3htbMgBBdoBd2h0dHBzOi8vYXJzdGVjaG5pY2EuY29tL2luZm9ybWF0aW9uLXRlY2hub2xvZ3kvMjAyMi8wMy9iZWhvbGQtYS1wYXNzd29yZC1waGlzaGluZy1zaXRlLXRoYXQtY2FuLXRyaWNrLWV2ZW4tc2F2dnktdXNlcnMvmAKa2gHAAgLgAgDqAjwvMzM3OS9jb25kZS5hcnMvaW5saW5lLXBsYXllci9pbmZvcm1hdGlvbi10ZWNobm9sb2d5L2FydGljbGX4AvLRHpAD4AOYA-ADqAMB4AQB0gUGELGNzfQVkAYBoAYkqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHH9IIBwiAYRABGF3YCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=UjRSKukH6LY&label=admute&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D20,0,0,0,0%26mtos%3D20,20,20,20,20%26amtos%3D0,0,0,0,0%26mcvt%3D20%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D20%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D20%26pst%3D-1%26dur%3D15018%26vmtime%3D-1%26dvs%3D20%26dfvs%3D20%26dvpt%3D20%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2671%26femvt%3D0%26emc%3D4%26emuc%3D0%26emb%3D3,0,0,0,0%26avms%3Dexc%26qi%3D414449270%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26ptlt%3D4079%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,20&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1647962955067&sdkv=h.3.506.0&vci=CnQIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgNEQ00gBCoJNTIzMDg3Njk0MgkxNjc5MDM4OTlAxARSNgi-BxAPJQAAcEEoAToLMTY3OTAzODk5LTFCBEdEQ01I6ARQAFoQOUdoVFpYV0Jmb0tnQ1B6QhgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m
secure-gg.imrworldwide.com/cgi-bin/ Frame D860 		44 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gg.imrworldwide.com/cgi-bin/m?ci=nlsnapi13033&am=48&ep=1&at=view&rt=banner&st=image&ca=dfp2965113109&cr=0&pc=5881677489&r=1647962954&c8=devgrp,DSK&c9=devid,&c10=plt,DSK&c13=asid,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-85-182.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=0&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962954664&de=553761600701&cu=1647962954664&m=1087&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11229&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A468%3A468%3A0%3A712&as=0&ag=54&an=0&gf=54&gg=0&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=54&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1064&cd=0&ah=1064&am=0&dq=107&dr=0&ds=107&dt=0&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5881677489%3A138383011217&dfp=0%2C1&la=5881677489&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&wx=GDFP&wy=5881677489&wz=138383011217&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=558326047&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:15 GMT
m
secure-gg.imrworldwide.com/cgi-bin/ Frame 2EB6 		44 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn318639&cr=crtve&ce=condenast&pc=condenast_plc0002&ci=nlsnci292&am=3&at=view&rt=banner&st=image&r=1404944459&c9=devid,&c13=asid,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-85-182.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
m
secure-gg.imrworldwide.com/cgi-bin/ Frame 942E 		44 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gg.imrworldwide.com/cgi-bin/m?ca=nlsn318868&cr=138383011217&ce=21698048816&pc=5881677489_21698048816&ci=nlsnci156&am=4&at=view&rt=banner&st=image&r=1404944459&c9=devid,&c13=asid,
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.235.85.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-235-85-182.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gg.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
sb.scorecardresearch.com/ Frame FD8D 		64 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1647962952822_1&ns_st_ec=2&ns_st_sp=1&ns_st_cn=1&ns_st_ev=end&ns_st_po=2985&ns_st_cl=854702&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_pt=2985&ns_st_pa=2985&ns_st_ci=60abade4dc31e5375248cba6&ns_ts=1647962955808&ns_st_bt=0&ns_st_bp=0&ns_st_pc=0&ns_st_pp=0&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&c8=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-45.ewr50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
wCoh5C9fR1bJi7qRpN749KZtZ7bHIs9AktUVBsAdp9IyT-nA_dB9Ow==
p
sb.scorecardresearch.com/ Frame FD8D 		64 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1647962952822_1&ns_st_ec=3&ns_st_sp=1&ns_st_sq=1&ns_st_cn=2&ns_st_ev=play&ns_st_po=0&ns_st_cl=15000&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=1&ns_st_ad=1&ns_st_ci=0&ns_ts=1647962955809&ns_st_bt=0&ns_st_bp=0&ns_st_br=0&ns_st_ub=0&ns_st_ct=va&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&c8=&c9=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-45.ewr50.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
KMlmHlyi03-j8TD7IsZRLNki-r86sFk5hcc_H1gyEkJqukKKdCQGvA==
track
capture.condenastdigital.com/ Frame FD8D 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-22T15%3A29%3A15.839Z&_c=Video%20Ad&_t=Ad%20Start&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&cId=60abade4dc31e5375248cba6&cKe=Unsolved%20Mysteries%2CArs%20Technica%20Unsolved%20Mysteries%2CQuantum%20Leap%2CUnsolved%20Mysteries%20Quantum%20Leap%2CQuantum%20leap%20show%2Cquantum%20leap%20ending%2Cquantum%20leap%20bakula%2CDonald%20P%20Bellisario%2CQuantum%20Leap%20Finale%2CQuantum%20Leap%20JFK%2CQuantum%20Leap%20Lee%20Harvey%20Oswald%2CQuantum%20Leap%20interview%2CScott%20Bakula%2CDean%20Stockwell%2CQuantum%20Leap%20Ziggy%2CQuantum%20Leap%20Al%2CQuantum%20Leap%20NBC%2CNBC%20Quantum%20Leap%2CQuantum%20Leap%20Episodes%2Cquantum%20leap%20intro%2Cquantum%20leap%20ars%20technica%2Cars%20technica%20quantum%20leap&cPd=2021-05-25T15%3A00%3A00%2B00%3A00&cTi=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=854&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&pWw=276&pWh=155.25&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&uId=793acb54-8a60-48cc-91e9-0be61845aed6&xid=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%222be6198%22%2C%22guid%22%3A%22bed541c0-6921-c9ef-4b7a-e241b75a79db%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Atrue%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_b0ed5a6f-d8a5-4f14-a6b5-421a821e65c7_text2vec1_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22523087694%22%2C%22adType%22%3A%22unknown%22%2C%22creativeId%22%3A%22167903899%22%2C%22wrapperAdIds%22%3A%5B%225881677489%22%5D%2C%22wrapperAdSystems%22%3A%5B%22GDFP%22%5D%2C%22dfpLineItem%22%3A%225881677489%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A0%7D&videoViews=1&adId=523087694
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:15 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ Frame FD8D 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-22T15%3A29%3A15.839Z&_c=Video%20View&_t=Any%20Start&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&cId=60abade4dc31e5375248cba6&cKe=Unsolved%20Mysteries%2CArs%20Technica%20Unsolved%20Mysteries%2CQuantum%20Leap%2CUnsolved%20Mysteries%20Quantum%20Leap%2CQuantum%20leap%20show%2Cquantum%20leap%20ending%2Cquantum%20leap%20bakula%2CDonald%20P%20Bellisario%2CQuantum%20Leap%20Finale%2CQuantum%20Leap%20JFK%2CQuantum%20Leap%20Lee%20Harvey%20Oswald%2CQuantum%20Leap%20interview%2CScott%20Bakula%2CDean%20Stockwell%2CQuantum%20Leap%20Ziggy%2CQuantum%20Leap%20Al%2CQuantum%20Leap%20NBC%2CNBC%20Quantum%20Leap%2CQuantum%20Leap%20Episodes%2Cquantum%20leap%20intro%2Cquantum%20leap%20ars%20technica%2Cars%20technica%20quantum%20leap&cPd=2021-05-25T15%3A00%3A00%2B00%3A00&cTi=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=854&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&pWw=276&pWh=155.25&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&uId=793acb54-8a60-48cc-91e9-0be61845aed6&xid=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%222be6198%22%2C%22guid%22%3A%22bed541c0-6921-c9ef-4b7a-e241b75a79db%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Atrue%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_b0ed5a6f-d8a5-4f14-a6b5-421a821e65c7_text2vec1_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22523087694%22%2C%22adType%22%3A%22unknown%22%2C%22creativeId%22%3A%22167903899%22%2C%22wrapperAdIds%22%3A%5B%225881677489%22%5D%2C%22wrapperAdSystems%22%3A%5B%22GDFP%22%5D%2C%22dfpLineItem%22%3A%225881677489%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A0%7D&videoViews=1&adId=523087694
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:15 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
async_usersync
ib.adnxs.com/ Frame F526 		0
739 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:15 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
1b070eb6-6b48-43ed-8b98-d91d868ffdc0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-22T15%3A29%3A15.876Z&_t=impressionViewable&cBr=Ars%20Technica&cKe=browser%20in%20the%20browser%7COAuth%7Cphishing%7Cscams&cCh=information%20technology&cTi=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=1325&cId=1842550&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pWw=1600&pWh=1200&pPw=1600&pPh=11200&pSw=1600&pSh=1200&uID=793acb54-8a60-48cc-91e9-0be61845aed6&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&uDt=desktop&dim1=%7B%22channel%22%3A%22information-technology%22%2C%22platform%22%3A%22wordpress%22%2C%22template%22%3A%22article%22%2C%22viewport%22%3A%22desktop%22%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22rail%22%2C%22size%22%3A%22300x600%22%7D&_o=ars-technica&_c=ad_metrics&xID=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&environment=prod&origin=ars-technica
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:15 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
get
choices.trustarc.com/ Frame A914 		287 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-62.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 03:16:12 GMT
via
1.1 3dd77c5199bed8cf64af9bc1af1f0d84.cloudfront.net (CloudFront)
server
nginx
age
2203983
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
EWR53-C2
timing-allow-origin
*
content-length
287
x-amz-cf-id
7b3CCFNLYoj9hsludA54hK6eOOAANvlFHwaYVK7zFCsHmddEFl4SRA==
expires
Sun, 27 Mar 2022 03:16:12 GMT
get
choices.trustarc.com/ Frame A914 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.26.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-26-62.ewr53.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Fri, 25 Feb 2022 03:16:13 GMT
via
1.1 3dd77c5199bed8cf64af9bc1af1f0d84.cloudfront.net (CloudFront)
server
nginx
age
2203982
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
EWR53-C2
timing-allow-origin
*
content-length
739
x-amz-cf-id
vJT9TUZnrOg3tblpaG-USngrtu2rxxGJ0Uzj5M4-W-9_5s5B4srRCg==
expires
Sun, 27 Mar 2022 03:16:12 GMT
px
p.adsymptotic.com/d/ Frame 2076 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px?_pid=11693&_psign=bf265992ae7fbdc1ab4b39651c157974&_puuid=65416946501074486881869476194977929017&_rand=148886561&_pp=adobeXtest&_redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=1524%26dpuuid=${UUID}
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=1&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962954664&de=553761600701&cu=1647962954664&m=1117&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11229&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A468%3A468%3A0%3A712&as=0&ag=54&an=54&gf=54&gg=54&ez=1&aj=1&pg=100&pf=100&ib=0&cc=0&bw=54&bx=54&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1064&cd=1064&ah=1064&am=1064&dq=107&dr=107&ds=107&dt=107&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ef=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5881677489%3A138383011217&dfp=0%2C1&la=5881677489&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=764801059&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:15 GMT
ibs:dpid=22069&dpuuid=2026798750376
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233
  • https://tag.yieldoptimizer.com/ps/ps?tc=888708189&t=i&p=2233
  • https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2026798750376
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2026798750376
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-0982af19e.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6FY/gylHRAY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:15 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2026798750376
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccf737db735abc5f02779e381e068a79b6ef8b3e7cdc6215df923f470ffcd70d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 15:29:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10550
x-xss-protection
0
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=228464857488266&ev=Spire-Studio-Segment&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&rl=&if=false&ts=1647962956065&cd[code]=&sw=1600&sh=1200&v=2.9.57&r=stable&ec=2&o=30&fbp=fb.1.1647962952547.812677402&it=1647962951383&coo=false&dpo=&tm=2&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:16 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Tue, 22 Mar 2022 15:29:16 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035094/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.225.214.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-45.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Tue, 22 Mar 2022 15:11:29 GMT
via
1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
1068
etag
"d41d8cd98f00b204e9800998ecf8427e"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
lxeqpgrTD6aTHG22kqDc98WBy0xdD-biEIil2behLPncnQ-1aUgyJA==

Redirect headers

date
Tue, 22 Mar 2022 15:29:16 GMT
via
1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
FRThMrQwy4J2ZtpDvubA5aBTFtB_7MTMKWCwKsl58zSZMbKXR73nrw==
ibs:dpid=575&dpuuid=-5274598048067465905
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=65416946501074486881869476194977929017
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=-5274598048067465905
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-5274598048067465905
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v030-0502a2934.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
RAY3eMB6Tzo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:16 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp6.us1
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-5274598048067465905
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Mar 2022 15:29:16 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-22T15%3A29%3A16.141Z&_t=timespent&cBr=Ars%20Technica&cKe=browser%20in%20the%20browser%7COAuth%7Cphishing%7Cscams&cCh=information%20technology&cTi=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=1325&cId=1842550&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pWw=1600&pWh=1200&pPw=1600&pPh=11200&pSw=1600&pSh=1200&uID=793acb54-8a60-48cc-91e9-0be61845aed6&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=general&xID=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&_v=5000&environment=prod&origin=ars-technica
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:16 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 61DD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 20 Mar 2022 18:26:37 GMT
expires
Mon, 20 Mar 2023 18:26:37 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
162159
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame A3F1 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cd1f09b50a60b60fde16c1c923e1d9ff79e629104596f7c5b2fe1997a0dc526f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yIsND7jvMiXcfNCbnI0z1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 22 Mar 2022 15:29:16 GMT
date
Tue, 22 Mar 2022 15:29:16 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-yIsND7jvMiXcfNCbnI0z1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js
pagead2.googlesyndication.com/bg/ Frame 61DD 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 16:43:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
81951
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13802
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 21 Mar 2023 16:43:25 GMT
ibs:dpid=53196&dpuuid=Q7012493551709562395P
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID)
  • https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7012493551709562395P
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7012493551709562395P
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-08fbc96d9.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
24hyc5DnSPE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Tue, 22 Mar 2022 15:29:16 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7012493551709562395P
Cache-Control
max-age=69547
Connection
keep-alive
Content-Type
text/html
Content-Length
154
sodar
pagead2.googlesyndication.com/pagead/ Frame A3F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022031601&jk=110291666100365&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 61DD 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fKq2iw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
ibs:dpid=73426&dpuuid=65416946501074486881869476194977929017
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=65416946501074486881869476194977929017&rn=1647962950635&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D654169465010744...
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=65416946501074486881869476194977929017
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=65416946501074486881869476194977929017
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v030-02b9b1fe6.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
mFb2sCNjT98=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Tue, 22 Mar 2022 15:29:16 GMT
via
1.1 27c608e7692c0c2238fa431356d5d6e2.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=65416946501074486881869476194977929017
content-length
105
x-amz-cf-id
KsVC3WlmgF6lp1YtQ9_qRjOUU_74vAODA2z2zQ4yeyLnlVLNBRILiA==
sn.ashx
dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_ED237649_36809EBA&redir=https://abp.mxptint.net/ Frame 2076
Redirect Chain
  • https://abp.mxptint.net/sn.ashx
  • https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_ED237649_36809EBA&redir=https://abp.mxptint.net/sn.ashx?ak=1
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_ED237649_36809EBA&redir=https://abp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v030-02bbec2ec.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3jSL6Zo0Tig=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_ED237649_36809EBA&redir=https://abp.mxptint.net/sn.ashx?ak=1
Date
Tue, 22 Mar 2022 15:29:16 GMT
Cache-Control
private
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
237
Strict-Transport-Security
max-age=-330949756; includeSubDomains
Content-Type
text/html; charset=utf-8
event
condenast.demdex.net/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://condenast.demdex.net/event?d_dil_ver=9.4&_ts=1647962956559
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.222.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-222-233.compute-1.amazonaws.com
Software
/
Resource Hash
bdc6274ba55886f9e0baacec3eb367365667ce5e7da13a944e5c874f44b6358a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-va6-2-v030-0adf8de4b.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
yN6KD9KwSHo=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
2283
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ibs:dpid=79908&dpuuid=YjnrTI884vQlRsAa7ViNo8c7
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=124&cm=65416946501074486881869476194977929017&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=YjnrTI884vQlRsAa7ViNo8c7
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=YjnrTI884vQlRsAa7ViNo8c7
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-0bba62cdf.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
VJxa3y8RQeQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Tue, 22 Mar 2022 15:29:16 GMT
server
Aorta/20220310.de5380a
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=YjnrTI884vQlRsAa7ViNo8c7
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-19-74.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
ibs:dpid=66757
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=65416946501074486881869476194977929017
  • https://dpm.demdex.net/ibs:dpid=66757?id=65416946501074486881869476194977929017&dpuuid=Ou6QJvtA
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=66757?id=65416946501074486881869476194977929017&dpuuid=Ou6QJvtA
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-1-v030-0a830971e.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
jG66SqpORqA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
//dpm.demdex.net/ibs:dpid=66757?id=65416946501074486881869476194977929017&dpuuid=Ou6QJvtA
date
Tue, 22 Mar 2022 15:29:16 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a006-ash-prod.krxd.net
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=2&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962954664&de=553761600701&cu=1647962954664&m=2060&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11229&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A468%3A468%3A7568%3A712&as=1&ag=1038&an=54&gi=1&gf=1038&gg=54&ez=1&kw=1847&aj=1&pg=100&pf=100&ib=0&dw=1&cc=1&bw=1038&bx=54&jz=1847&dj=1&dx=1&aa=0&ad=712&cn=0&gk=712&gl=0&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1847&cd=1064&ah=1847&am=1064&dq=890&dr=107&ds=890&dt=107&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=0&vt=11&vd=0&zMoatSRE=0.02228125&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7293&ef=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5881677489%3A138383011217&dfp=0%2C1&la=5881677489&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=869655786&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:16 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:16 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=3&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962954664&de=553761600701&cu=1647962954664&m=2063&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11229&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A468%3A468%3A7568%3A712&as=1&ag=1038&an=1038&gi=1&gf=1038&gg=1038&ez=1&kw=1847&aj=1&pg=100&pf=100&ib=0&dw=1&cc=1&bw=1038&bx=1038&jz=1847&dj=1&dx=1&aa=0&ad=712&cn=712&gk=712&gl=712&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1847&cd=1847&ah=1847&am=1847&dq=890&dr=890&ds=890&dt=890&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=11&vt=11&vd=0&zMoatSRE=0.02228125&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7293&ef=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5881677489%3A138383011217&dfp=0%2C1&la=5881677489&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=2100771488&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:16 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:16 GMT
ibs:dpid=121998&dpuuid=18e5d510535d83e400ed421cade1101f
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=65416946501074486881869476194977929017?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=18e5d510535d83e400ed421cade1101f
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=18e5d510535d83e400ed421cade1101f
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-0d7660ad5.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
llfd8OakRUM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:16 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=18e5d510535d83e400ed421cade1101f
cache-control
no-cache
x-server
10.40.3.107
content-length
0
expires
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022031601&jk=110291666100365&bg=!ExClEFTNAAba2mK92to7ACkAdvg8WgfmWklItGxzk9mNC7m19c9EyFRTG20HzMHRzf5F_WfTBH_xiQIAAABuUgAAAAJoAQcKAKrpMq2R45XCWFNfUxyjErmSQC2R-3TQnogNHweiRpzI_DCqMufCYLd4oygl6LJHV1rI2aSEU3ZILCJkNJzg2WjwpF0YyETNajhJnYNg69T3vRP80mRzP7SiLu_FDPPzjeZ8CKaNb7NGKImlJL7PWo4nFs0zmVlbMOgvHWG2ZHg-dSTD_icG3ENjVJ6XuA3eYFjqUFYLkTUxq3Zh9SNKr0Am-4XxvveZ79igzJkC4WY_pHKu4pvTrjBHblCov06Tf_R4Kkio3_gbE56ghr--fB_smLF1D3lBFFsG1hYZgZ7IcSzLM38iukrMDKJ8ISA2nJdF0D9deny-jqtsgdnsRJqUPlNQuJ63lQqgSINwgHm31k420FJGszJYgAD3qMy537yF2cibkXP2JrJr9BnmWFy_1ypbCHXQox3nbq_0dV6zURwr7dLuBp_s3XWE42jwUwCyoB354KZqZ-ltISQlmoVpictV7NanU6FeR8D-tlm6oN3eRQN4782Yas7UJvFjKwqBWTq7-c-PQTK95jHChzVSR8-DOFl2dRFk-V8coguMN4SF-vZeKOTrqayIqVd9m5HN8NB07BvImRcM9jvXRGTa0ysIUkyUNleZLXE30bL-BztzgSwexsOi5ECnP8eKHqkSFb8dsNfzn77KZo-6yKni3ugO9kRbxGLJmNz-IgmJYYmElAJiPPSL1wLjxsOcwEyO3XQNdnw8UyqDDMf_sczynL1aE5br_AFnKZrLfKh3vtxpjDq6TdzO3Eyz8d4NKD5J49xlCknvcKGS0K7iSsomv5hGzfC6zSCV5pRhzRt4oHsFJCmRLDYWtZYIrn6JrwN46aVzRYm2HnHFCOvURHWycS9j_kf7y05XQjJP_noG9bc4txunMyDgHfed4q1VI0OxSi5gjFczPbBlk8-8i3OLS_nfwI7gu7VDPe7sWUnEH_-qcJeaHQ94q3vmSTVbp96lmoDMEkZPGMwu6BXEkwrjwMeSc5dFIf_6jJulWtYbY2YBjVMVMWSbuTcz28IbjHZeW6ZnDsNyARuP1oYNy94GwwjOnZ-vB6Wk6EogaomcR3GAlzQH4rYR8plVpZtjLLmiFBkbuyXtOMkMNJ3rmrUFszJiMA9iW-FHIWi394m-KMBru1MkMXd2ySoAOtTNh8WqkNpplvkqmFk5QwybEBY_DYI72D3VKkZTK_5LCjxZN_VLMfl2fklKwo0fPfZ9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
u
dmp.v.fwmrm.net/ad/ Frame 2076 		0
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
2607:ae80:128:1::49 , United States, ASN26558 (FREEWHEEL, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:17 GMT
Content-Type
text/html
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame C9AF 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156512&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.84 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:15 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel
cm.g.doubleclick.net/ Frame 2076
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWpuclJ3QUFBRHBuUWdRTA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWpuclJ3QUFBRHBuUWdRTA==
Protocol
H3
Server
142.250.80.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s33-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:16 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647962957.990304,VS0,VE0
x-served-by
cache-ewr18152-EWR
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWpuclJ3QUFBRHBuUWdRTA==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 2076
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YjnrRwAAADpnQgQL&expires=90
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YjnrRwAAADpnQgQL&expires=90
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
f69a50991384d09413b97a37bb74928b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647962957.091601,VS0,VE0
x-served-by
cache-ewr18152-EWR
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YjnrRwAAADpnQgQL&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=4&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962954664&de=553761600701&cu=1647962954664&m=2467&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11229&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A468%3A468%3A7568%3A712&as=1&ag=1445&an=1038&gi=1&gf=1445&gg=1038&ez=1&kw=1847&aj=1&pg=100&pf=100&ib=0&dw=1&cc=1&bw=1445&bx=1038&jz=1847&dj=1&dx=1&aa=1&ad=1119&cn=712&gn=1&gk=1119&gl=712&cp=2254&cq=0&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2254&cd=1847&ah=2254&am=1847&dq=1297&dr=890&ds=1297&dt=890&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=11&vt=15&vd=0&zMoatSRE=0.02228125&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7293&ef=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5881677489%3A138383011217&dfp=0%2C1&la=5881677489&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1033340229&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:17 GMT
rum
dsum-sec.casalemedia.com/ Frame 2076
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjnrRwAAADpnQgQL
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjnrRwAAADpnQgQL
Protocol
HTTP/1.1
Server
23.208.68.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-68-242.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 15:29:17 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647962957.192938,VS0,VE0
x-served-by
cache-ewr18152-EWR
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YjnrRwAAADpnQgQL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
setuid
ib.adnxs.com/ Frame 2076
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YjnrRwAAADpnQgQL
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YjnrRwAAADpnQgQL
Protocol
HTTP/1.1
Server
68.67.160.75 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:17 GMT
X-Proxy-Origin
96.9.249.44; 96.9.249.44; 673.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
a3657550-93ff-4fe7-a70d-ef0ec78d3c40
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647962957.305615,VS0,VE0
x-served-by
cache-ewr18152-EWR
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YjnrRwAAADpnQgQL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 2076
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YjnrRwAAADpnQgQL
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YjnrRwAAADpnQgQL
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647962957.394618,VS0,VE0
x-served-by
cache-ewr18152-EWR
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YjnrRwAAADpnQgQL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-P1P55J3LNW&gtm=2oe3e0&_p=593358754&sr=1600x1200&ul=en-us&cid=1679509180.1647962950&dl=%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&dr=%2F&dt=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users%20%7C%20Ars%20Technica&sid=1647962951&sct=1&seg=0&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P1P55J3LNW&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:806::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2076
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjnrRwAAADpnQgQL
1 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjnrRwAAADpnQgQL
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 15:29:17 GMT
cache-control
no-store, no-cache, private
x-lat
va1pug017:0:465
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647962958.505522,VS0,VE0
x-served-by
cache-ewr18152-EWR
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YjnrRwAAADpnQgQL
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame 2076
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YjnrRwAAADpnQgQL&img=1
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YjnrRwAAADpnQgQL&img=1
Protocol
HTTP/1.1
Server
192.35.249.127 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:17 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
384
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647962958.606774,VS0,VE0
x-served-by
cache-ewr18152-EWR
x-cache
HIT
location
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YjnrRwAAADpnQgQL&img=1
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
b.php
www.facebook.com/fr/ Frame 2076
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YjnrRwAAADpnQgQL&t=2592000&o=0
43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YjnrRwAAADpnQgQL&t=2592000&o=0
Protocol
H3
Server
2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 08:29:17 PDT
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
esAz2zOmT8YMRbuu7veg1qopXOj+j/GyzK5bBIoaovf0rw6NfzFg78TK061eruPlbfSh+J1nBFXh5/76/rs2ow==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Tue, 22 Mar 2022 08:29:17 PDT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
via
1.1 varnish
server
Varnish
x-timer
S1647962958.718408,VS0,VE0
x-served-by
cache-ewr18152-EWR
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YjnrRwAAADpnQgQL&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=5&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962954664&de=553761600701&cu=1647962954664&m=3070&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11229&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A468%3A468%3A7568%3A712&as=1&ag=2049&an=1445&gi=1&gf=2049&gg=1445&ez=1&ck=2049&kw=1847&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=2049&bx=1445&ci=2049&jz=1847&dj=1&dx=1&undefined=1&aa=1&ad=1723&cn=1119&gn=1&gk=1723&gl=1119&cp=2254&cq=0&cr=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2858&cd=2254&ah=2858&am=2254&dq=1901&dr=1297&ds=1901&dt=1297&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=15&vt=21&vd=0&zMoatSRE=0.02228125&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7293&ef=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5881677489%3A138383011217&dfp=0%2C1&la=5881677489&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1395581138&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:17 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C6DF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkAKTZUyDfrWhs9c-apCat13LkHA4IyngLugaHle0oCgIGkzvGLqvfkm9y3_9RRMRbUn2XxFFJZ7b3hYKEkPkTrv1DTyN8&sig=Cg0ArKJSzE6628BxeRMfEAE&id=lidarv&acvw=sv%3D922%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D2071,0,0,0,0%26mtos%3D2071,2071,2071,2071,2071%26amtos%3D0,0,0,0,0%26mcvt%3D2071%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2071%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D461%26pst%3D453%26dur%3D15018%26vmtime%3D2000%26dtos%3D2071%26dtoss%3D1%26dvs%3D2051%26dfvs%3D2051%26dvpt%3D2051%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2671%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D13,0,0,0,0%26avms%3Dexc%26qi%3D414449270%26psm%3D-2147483641%26psv%3D-2147483641%26psfv%3D-2147483641%26psa%3D0%26ptlt%3D6128%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,2071&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1647962955067
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI7vuFtITa9gIVFRezAB3hjAYYEAEYACCbhYhQ;met=1;acvw=sv%3D922%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D2071,0,0,0,0%26mtos%3D2071,2071,2071,2071,2071%26amtos%3D0,...
ade.googlesyndication.com/ddm/activity/ Frame C6DF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7vuFtITa9gIVFRezAB3hjAYYEAEYACCbhYhQ;met=1;acvw=sv%3D922%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D2071,0,0,0,0%26mtos%3D2071,2071,2071,2071,2071%26amtos%3D0,0,0,0,0%26mcvt%3D2071%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2071%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D461%26pst%3D453%26dur%3D15018%26vmtime%3D2000%26dtos%3D2071%26dtoss%3D1%26dvs%3D2051%26dfvs%3D2051%26dvpt%3D2051%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2671%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D13,0,0,0,0%26avms%3Dexc%26qi%3D414449270%26psm%3D-2147483641%26psv%3D-2147483641%26psfv%3D-2147483641%26psa%3D0%26ptlt%3D6128%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,2071;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1647962955067;ecn1=1;etm1=0;eid1=200000;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame C6DF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstVafsfN9XTw8KCBRd9T7ceiCl3OV9C3Q0CIL6Ax88Ggub1H_lEYnI2SKpfgETxAFgRRa5udIDJk-sLfXEHPgyLck3PA8QV5Z22nvRfmNqbRqvNJd9F&sig=Cg0ArKJSzHRVnIt5QJNpEAE&id=lidarv&acvw=sv%3D922%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D2071,0,0,0,0%26mtos%3D2071,2071,2071,2071,2071%26amtos%3D0,0,0,0,0%26mcvt%3D2071%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2071%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D461%26pst%3D453%26dur%3D15018%26vmtime%3D2000%26dtos%3D2071%26dtoss%3D1%26dvs%3D2051%26dfvs%3D2051%26dvpt%3D2051%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D2671%26femvt%3D0%26emc%3D14%26emuc%3D0%26emb%3D13,0,0,0,0%26avms%3Dexc%26qi%3D414449270%26psm%3D-2147483641%26psv%3D-2147483641%26psfv%3D-2147483641%26psa%3D0%26ptlt%3D6128%26pngs%3D9,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,2071&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1647962955067
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=2&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=6&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962954664&de=553761600701&cu=1647962954664&m=3071&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11229&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A468%3A468%3A7568%3A712&as=1&ag=2049&an=2049&gi=1&gf=2049&gg=2049&ez=1&ck=2049&kw=1847&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=2049&bx=2049&ci=2049&jz=1847&dj=1&dx=1&undefined=1&aa=1&ad=1723&cn=1723&gn=1&gk=1723&gl=1723&cp=2254&cq=0&cr=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2858&cd=2858&ah=2858&am=2858&dq=1901&dr=1901&ds=1901&dt=1901&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=21&vt=21&vd=0&zMoatSRE=0.02228125&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7293&ef=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5881677489%3A138383011217&dfp=0%2C1&la=5881677489&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=490378804&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:17 GMT
ibs:dpid=161033&dpuuid=
dpm.demdex.net/ Frame 2076
Redirect Chain
  • https://pixel.onaudience.com/?partner=130&mapped=65416946501074486881869476194977929017&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m
  • https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
42 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
Protocol
HTTP/1.1
Server
3.214.48.204 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-214-48-204.compute-1.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-va6-2-v030-00a440d46.edge-va6.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
104,300
X-TID
4xH0EZL3TFM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
content-length
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=conde.ars&zMoatAdUnit2=rail&zMoatAdUnit3=information-technology&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1110&gp=879.015625&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962949354&de=584683710897&rx=134794783198&cu=1647962949354&m=8384&ar=359f21c1e97-clean&iw=8105762&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=879.015625&lb=11229&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=53&vx=53%3A-%3A-&pe=1%3A468%3A468%3A7568%3A712&as=1&ag=5038&an=1130&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1130&kw=902&aj=1&pg=84&pf=84&ib=1&cc=1&bw=5038&bx=1130&ci=1130&jz=902&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4927&cd=902&ah=4927&am=902&xd=00&rf=0&re=1&ft=4675&fv=767&fw=767&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.ars&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=197273&na=895313977&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:17 GMT
image.sbxx
ib.mookie1.com/ Frame 2076
Redirect Chain
  • https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=65416946501074486881869476194977929017
  • https://ib.mookie1.com/image.sbix?go=244346&pid=268&xid=65416946501074486881869476194977929017
  • https://dpm.demdex.net/ibs:dpid=285689&dpuuid=65416946501074486881869476194977929017&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D
  • https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=65416946501074486881869476194977929017
  • https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=65416946501074486881869476194977929017
120 B
926 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=65416946501074486881869476194977929017
Protocol
HTTP/1.1
Server
64.58.232.180 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 15:29:18 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS02
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Tue, 22 Mar 2022 15:29:17 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=244346&pid=268&xid=65416946501074486881869476194977929017
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
LAS08
Content-Type
text/html; charset=utf-8
Content-Length
223
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=3&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=7&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962954664&de=553761600701&cu=1647962954664&m=3474&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11229&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A468%3A468%3A7568%3A712&as=1&ag=2452&an=2049&gi=1&gf=2452&gg=2049&ez=1&ck=2049&kw=1847&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=2452&bx=2049&ci=2049&jz=1847&dj=1&dx=1&undefined=1&aa=1&ad=2126&cn=1723&gn=1&gk=2126&gl=1723&co=2126&cp=2254&cq=0&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3261&cd=2858&ah=3261&am=2858&dq=2304&dr=1901&ds=2304&dt=1901&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=21&vt=25&vd=0&zMoatSRE=0.02228125&zMoatVSD=15&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7293&ef=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5881677489%3A138383011217&dfp=0%2C1&la=5881677489&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1312387778&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:18 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:18 GMT
___tp.gif
analytics.responsiveads.com/ Frame 92D6 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.responsiveads.com/___tp.gif?fls=1600x433&rada=&radb=&aid=6227aaa551c2212df5bf8069&fl=6227aaa551c2212df5bf806a&deployment=62290fb251c2212df5bf8b1c&vid=&pu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&dm=arstechnica.com&asid=5945896294&ascid=138384132668&pcat=3&sr=1600x1200&vs=1600x1200&as=1600x433&o=null&ald=null&ascb=885225794&uuid=77429bd1-8072-4b72-9b56-4aa001beb8e0&ec=0&e=interact.video&v=25&elId=auto&parentelementId=a2&cb=1647962958470
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.255.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-255-175.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:18 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
image/gif
dt
dt.adsafeprotected.com/ Frame FB9B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=897507&asId=bb924dad-14b6-4a84-8fc3-b5e835ef7fc0&tv=%7Bc:7By0mU,pingTime:5,time:5296,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:32%7D,%7Bpiv:0,vs:o,r:l,t:106%7D,%7Bpiv:84,vs:i,r:,t:295%7D,%7Bpiv:53,vs:pp,t:466%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:171,o:295,n:106,pp:4830,pm:0%7D,slEvents:%5B%7Bsl:n,t:32,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B97~1%5D,as:%5B97~300.600%5D%7D%7D,%7Bsl:o,t:106,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B189~0%5D,as:%5B189~300.600%5D%7D%7D,%7Bsl:i,t:295,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:84,obst:0,th:0,reas:,bkn:%7Bpiv:%5B171~75%5D,as:%5B171~300.600%5D%7D%7D,%7Bsl:pp,t:466,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:53,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4830~50%5D,as:%5B4830~300.600%5D%7D%7D%5D,slEventCount:4,em:true,fr:false,e:,tt:rjss,dtt:331,fm:t0PaBLC+11%7C12%7C13%7C14%7C151%7C1521%7C16%7C171%7C1721%7C18%7C19%7C1a%7C1b11%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j*.897507-59604290%7C1j1%7C1k%7C1l%7C1m,idMap:1j.2cc77e28-c5f7-8e4d-678a-b0414cfd97eb.65_925175%7C1j*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.221.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-221-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:18 GMT
x-server-name
dt10.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame FB9B 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925175&asId=2cc77e28-c5f7-8e4d-678a-b0414cfd97eb&tv=%7Bc:7By0tg,pingTime:5,time:5548,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:351%7D,%7Bpiv:0,vs:o,r:l,t:438%7D,%7Bpiv:53,vs:pp,r:,t:547%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:547,n:438,pp:5001,pm:0%7D,slEvents:%5B%7Bsl:n,t:351,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B105~1,0~0%5D,as:%5B105~300.600%5D%7D%7D,%7Bsl:o,t:438,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B109~0%5D,as:%5B109~300.600%5D%7D%7D,%7Bsl:pp,t:547,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:53,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~50%5D,as:%5B5001~300.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:137,fm:t0PaBLC+11%7C12%7C13%7C14%7C151%7C1521%7C16%7C171%7C1721%7C18%7C19%7C1a%7C1b11%7C1b12%7C1b13%7C1b14%7C1b15%7C1b16%7C1b17%7C1b18%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i%7C1j*.925175%7C1j1%7C1j2%7C1j3%7C1j4%7C1k%7C1l%7C1m%7C1n,idMap:1j.bb924dad-14b6-4a84-8fc3-b5e835ef7fc0.62_897507-59604290%7C1j*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.239.221.169 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-239-221-169.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:19 GMT
x-server-name
dt08.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dc_oe=ChMI7vuFtITa9gIVFRezAB3hjAYYEAEYACCbhYhQ;met=1;acvw=sv%3D922%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D4045,0,0,0,0%26mtos%3D4045,4045,4045,4045,4045%26amtos%3D0,...
ade.googlesyndication.com/ddm/activity/ Frame C6DF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7vuFtITa9gIVFRezAB3hjAYYEAEYACCbhYhQ;met=1;acvw=sv%3D922%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D4045,0,0,0,0%26mtos%3D4045,4045,4045,4045,4045%26amtos%3D0,0,0,0,0%26mcvt%3D4045%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4045%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D864%26pst%3D453%26dur%3D15018%26vmtime%3D4001%26dtos%3D1974%26dtoss%3D2%26dvs%3D1974%26dfvs%3D1974%26dvpt%3D1974%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4045,4045,4045,4045,4045%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D2671%26femvt%3D0%26emc%3D23%26emuc%3D0%26emb%3D22,0,0,0,0%26avms%3Dexc%26qi%3D414449270%26psm%3D-2147483617%26psv%3D-2147483617%26psfv%3D-2147483617%26psa%3D0%26ptlt%3D8102%26pngs%3D9s,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,4045;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1647962955067;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame C6DF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BU6gGSus5Yu6uHpWuzLUP4ZmawAHNx9KXRgAAABABILfjuCA4AViR25TCgwRgye6Oi8CkjBCyAQ9hcnN0ZWNobmljYS5jb226AQs0MDB4MzAwX3htbMgBBdoBd2h0dHBzOi8vYXJzdGVjaG5pY2EuY29tL2luZm9ybWF0aW9uLXRlY2hub2xvZ3kvMjAyMi8wMy9iZWhvbGQtYS1wYXNzd29yZC1waGlzaGluZy1zaXRlLXRoYXQtY2FuLXRyaWNrLWV2ZW4tc2F2dnktdXNlcnMvmAKa2gHAAgLgAgDqAjwvMzM3OS9jb25kZS5hcnMvaW5saW5lLXBsYXllci9pbmZvcm1hdGlvbi10ZWNobm9sb2d5L2FydGljbGX4AvLRHpAD4AOYA-ADqAMB4AQB0gUGELGNzfQVkAYBoAYkqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHH9IIBwiAYRABGF3YCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=UjRSKukH6LY&label=videoplaytime25&ad_mt=4002&acvw=sv%3D922%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D4045,0,0,0,0%26mtos%3D4045,4045,4045,4045,4045%26amtos%3D0,0,0,0,0%26mcvt%3D4045%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D4045%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D864%26pst%3D453%26dur%3D15018%26vmtime%3D4001%26dtos%3D1974%26dtoss%3D2%26dvs%3D1974%26dfvs%3D1974%26dvpt%3D1974%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4045,4045,4045,4045,4045%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D2671%26femvt%3D0%26emc%3D23%26emuc%3D0%26emb%3D22,0,0,0,0%26avms%3Dexc%26qi%3D414449270%26psm%3D-2147483617%26psv%3D-2147483617%26psfv%3D-2147483617%26psa%3D0%26ptlt%3D8102%26pngs%3D9s,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,4045&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1647962955067&sdkv=h.3.506.0&vci=CnQIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgNEQ00gBCoJNTIzMDg3Njk0MgkxNjc5MDM4OTlAxARSNgi-BxAPJQAAcEEoAToLMTY3OTAzODk5LTFCBEdEQ01I6ARQAFoQOUdoVFpYV0Jmb0tnQ1B6QhgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
capture.condenastdigital.com/ Frame FD8D 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-22T15%3A29%3A19.728Z&_c=Video%20Ad&_t=Ad%201st%20Quartile&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&cId=60abade4dc31e5375248cba6&cKe=Unsolved%20Mysteries%2CArs%20Technica%20Unsolved%20Mysteries%2CQuantum%20Leap%2CUnsolved%20Mysteries%20Quantum%20Leap%2CQuantum%20leap%20show%2Cquantum%20leap%20ending%2Cquantum%20leap%20bakula%2CDonald%20P%20Bellisario%2CQuantum%20Leap%20Finale%2CQuantum%20Leap%20JFK%2CQuantum%20Leap%20Lee%20Harvey%20Oswald%2CQuantum%20Leap%20interview%2CScott%20Bakula%2CDean%20Stockwell%2CQuantum%20Leap%20Ziggy%2CQuantum%20Leap%20Al%2CQuantum%20Leap%20NBC%2CNBC%20Quantum%20Leap%2CQuantum%20Leap%20Episodes%2Cquantum%20leap%20intro%2Cquantum%20leap%20ars%20technica%2Cars%20technica%20quantum%20leap&cPd=2021-05-25T15%3A00%3A00%2B00%3A00&cTi=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=854&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&pWw=276&pWh=155.25&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&uId=793acb54-8a60-48cc-91e9-0be61845aed6&xid=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%222be6198%22%2C%22guid%22%3A%22bed541c0-6921-c9ef-4b7a-e241b75a79db%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Atrue%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_b0ed5a6f-d8a5-4f14-a6b5-421a821e65c7_text2vec1_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22523087694%22%2C%22adType%22%3A%22unknown%22%2C%22creativeId%22%3A%22167903899%22%2C%22wrapperAdIds%22%3A%5B%225881677489%22%5D%2C%22wrapperAdSystems%22%3A%5B%22GDFP%22%5D%2C%22dfpLineItem%22%3A%225881677489%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A0%7D&videoViews=1&adId=523087694
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:19 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=1&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=8&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962954664&de=553761600701&cu=1647962954664&m=5065&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11229&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A468%3A468%3A7568%3A712&as=1&ag=3860&an=2452&gi=1&gf=3860&gg=2452&ez=1&ck=2049&kw=1847&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=3860&bx=2452&ci=2049&jz=1847&dj=1&dx=1&undefined=1&aa=1&ad=3534&cn=2126&gn=1&gk=3534&gl=2126&co=2126&cp=2254&cq=0&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4870&cd=3261&ah=4870&am=3261&dq=3913&dr=2304&ds=3913&dt=2304&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=25&vt=40&vd=0&zMoatSRE=0.02228125&zMoatVSD=15&dh=15000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7293&fh=3860&fi=3860&fj=0&ef=1&eg=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5881677489%3A138383011217&dfp=0%2C1&la=5881677489&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1007173210&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:19 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=9&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962954664&de=553761600701&cu=1647962954664&m=5067&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11229&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A468%3A468%3A7568%3A712&as=1&ag=3860&an=3860&gi=1&gf=3860&gg=3860&ez=1&ck=2049&kw=1847&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=3860&bx=3860&ci=2049&jz=1847&dj=1&dx=1&undefined=1&aa=1&ad=3534&cn=3534&gn=1&gk=3534&gl=3534&co=2126&cp=2254&cq=0&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4870&cd=4870&ah=4870&am=4870&dq=3913&dr=3913&ds=3913&dt=3913&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=40&vt=40&vd=0&zMoatSRE=0.02228125&zMoatVSD=15&dh=15000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7293&fh=3860&fi=3860&fj=3860&ef=1&eg=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5881677489%3A138383011217&dfp=0%2C1&la=5881677489&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=154403736&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:19 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-22T15%3A29%3A20.058Z&_t=adBlock&cBr=Ars%20Technica&cKe=browser%20in%20the%20browser%7COAuth%7Cphishing%7Cscams&cCh=information%20technology&cTi=Behold%2C%20a%20password%20phishing%20site%20that%20can%20trick%20even%20savvy%20users&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=1325&cId=1842550&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pWw=1600&pWh=1200&pPw=1600&pPh=11200&pSw=1600&pSh=1200&uID=793acb54-8a60-48cc-91e9-0be61845aed6&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&uDt=desktop&aam_uuid=65416946501074486881869476194977929017&dim1=%7B%22runtimeId%22%3A%22rQeYzu5V8He6a%22%2C%22device%22%3A%22desktop%22%2C%22pageContext%22%3A%7B%22contentType%22%3A%22article%22%2C%22templateType%22%3A%22article%22%2C%22channel%22%3A%22information-technology%22%2C%22slug%22%3A%22behold-a-password-phishing-site-that-can-trick-even-savvy-users%22%2C%22server%22%3A%22production%22%2C%22keywords%22%3A%7B%22tags%22%3A%5B%22browser-in-the-browser%22%2C%22oauth%22%2C%22phishing%22%2C%22scams%22%5D%2C%22cm%22%3A%5B%5D%2C%22platform%22%3A%5B%22wordpress%22%5D%2C%22copilotid%22%3A%22%22%7D%2C%22adBlock%22%3Afalse%7D%2C%22adBlock%22%3Afalse%7D&_o=ars-technica&_c=ad_metrics&xID=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&environment=prod&origin=ars-technica
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:20 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:20 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pop
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pop?wklz=A4e2C4EMGMBcEsBukEgHYF4EFsCmAnAMgFcBHDARkOkm2EngHM14ATSgBgDYBmAJj4B2QgGcQxfNFwYARuLRSAHoUiNcaWBgBWIwthCtpHQgHdcMkfFi42GPgA5uhRPEsJ2FLgBZBATi58vgCsPEG+Xr5Ohi5StlzcFL6BHF58PDz2gvaRvvaE9GouuCa2VCK4pMTqsexc1AA28OqwOLgisLTAlN5+Af4cYUENTRqQwEgEluhYqjyE0fBSGKxAA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:20 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=30&q=0&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=10&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962954664&de=553761600701&cu=1647962954664&m=6086&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11229&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A468%3A468%3A7568%3A712&as=1&ag=5064&an=3860&gi=1&gf=5064&gg=3860&ez=1&ck=2049&kw=1847&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=5064&bx=3860&ci=2049&jz=1847&dj=1&dx=1&undefined=1&aa=1&ad=4738&cn=3534&gn=1&gk=4738&gl=3534&co=2126&cp=2254&cq=0&cr=1&ew=1&ex=1&hj=0&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=6074&cd=4870&ah=6074&am=4870&dq=5117&dr=3913&ds=5117&dt=3913&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=40&vt=53&vd=0&zMoatSRE=0.02228125&zMoatVSD=15&dh=15000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7293&ek=1&fh=3860&fi=5064&fj=3860&ef=1&eg=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5881677489%3A138383011217&dfp=0%2C1&la=5881677489&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=177593834&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:20 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:20 GMT
___tp.gif
analytics.responsiveads.com/ Frame 92D6 		43 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.responsiveads.com/___tp.gif?fls=1600x433&rada=&radb=&aid=6227aaa551c2212df5bf8069&fl=6227aaa551c2212df5bf806a&deployment=62290fb251c2212df5bf8b1c&vid=&pu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&dm=arstechnica.com&asid=5945896294&ascid=138384132668&pcat=3&sr=1600x1200&vs=1600x1200&as=1600x433&o=null&ald=null&ascb=885225794&uuid=77429bd1-8072-4b72-9b56-4aa001beb8e0&ec=0&e=interact.video&v=50&elId=auto&parentelementId=a2&cb=1647962962222
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.255.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-255-175.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 15:29:22 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
image/gif
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=conde.ars&zMoatAdUnit2=rail&zMoatAdUnit3=information-technology&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=8&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1110&gp=879.015625&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962949354&de=584683710897&rx=134794783198&cu=1647962949354&m=13406&ar=359f21c1e97-clean&iw=8105762&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=879.015625&lb=11229&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=53&vx=53%3A-%3A-&pe=1%3A468%3A468%3A7568%3A712&as=1&ag=10061&an=5038&gf=0&gg=0&ix=0&ic=0&ez=1&ck=1130&kw=902&aj=1&pg=84&pf=84&ib=1&cc=1&bw=10061&bx=5038&ci=1130&jz=902&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9952&cd=4927&ah=9952&am=4927&xd=00&rf=0&re=1&ft=6584&fv=4675&fw=767&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.ars&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&oq=0&ot=cc&zMoatJS=3%3A-&tc=0&fs=197273&na=1743691197&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:22 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:22 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=4&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=11&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962954664&de=553761600701&cu=1647962954664&m=8698&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11229&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A468%3A468%3A7568%3A712&as=1&ag=7676&an=5064&gi=1&gf=7676&gg=5064&ez=1&ck=2049&kw=1847&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=7676&bx=5064&ci=2049&jz=1847&dj=1&dx=1&undefined=1&aa=1&ad=7350&cn=4738&gn=1&gk=7350&gl=4738&co=2126&cp=2254&cq=0&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8485&cd=6074&ah=8485&am=6074&dq=7528&dr=5117&ds=7528&dt=5117&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=53&vt=81&vd=0&zMoatSRE=0.02228125&zMoatVSD=15&dh=15000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7293&ek=1&fh=3860&fi=7676&fj=5064&ef=1&eg=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5881677489%3A138383011217&dfp=0%2C1&la=5881677489&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1854314314&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:23 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:23 GMT
dc_oe=ChMI7vuFtITa9gIVFRezAB3hjAYYEAEYACCbhYhQ;met=1;acvw=sv%3D922%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D7797,0,0,0,0%26mtos%3D7797,7797,7797,7797,7797%26amtos%3D0,...
ade.googlesyndication.com/ddm/activity/ Frame C6DF 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7vuFtITa9gIVFRezAB3hjAYYEAEYACCbhYhQ;met=1;acvw=sv%3D922%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D7797,0,0,0,0%26mtos%3D7797,7797,7797,7797,7797%26amtos%3D0,0,0,0,0%26mcvt%3D7797%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7797%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1665%26pst%3D453%26dur%3D15018%26vmtime%3D7753%26dtos%3D3752%26dtoss%3D3%26dvs%3D3752%26dfvs%3D3752%26dvpt%3D3752%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3752,3752,3752,3752,3752%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D2671%26femvt%3D0%26emc%3D42%26emuc%3D0%26emb%3D41,0,0,0,0%26avms%3Dexc%26qi%3D414449270%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26ptlt%3D11854%26pngs%3D9s,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,7797;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1647962955067;ecn1=1;etm1=0;eid1=18;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s73-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame C6DF 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BU6gGSus5Yu6uHpWuzLUP4ZmawAHNx9KXRgAAABABILfjuCA4AViR25TCgwRgye6Oi8CkjBCyAQ9hcnN0ZWNobmljYS5jb226AQs0MDB4MzAwX3htbMgBBdoBd2h0dHBzOi8vYXJzdGVjaG5pY2EuY29tL2luZm9ybWF0aW9uLXRlY2hub2xvZ3kvMjAyMi8wMy9iZWhvbGQtYS1wYXNzd29yZC1waGlzaGluZy1zaXRlLXRoYXQtY2FuLXRyaWNrLWV2ZW4tc2F2dnktdXNlcnMvmAKa2gHAAgLgAgDqAjwvMzM3OS9jb25kZS5hcnMvaW5saW5lLXBsYXllci9pbmZvcm1hdGlvbi10ZWNobm9sb2d5L2FydGljbGX4AvLRHpAD4AOYA-ADqAMB4AQB0gUGELGNzfQVkAYBoAYkqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAOAHH9IIBwiAYRABGF3YCAKACgWYCwGADAHQFQH4FgGAFwE&sigh=UjRSKukH6LY&label=videoplaytime50&ad_mt=7754&acvw=sv%3D922%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D665,1122,820,1398%26tos%3D7797,0,0,0,0%26mtos%3D7797,7797,7797,7797,7797%26amtos%3D0,0,0,0,0%26mcvt%3D7797%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D7797%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1665%26pst%3D453%26dur%3D15018%26vmtime%3D7753%26dtos%3D3752%26dtoss%3D3%26dvs%3D3752%26dfvs%3D3752%26dvpt%3D3752%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D16782099%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3752,3752,3752,3752,3752%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D2671%26femvt%3D0%26emc%3D42%26emuc%3D0%26emb%3D41,0,0,0,0%26avms%3Dexc%26qi%3D414449270%26psm%3D-2147483393%26psv%3D-2147483393%26psfv%3D-2147483393%26psa%3D0%26ptlt%3D11854%26pngs%3D9s,14,15s%26ssb%3D0,0,0,0,0,0,0,0,0,0,7797&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.02%26t%3D1647962955067&sdkv=h.3.506.0&vci=CnQIARIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgNEQ00gBCoJNTIzMDg3Njk0MgkxNjc5MDM4OTlAxARSNgi-BxAPJQAAcEEoAToLMTY3OTAzODk5LTFCBEdEQ01I6ARQAFoQOUdoVFpYV0Jmb0tnQ1B6QhgB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.165.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s70-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
capture.condenastdigital.com/ Frame FD8D 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-22T15%3A29%3A23.479Z&_c=Video%20Ad&_t=Ad%202nd%20Quartile&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&cId=60abade4dc31e5375248cba6&cKe=Unsolved%20Mysteries%2CArs%20Technica%20Unsolved%20Mysteries%2CQuantum%20Leap%2CUnsolved%20Mysteries%20Quantum%20Leap%2CQuantum%20leap%20show%2Cquantum%20leap%20ending%2Cquantum%20leap%20bakula%2CDonald%20P%20Bellisario%2CQuantum%20Leap%20Finale%2CQuantum%20Leap%20JFK%2CQuantum%20Leap%20Lee%20Harvey%20Oswald%2CQuantum%20Leap%20interview%2CScott%20Bakula%2CDean%20Stockwell%2CQuantum%20Leap%20Ziggy%2CQuantum%20Leap%20Al%2CQuantum%20Leap%20NBC%2CNBC%20Quantum%20Leap%2CQuantum%20Leap%20Episodes%2Cquantum%20leap%20intro%2Cquantum%20leap%20ars%20technica%2Cars%20technica%20quantum%20leap&cPd=2021-05-25T15%3A00%3A00%2B00%3A00&cTi=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=854&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&pID=eae3ccff-0843-45ac-8cff-0eff3278f998&pWw=276&pWh=155.25&sID=c6e234da-e66f-4616-8ecf-67f29b24d5cb&uId=793acb54-8a60-48cc-91e9-0be61845aed6&xid=d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%222be6198%22%2C%22guid%22%3A%22bed541c0-6921-c9ef-4b7a-e241b75a79db%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Atrue%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_b0ed5a6f-d8a5-4f14-a6b5-421a821e65c7_text2vec1_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22523087694%22%2C%22adType%22%3A%22unknown%22%2C%22creativeId%22%3A%22167903899%22%2C%22wrapperAdIds%22%3A%5B%225881677489%22%5D%2C%22wrapperAdSystems%22%3A%5B%22GDFP%22%5D%2C%22dfpLineItem%22%3A%225881677489%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A0%7D&videoViews=1&adId=523087694
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 15:29:23 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=2&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=12&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962954664&de=553761600701&cu=1647962954664&m=8816&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11229&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A468%3A468%3A7568%3A712&as=1&ag=7676&an=7676&gi=1&gf=7676&gg=7676&ez=1&ck=2049&kw=1847&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=7676&bx=7676&ci=2049&jz=1847&dj=1&dx=1&undefined=1&aa=1&ad=7350&cn=7350&gn=1&gk=7350&gl=7350&co=2126&cp=2254&cq=0&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8686&cd=8485&ah=8686&am=8485&dq=7729&dr=7528&ds=7729&dt=7528&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=81&vt=81&vd=0&zMoatSRE=0.02228125&zMoatVSD=15&dh=15000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7293&ek=1&fh=3860&fi=7676&fj=7676&ef=1&eg=1&eh=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5881677489%3A138383011217&dfp=0%2C1&la=5881677489&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1704091705&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:23 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:23 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=5&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=13&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962954664&de=553761600701&cu=1647962954664&m=8900&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11229&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A468%3A468%3A7568%3A712&as=1&ag=7879&an=7676&gi=1&gf=7879&gg=7676&ez=1&ck=2049&kw=1847&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=7879&bx=7676&ci=2049&jz=1847&dj=1&dx=1&undefined=1&aa=1&ad=7553&cn=7350&gn=1&gk=7553&gl=7350&co=2126&cp=2254&cq=0&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8686&cd=8686&ah=8686&am=8686&dq=7729&dr=7729&ds=7729&dt=7729&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=81&vt=83&vd=0&zMoatSRE=0.02228125&zMoatVSD=15&dh=15000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7293&ek=1&fh=3860&fi=7879&fj=7676&ef=1&eg=1&eh=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5881677489%3A138383011217&dfp=0%2C1&la=5881677489&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=355442751&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:23 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:23 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=8&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=14&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&f=0&j=&t=1647962954664&de=553761600701&cu=1647962954664&m=8901&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11229&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A468%3A468%3A7568%3A712&as=1&ag=7879&an=7879&gi=1&gf=7879&gg=7879&ez=1&ck=2049&kw=1847&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=7879&bx=7879&ci=2049&jz=1847&dj=1&dx=1&undefined=1&aa=1&ad=7553&cn=7553&gn=1&gk=7553&gl=7553&co=2126&cp=2254&cq=0&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=8889&cd=8686&ah=8889&am=8686&dq=7932&dr=7729&ds=7932&dt=7729&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&vm=1&vl=83&vt=83&vd=0&zMoatSRE=0.02228125&zMoatVSD=15&dh=15000&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=7293&ek=1&fh=3860&fi=7879&fj=7879&ef=1&eg=1&eh=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5881677489%3A138383011217&dfp=0%2C1&la=5881677489&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1355740933&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:23 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:23 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&wf=1&ra=1&pxm=2&sgs=3&vb=8&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Farstechnica.com%2F%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F-&i=CONDECW3&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fcsvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-S7WFek%2FeXjptXQ%3D%3D&sc=1&os=1-Yw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=%24F!%2B%23kk!!J&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=7&h=433&w=1600&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&id=1&ii=4&cm=0&f=0&j=&t=1647962953003&de=929605487884&cu=1647962953003&m=11348&ar=359f21c1e97-clean&iw=879bdc6&cb=0&ym=0&ll=2&lm=0&ln=1&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=11229&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A468%3A468%3A7568%3A712&as=1&ag=10286&an=10084&gi=1&gf=10286&gg=10084&ix=10286&ic=10286&ez=1&ck=1299&kw=1034&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10286&bx=10084&ci=1299&jz=1034&dj=1&aa=1&ad=9980&cn=9778&gn=1&gk=9980&gl=9778&ik=9980&co=1212&cp=1439&cq=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10224&cd=10022&ah=10224&am=10022&xd=00&rf=0&re=1&ft=4889&fv=4889&fw=622&wb=2&cl=0&at=0&d=4478484671%3A2973410855%3A5945896294%3A138384132668&zMoatPlacID=21711241029&bo=21698048816&bp=21711241029&bd=Undefined&zMoatPT=article&zMoatST=post_nav&zMoatLL=Lazy%20Load%20Not%20Defined&zMoatRFSH=Refresh%20Not%20Defined&zMoatNoRFSH=true&dfp=0%2C1&la=21711241029&zMoatAltSL=bo%3AzMoatAdUnit2%3AzMoatAdUnit3&gw=condenastdfp9588492144&zMoatOrigSlicer1=21698048816&zMoatOrigSlicer2=21711241029&zMoatPS=post_nav_0&zMoatCNS=6.56.9&zMoatSZ=9x1&zMoatKWPos=Undefined&zMoatPlat=wordpress&zMoatMMV_MAX=na&dfpSlotId=post_nav_0&zMoatCURL=arstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users&zMoatDev=Desktop&hv=CONDECW3-constellation-crown&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&jm=-1&tz=post_nav_0&iq=na&tt=na&tc=0&fs=197273&na=1077399105&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.208.69.141 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-208-69-141.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 15:29:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 22 Mar 2022 15:29:24 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sstats.arstechnica.com
URL
https://sstats.arstechnica.com/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=F7093025512D2B690A490D44%40AdobeOrg&mid=65227220823465332891854408836296973280&ts=1647962951106
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2

Verdicts & Comments Add Verdict or Comment

232 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 function| structuredClone object| oncontextlost object| oncontextrestored object| ars object| dataLayer object| OneTrustStub function| OptanonWrapper function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| googletag object| cns object| sparrowQueue function| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| cnBus object| _perfRefForUserTimingPolyfill object| fastdom function| moatYieldReady object| BOOMR_mq object| apstag function| arsAdHeightManager function| adsStaticHeight object| Twig object| Arrive function| FPCountdown function| $ function| jQuery function| moment function| UAParser function| purl function| twig function| EvEmitter function| imagesLoaded function| easydropdown function| m function| transitionEnd function| arsVideoModulePlayerReady63855589 object| __memo_config function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| t object| twttr object| _cne string| hash object| __otccpaooLocation boolean| apstagLOADED object| ggeac object| google_js_reporting_queue object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| headertag object| __twttrll object| __twttr object| PolarConde object| NATIVEADS object| NATIVEADS_QUEUE undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_57336892 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi object| core object| SparrowConfigV2 object| MEMO object| google_tag_manager function| postscribe object| google_tag_manager_external string| referrer object| urlParams string| queryString string| fullUrl object| myParam object| publishDate object| now object| google_tag_data string| GoogleAnalyticsObject function| ga string| b object| h object| performanceConsent object| functionalConsent object| targetingConsent function| getVisitNumCustom number| d object| SparrowCache function| Sparrow boolean| sparrowInitialize object| _4d object| sparrow undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| NATIVEADS_STORE object| Optanon object| OneTrust function| e object| visitor object| adobe function| Visitor object| s_c_il number| s_c_in function| DIL object| dilInstance object| _qevents function| twq object| __adIq_Config string| _linkedin_partner_id object| _linkedin_data_partner_ids function| fbq function| _fbq function| addPixel function| hj object| _hjSettings string| TiktokAnalyticsObject object| ttq object| scrEm function| isAnExcludedLink object| gaplugins object| _aam_dataLayer undefined| userId boolean| _aam_spa number| google_global_correlator object| _google_rum_ns_ object| google_persistent_state_async object| closure_lm_975919 object| google object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| gaData function| lintrk boolean| _already_called_lintrk object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| bouncex object| Sailthru function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| auvars object| trx function| md5 object| closure_lm_536484 object| ampInaboxIframes object| ampInaboxPendingMessages function| docReady object| au object| autag object| closure_lm_883761 function| _typeof object| PARSELY function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie function| close_bouncex_ad object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

322 Cookies

Domain/Path Name / Value
widgets.outbrain.com/nanoWidget/externals/cookie Name: thirdparty
Value: yes
.youtube.com/ Name: YSC
Value: 0eVx978uYCk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: 0mnNhMRG5MA
.arstechnica.com/ Name: session_seen_posts
Value: 0
.arstechnica.com/ Name: seen_posts
Value:
arstechnica.com/ Name: usprivacy
Value: 1---
.rkdms.com/ Name: sessionid
Value: h-03ba1368f7a86072e968665ecc8e753e_t-1647962949
arstechnica.com/ Name: __srret
Value: 1
arstechnica.com/ Name: CN_visits_m
Value: 1648771200697%26vn%3D1
arstechnica.com/ Name: CN_in_visit_m
Value: true
.arstechnica.com/ Name: sID
Value: c6e234da-e66f-4616-8ecf-67f29b24d5cb
arstechnica.com/ Name: pID
Value: eae3ccff-0843-45ac-8cff-0eff3278f998
arstechnica.com/ Name: CN_sp
Value: 793acb54-8a60-48cc-91e9-0be61845aed6
arstechnica.com/ Name: CN_su
Value: e7ed335c-43c8-41e8-bb90-b7e263c20cb8
infinityid.condenastdigital.com/ Name: CN_xid
Value: d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35
infinityid.condenastdigital.com/ Name: CN_xid_refresh
Value: d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35
.outbrain.com/ Name: recs_89888ac3e76c60cda93aed33b39dc2a5
Value: 0B3852211456A4097603354A4101318333A4020128646A3506721393A4094016595ACD1
.outbrain.com/ Name: obuid
Value: 0972d6d1-9a4b-40ad-b877-075e2093243e
arstechnica.com/ Name: __srui
Value: d1b8df8a-a9f4-11ec-a9aa-8e07327cb917
arstechnica.com/ Name: CN_xid
Value: d5efd6f4-e37c-4e37-a0e7-a5c483b8ba35
.arstechnica.com/ Name: _gcl_au
Value: 1.1.1543226586.1647962950
arstechnica.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.arstechnica.com/ Name: _pubcid
Value: 76e3a471-4ef0-4409-92e3-24d19d9ae287
.arstechnica.com/ Name: OB-USER-TOKEN
Value: 0972d6d1-9a4b-40ad-b877-075e2093243e
.openx.net/ Name: i
Value: 76e3a471-4ef0-4409-92e3-24d19d9ae287|1647962950
.turn.com/ Name: uid
Value: 4137273106857289133
.demdex.net/ Name: demdex
Value: 65416946501074486881869476194977929017
.ad.gt/ Name: au_id
Value: df8afae4-be36-4903-9f4a-b3826d7e351f
.ad.gt/ Name: au_idmatch
Value: {"apn": "2022-03-22", "ttd": "2022-03-22", "pub": "2022-03-22", "adx": "2022-03-22", "halo": "2022-03-22", "goo": "2022-03-22", "smart": "2022-03-22", "mediamath": "2022-03-22", "unruly": "2022-03-22"}
.yahoo.com/ Name: A3
Value: d=AQABBEbrOWICEBibD1SbwlgQosiN0C8WtXoFEgEBAQE8O2JDYgAAAAAA_eMAAA&S=AQAAAibtiNDK0hvsqZJfogpJIKA
.scorecardresearch.com/ Name: UID
Value: 10D54a9c62c0f5156ea7c7b1647962950
.tapad.com/ Name: TapAd_TS
Value: 1647962950840
.tapad.com/ Name: TapAd_DID
Value: f5187042-5f14-4af5-9f23-8cb08038da53
.adnxs.com/ Name: icu
Value: ChgI_rtmEAoYASABKAEwxtbnkQY4AUABSAEQxtbnkQYYAA..
.rubiconproject.com/ Name: khaos
Value: L12ALATH-K-LNSR
.adnxs.com/ Name: uuid2
Value: 6141021567606092823
.arstechnica.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.arstechnica.com/ Name: _gid
Value: GA1.2.1309308925.1647962951
.arstechnica.com/ Name: AMCVS_F7093025512D2B690A490D44%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YjnrRwAAADpnQgQL
arstechnica.com/ Name: sailthru_pageviews
Value: 1
.adsrvr.org/ Name: TDID
Value: 05c5f2ba-e4d6-4fba-8f01-3cff13067e70
.linkedin.com/ Name: li_sugr
Value: f81064a0-5b88-4e23-ba9c-c8be0a830f4f
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&29dc1dd4-e91a-48ce-87dc-14b2c149010e"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2654:u=1:x=1:i=1647962951:t=1648049351:v=2:sig=AQHwbsujhIltQcbJiSjpIyPkiFuI8RPG"
.arstechnica.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Tue+Mar+22+2022+15%3A29%3A11+GMT%2B0000+(GMT)&version=6.23.0&hosts=&consentId=538ed823-96f3-4196-90d5-a0116f1cf29f&interactionCount=0&landingPath=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Fbehold-a-password-phishing-site-that-can-trick-even-savvy-users%2F&groups=C0001%3A1%2CC0003%3A1%2CC0004%3A1%2CC0002%3A1
.arstechnica.com/ Name: _dc_gtm_UA-31997-1
Value: 1
.pippio.com/ Name: did
Value: 1F6TQlaNIQTXCgH-
.pippio.com/ Name: didts
Value: 1647962951
.pippio.com/ Name: nnls
Value:
.amazon-adsystem.com/ Name: ad-id
Value: A85s9W8_OEO6jaSEOTH9IJE
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.dpm.demdex.net/ Name: dpm
Value: 65416946501074486881869476194977929017
.zemanta.com/ Name: zuid
Value: hzHZL_4QNgthsM8mf_bi
.zemanta.com/ Name: obuid
Value: dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
.agkn.com/ Name: ab
Value: 0001%3Aj1Fx0Rsshu%2FX5XucS46pmN91%2FqJ%2Bqrwn
.bidswitch.net/ Name: tuuid
Value: 62e8ec88-d2ea-41ea-a477-629331ac8f33
.bidswitch.net/ Name: c
Value: 1647962951
.krxd.net/ Name: _kuid_
Value: Ou6QJvtA
.geistm.com/ Name: gdpid
Value: WCCPdLpVuRfvG
.mathtag.com/ Name: uuid
Value: 81b96239-eb48-4800-8f99-27deec4d2451
.linkedin.com/ Name: UserMatchHistory
Value: AQJJ8aydPZpyGAAAAX-yPxCo2pxaf68UMBxeqptVOvhSILaYoujKPZ63g9E0Utqg75LlKeYYzSKehQ
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJ6jvVt3v76qQAAAX-yPxCoAI6bWaBodsFTaTn236L-6bL8NFQCK39Ui2j3_ebENtGzRdeuOe1LoodvG4Cnwg
.eyeota.net/ Name: mako_uid
Value: 17fb23f10d5-28b0000010a421b
.eyeota.net/ Name: SERVERID
Value: 16923~DM
.ad.gt/ Name: last_seeng_hosted
Value: 1647962951914
.ad.gt/ Name: g_hosted
Value:
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16990%3b%24o%3d11100
.ad.gt/ Name: last_seentd
Value: 1647962951969
.ad.gt/ Name: first_seentd
Value: 1647962951969
.adfarm1.adition.com/ Name: UserID1
Value: 7077946979591780497
.ad.gt/ Name: last_seenadnxs
Value: 1647962951985
.ad.gt/ Name: first_seenadnxs
Value: 1647962951985
arstechnica.com/ Name: cneplayercount
Value: 2
.outbrain.com/ Name: apnxs
Value: 6141021567606092823
.outbrain.com/ Name: ttd
Value: 05c5f2ba-e4d6-4fba-8f01-3cff13067e70
.mfadsrvr.com/ Name: tuuid
Value: 1d2bf79a-2aa2-4d4b-b6d5-7622945e46de
.mfadsrvr.com/ Name: c
Value: 1647962952
.mfadsrvr.com/ Name: tuuid_lu
Value: 1647962952
.arstechnica.com/ Name: __gads
Value: ID=9d3852e4f388491c:T=1647962950:S=ALNI_MYlhRUT3fbb2y6Y1yeNKgrlNM2leA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C
.doubleclick.net/ Name: IDE
Value: AHWqTUmmmoz477rAa83TkV86vSh9SyitVelOU3C0rZ6oPEFwPw2hNboMimUgG4PuH2E
.bidswitch.net/ Name: tuuid_lu
Value: 1647962952
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJwbBYeT9Aw0HJy-HdHI4HQ4xJEMORkRqCPG5qvqwnmGv5o9QI2r2quQ6aJQC4TM1
.creativecdn.com/ Name: u
Value: tRXbRqn9LRjMupaJwpN2
.creativecdn.com/ Name: ts
Value: 1647962952
.twitter.com/ Name: personalization_id
Value: "v1_Jc/Vx7yImWoTVyO9jppYzw=="
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!1959
.ad.gt/ Name: last_seenadx
Value: 1647962952197
.ad.gt/ Name: first_seenadx
Value: 1647962952197
.exelator.com/ Name: EE
Value: "f826f03c6c10c789179707af6a4a0bc0"
.pippio.com/ Name: pxrc
Value: CMjW55EGEgQIAhAAEgYI3awrEAA=
.outbrain.com/ Name: actvagnt
Value: 7077946979591780497
.ad.gt/ Name: last_seenmediamath
Value: 1647962952247
.arstechnica.com/ Name: AMCV_F7093025512D2B690A490D44%40AdobeOrg
Value: -408604571%7CMCIDTS%7C19074%7CMCMID%7C65227220823465332891854408836296973280%7CMCAAMLH-1648567751%7C7%7CMCAAMB-1648567751%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1647970151s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19081%7CvVersion%7C4.6.0
.smartadserver.com/ Name: pid
Value: 8687129380085137690
.outbrain.com/ Name: zmnta
Value: hzHZL_4QNgthsM8mf_bi
.t.co/ Name: muc_ads
Value: af1a53f8-781b-4466-8072-eb522e8dd162
.outbrain.com/ Name: rbcn
Value: L12ALATH-K-LNSR
.quantserve.com/ Name: mc
Value: 6239eb48-53cda-87769-d4810
.casalemedia.com/ Name: CMID
Value: YjnrSETtBJYiRIvboXIHjAAA
.casalemedia.com/ Name: CMPS
Value: 1017
arstechnica.com/ Name: sailthru_content
Value: c98d004dd5805db4ff95896abb7060c4
arstechnica.com/ Name: sailthru_visitor
Value: 13e7f341-70a7-4f22-bf56-e865e31f2e31
.advertising.com/ Name: APID
Value: UPd35c2be1-a9f4-11ec-9212-029922c6cb47
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHNwsgszcA42SzZ0CDZ3MLS0NzS3MA8Mc0s0STRICnZYHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJySX5RZvqi0ODFRSlpDItKik8F77%252BpAABs5SoT"
.arstechnica.com/ Name: _fbp
Value: fb.1.1647962952547.812677402
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&2022032215291288bee979-a377-4ea4-8c49-a97e3e5369a5AQHRAgJKl8P_xXNaG9znaSsKFymLfLb8"
.ad.gt/ Name: last_seenpbm
Value: 1647962952333
.ad.gt/ Name: first_seenpbm
Value: 1647962952333
.outbrain.com/ Name: openx
Value: 155eb22f-9899-4602-ab5a-be9441061651
.casalemedia.com/ Name: CMPRO
Value: 986
.facebook.com/ Name: fr
Value: 0HLJlOBw0rK3EgbJn..BiOetI...1.0.BiOetI.
.arstechnica.com/ Name: _ga
Value: GA1.2.1679509180.1647962950
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005%22%7D
.outbrain.com/ Name: rtbhs
Value: tRXbRqn9LRjMupaJwpN2
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 6bafe6a2-2746-4d2e-ae06-bc0f946be187
.emxdgt.com/ Name: uid
Value: 64381647962952711103ad
.arstechnica.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/%22%2C%22sref%22:%22%22%2C%22sts%22:1647962952726%2C%22slts%22:0}
.arstechnica.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=9e1c0a0e2fc4bd0a1f32f646277a6012%22%2C%22session_count%22:1%2C%22last_session_ts%22:1647962952726}
.ad.gt/ Name: last_seenconde_nast_xid
Value: 1647962952713
.arstechnica.com/ Name: bounceClientVisit2806v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgIYBOKCApgMZwB2AltcQHTUD2AtkQ3QGbtSnYggbs6AWiq067MOwDmATyK4ADLlxE1GIgCNKcOQBMJxCRGIoUAd0GmIcBiid0FElAypS4Iic0kEUiYAawlKADdKSRRiCIilCQBXFEpyIhAAGhBSGBAQAF8gA
.360yield.com/ Name: tuuid
Value: 20f1281e-6524-4d23-b51a-b9052e632b0a
.360yield.com/ Name: tuuid_lu
Value: 1647962952
.outbrain.com/ Name: indxexcg
Value: YjnrSETtBJYiRIvboXIHjAAAA9oAAAIB
.outbrain.com/ Name: mdfrc
Value: 1d2bf79a-2aa2-4d4b-b6d5-7622945e46de
.ad.gt/ Name: last_seenhaloid
Value: 1647962952812
.ad.gt/ Name: first_seenhaloid
Value: 1647962952812
.arstechnica.com/ Name: __qca
Value: P0-719736422-1647962952508
.smaato.net/ Name: SCM
Value: 7a674393
.smaato.net/ Name: SCMo
Value: 7a674393
.ad.gt/ Name: last_seenunruly
Value: 1647962952853
.bing.com/ Name: MUID
Value: 3139D7FA406267462FE3C69541B6669E
.c.bing.com/ Name: MR
Value: 0
.ad.gt/ Name: last_seenopenx
Value: 1647962952984
.arstechnica.com/ Name: _hjSessionUser_1632543
Value: eyJpZCI6IjU1ZjgyMTQzLTQ1YzItNWZiNi05ZGVhLWE3Y2VmYWQ3NDdlZCIsImNyZWF0ZWQiOjE2NDc5NjI5NTI1MjEsImV4aXN0aW5nIjpmYWxzZX0=
.arstechnica.com/ Name: _hjFirstSeen
Value: 1
arstechnica.com/ Name: _hjIncludedInSessionSample
Value: 1
.arstechnica.com/ Name: _hjSession_1632543
Value: eyJpZCI6Ijc0NzE2YTlkLWE5ZGItNGE5My05ZGI5LTkyMTVjZTI3ZWU1MiIsImNyZWF0ZWQiOjE2NDc5NjI5NTMwMzgsImluU2FtcGxlIjp0cnVlfQ==
.arstechnica.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.outbrain.com/ Name: bdswch
Value: 62e8ec88-d2ea-41ea-a477-629331ac8f33
.technoratimedia.com/ Name: tads_uid
Value: FCBFFBF89C1640D1A81A2F6FB803C46C
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220322112913-0400
.technoratimedia.com/ Name: tads_zora
Value: 2
.contextweb.com/ Name: V
Value: wQJndR7Ju02E
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 5aa574131523d415
.3lift.com/ Name: tluid
Value: 2076059312112336406011
.outbrain.com/ Name: improve_digital
Value: 20f1281e-6524-4d23-b51a-b9052e632b0a
.outbrain.com/ Name: smaato
Value: 7a674393
.outbrain.com/ Name: oath
Value: UPd35c2be1-a9f4-11ec-9212-029922c6cb47
.outbrain.com/ Name: oath_display
Value: y-ZaBW8I9E2uGxsYvIiwH_q9GEHkdeo.Mc3OcTSgY-~A
.outbrain.com/ Name: smart
Value: 8687129380085137690
.yellowblue.io/ Name: wrvUserID
Value: thFtQ6d4kp_s
.arstechnica.com/ Name: _parsely_tpa_blocked
Value: {%22tpab%22:false}
.outbrain.com/ Name: synacor
Value: FCBFFBF89C1640D1A81A2F6FB803C46C
.verizon.demdex.net/ Name: verizon
Value: 65416946501074486881869476194977929017
.pubmatic.com/ Name: PUBMDCID
Value: 2
.spotxchange.com/ Name: audience
Value: d3ea2f41-a9f4-11ec-8f7c-13d5c8140103
.adsymptotic.com/ Name: U
Value: c4187fc90b12df0aedc854c7b99b7bbf
.sitescout.com/ Name: ssi
Value: 617f57b8-9492-449d-beb6-d13cab1fdcf0#1647962953544
.w55c.net/ Name: wfivefivec
Value: 6N6kzBX01NwGrD5
.bounceexchange.com/ Name: bounceClientVisit2806c
Value: %7B%22vid%22%3A1647962953594906%2C%22did%22%3A%226061929042338789098%22%7D
arstechnica.com/ Name: _lr_sampling_rate
Value: 0
.openx.net/ Name: univ_id
Value: 537072971|05c5f2ba-e4d6-4fba-8f01-3cff13067e70|1647962953624594
.outbrain.com/ Name: spotx
Value: d3ea2f41-a9f4-11ec-8f7c-13d5c8140103
.w55c.net/ Name: matchcasale
Value: 5
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmJuaWZkaWpsZmoJAP5_wS0QAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNrQwNDYwNTA3NDAzMDM2BCJzIT5D3fiS0BJfd_NKfyfjMADzmRZbJQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNrQwNDYwNTA3NDAzMDM2BCJzIT5D3fiS0BJfd_NKfyfjMCleQzMTc0szI0tTYzNTSwCZAS2wNAAAAA
.addthis.com/ Name: ouid
Value: 6239eb4900018ea59dcba705e17f10b74b5af6a836f450c5287f
.addthis.com/ Name: um
Value: g.'65416946501074486881869476194977929017'
.addthis.com/ Name: uid
Value: 6239eb4941a25e61
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEMOU1AZQBDOUQFaxh0E1VLI&KRTB&22987-CAESEMOU1AZQBDOUQFaxh0E1VLI&KRTB&23025-CAESEMOU1AZQBDOUQFaxh0E1VLI
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1cua|2N.0.AAADLCxZBg21OwM_oJzFAAAAAAA|3oy.0.617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553|4is.0.CAESELj1VrFNvx3dmsTmi77_UAQ|7TY.0
ssp.behave.com/ Name: tuuid
Value: 72b431ca-2f1c-4534-b63d-7062c57b9ef6
ssp.behave.com/ Name: c
Value: 1647962954
ssp.behave.com/ Name: tuuid_lu
Value: 1647962954
.mathtag.com/ Name: mt_mop
Value: 4:1647962954
.lijit.com/ Name: ljt_reader
Value: 10d5e2f9f5cc70ae3f95ae6b
.onetag-sys.com/ Name: OTP
Value: x1GxeNN9m-Mr3cAPUwXte0X28QwcirjLMs8dBHGF4Zg
.blismedia.com/ Name: b
Value: 6239EB4A050C87EEAD4F20ACBLIS
.outbrain.com/ Name: pubmatic
Value: D8D403F9-EA9C-4FEC-BBBB-FD8E3876457C
.go.sonobi.com/ Name: __uis
Value: 442fe751-492b-4837-8dea-3e27d117c247
.go.sonobi.com/ Name: HAPLB8S
Value: s8586|YjnrR
.adform.net/ Name: C
Value: 1
arstechnica.com/ Name: _lr_retry_request
Value: true
arstechnica.com/ Name: _lr_env_src_ats
Value: false
.openx.net/ Name: pd
Value: v2|1647962953.1|iKvMgakWgy.bwuYvPhEgKg2
.adform.net/ Name: uid
Value: 4927339359897315789
.media.net/ Name: visitor-id
Value: 2909645546634886000V10
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 4
.pubmatic.com/ Name: pi
Value: 156512:3
.pubmatic.com/ Name: DPSync3
Value: 1647993600%3A174%7C1649116800%3A197_201%7C1648512000%3A164
.pubmatic.com/ Name: SyncRTB3
Value: 1649116800%3A21_166_8_178_231_104_55_233_99_57_222_22_7_48_240_5_56_239_13_54_3_176_220_71_165%7C1650499200%3A224%7C1648512000%3A15_38_2_223%7C1648771200%3A63%7C1649203200%3A35
.mfadsrvr.com/ Name: bsw_uid
Value: 62e8ec88-d2ea-41ea-a477-629331ac8f33
.w55c.net/ Name: matchmedianet
Value: 5
.criteo.com/ Name: uid
Value: 56e72df9-e68c-42c0-9392-bf3196168128
ssp.behave.com/ Name: um2
Value: !2,62e8ec88-d2ea-41ea-a477-629331ac8f33,417241754
.media.net/ Name: data-rk
Value: 1813050710606316317~~8
.w55c.net/ Name: matchpubmatic
Value: 5
.rlcdn.com/ Name: pxrc
Value: CMfW55EGEgUI6AcQABIFCOhHEAASBgi16gEQAxIGCLrqARADEgYIuOsBEAASBgjx6wEQAhIGCIq6KxAC
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY0Nzk2Mjk1NDk2OCwiMyI6MTY0Nzk2Mjk1NTAwMywiNCI6MTY0Nzk2Mjk1MzY0MywiMjciOjE2NDc5NjI5NTM2NDMsIjM5IjoxNjQ3OTYyOTUzNjQzLCI3IjoxNjQ3OTYyOTU1MDAzLCI2NCI6MTY0Nzk2Mjk1NTAwM30
.adgrx.com/ Name: ADGRX_UID
Value: d4dfaa00-a9f4-11ec-a7b6-6837becf923c
.taboola.com/ Name: t_gid
Value: 9fa89cc4-9382-4853-8b25-2117ad6ca439-tuct93370cb
.media.net/ Name: data-mm
Value: 81b96239-eb48-4800-8f99-27deec4d2451~~8
.deepintent.com/ Name: CDIUSER
Value: di_cd45b319c9064b9681b17
.dotomi.com/ Name: DotomiTest
Value: 461325ebf99808ee
.owneriq.net/ Name: si
Value: Q7012493551709562395P
.owneriq.net/ Name: pmc
Value: 1
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3Dd99a7983-ad45-4aff-b7e3-1d6625d71961
.bnmla.com/ Name: rx_uuid
Value: d99a7983-ad45-4aff-b7e3-1d6625d71961
.bnmla.com/ Name: rx_maxage_10738
Value: 1649258955
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-6bafe6a2-2746-4d2e-ae06-bc0f946be187
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:6N6kzBX01NwGrD5
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:81b96239-eb48-4800-8f99-27deec4d2451&KRTB&16736-uid:81b96239-eb48-4800-8f99-27deec4d2451&KRTB&23019-uid:81b96239-eb48-4800-8f99-27deec4d2451&KRTB&23208-uid:81b96239-eb48-4800-8f99-27deec4d2451
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.tribalfusion.com/ Name: ANON_ID
Value: aKnu7qxNeThBeZdwQMlTx4TAR34xw825g9ivbTZbZcqcsCbYVSP3b4hrv7jqL1JBXjvCpCrXlZaWHmHSnQrvV9REOp2hZbG3Ugw4PJZcIUcMYV
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-eb801001-3044-40f8-545d-378238093a64.lnkqMh5vJ5D5%2BC%2FwEfpEhp39glMmDFSWZum70ujGN1Y
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3A64AQATBEQPhUXTeCOAk6ZGAJ-Sw.rzQ0N5P4KVSUfbxR61uBSCDHepMoeBWhtvH6v%2BOKlRc
.acuityplatform.com/ Name: auid
Value: 657826907971
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBP2xHcWi6mGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAT9sR3Fouo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.media.net/ Name: data-ttd
Value: 05c5f2ba-e4d6-4fba-8f01-3cff13067e70~~1
.inmobi.com/ Name: idsp_c
Value: 013ca0b1-10dc-494d-bb71-056e8a93ca64
.media.net/ Name: data-xu
Value: 6N6kzBX01NwGrD5~~8
.simpli.fi/ Name: suid
Value: 439985829DE84A8C9B5342B56A27F74A
.media.net/ Name: data-c
Value: 56e72df9-e68c-42c0-9392-bf3196168128~~1
.media.net/ Name: data-c-ts
Value: 1647962955
beacon.lynx.cognitivlabs.com/ Name: ss
Value: cNCMs2XkvSGFA1Jl31kS14uX1TJlpUQ4UKUWZLNc6xlE%2BMZWrB4VmR%2F6DJYArjhFFqWyb5XnC1M%2BS7ca8%2FrxcNXOVy6DBcIzpTAHW0k8qjY%3D
.media.net/ Name: data-g
Value: CAESENSTd-iebpEVI5faXuEolEk~~8
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-d4dfaa00-a9f4-11ec-a7b6-6837becf923c
.ipredictive.com/ Name: cu
Value: d4e8e5e2-a9f4-11ec-9a60-ab47edd9be64|1647962955079
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-657826907971
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-64AQATBEQPhUXTeCOAk6ZGAJ-Sw
.33across.com/ Name: 33x_ps
Value: u%3D77930602580799%3As1%3D1647962955088%3Ats%3D1647962955088
.pubmatic.com/ Name: KRTBCOOKIE_1233
Value: 23223-013ca0b1-10dc-494d-bb71-056e8a93ca64&KRTB&23266-013ca0b1-10dc-494d-bb71-056e8a93ca64&KRTB&23285-013ca0b1-10dc-494d-bb71-056e8a93ca64
.bidr.io/ Name: bito
Value: AAEsIE7Ec9cAAAz-s8TaRg
.bidr.io/ Name: bitoIsSecure
Value: ok
.mookie1.com/ Name: id
Value: 10596547713675543060
.mookie1.com/ Name: mdata
Value: 1|10596547713675543060|1647962955085
.mookie1.com/ Name: ov
Value: 4fe5c4c364459e2f07887e077b4a480f
.bnmla.com/ Name: rx_sspid_10738
Value: 170
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-05c5f2ba-e4d6-4fba-8f01-3cff13067e70&KRTB&22918-05c5f2ba-e4d6-4fba-8f01-3cff13067e70&KRTB&23031-05c5f2ba-e4d6-4fba-8f01-3cff13067e70
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7012493551709562395&KRTB&22521-Q7012493551709562395
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-07dFsoDnQrPIsEXogeRbs9KyQLLI4UKz1LWln4sQ&KRTB&19420-07dFsoDnQrPIsEXogeRbs9KyQLLI4UKz1LWln4sQ&KRTB&22979-07dFsoDnQrPIsEXogeRbs9KyQLLI4UKz1LWln4sQ
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-617f57b8-9492-449d-beb6-d13cab1fdcf0-6239eb49-5553
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4137273106857289133
.media.net/ Name: data-mf
Value: 1d2bf79a-2aa2-4d4b-b6d5-7622945e46de~~1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-6141021567606092823&KRTB&23339-6141021567606092823
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YjnrRwAAADpnQgQL&KRTB&22978-YjnrRwAAADpnQgQL&KRTB&23194-YjnrRwAAADpnQgQL&KRTB&23209-YjnrRwAAADpnQgQL
ads.avct.cloud/ Name: uuid
Value: d3257ede-eb67-416f-bb37-58f8f15ba8d6
.mfadsrvr.com/ Name: ssh
Value: !medianet,1647962955!bidswitch,1647962954!outbrain,1647962952
.pubmatic.com/ Name: KRTBCOOKIE_308
Value: 22925-d99a7983-ad45-4aff-b7e3-1d6625d71961
.technoratimedia.com/ Name: tads_uidp_73
Value: AAEsIE7Ec9cAAAz-s8TaRg
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:E446C6FC9B8A47FAA8BFF7595C7C81CD
.rlcdn.com/ Name: rlas3
Value: LXuwc3bjQfeDrG4OmG0BaNgKjmEO5IyMhrJyk73Q3YM=
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 18e5d510535d83e400ed421cade1101f
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMLRINU0xNTQwNTZNsTBONTEwSE0xMTJMTkxJNTQ0MExjAIIky9feIBoKAEeJCmo%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBIsnztDaSgAAAWkAHS"
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwjM3Pj214jGOhAFEhUKBmNhc2FsZRILCJrS7obYiMY6EAUSFwoIcHVibWF0aWMSCwieypaV2IjGOhAFEhYKB3J1Ymljb24SCwjmo_2X2IjGOhAFGAEgAigCMgsInsKZwu6IxjoQBTgBWghwdWJtYXRpY2AC
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAEsIE7Ec9cAAAz-s8TaRg
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-d4e8e5e2-a9f4-11ec-9a60-ab47edd9be64&KRTB&23011-d4e8e5e2-a9f4-11ec-9a60-ab47edd9be64&KRTB&23355-d4e8e5e2-a9f4-11ec-9a60-ab47edd9be64
.creative-serving.com/ Name: tuuid
Value: a4a1d4c7-6fe7-47be-ba7e-456dcca1ffcf
.creative-serving.com/ Name: c
Value: 1647962955
.creative-serving.com/ Name: tuuid_lu
Value: 1647962955
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17105-RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005&KRTB&17107-RX-a83b6604-2e32-49f2-bbad-627050f1e26e-005
.media.net/ Name: data-co
Value: AAADKxt_0Co_YwMgGrPDAAAAAAA~~8
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1B341_ED237649_36809EBA&KRTB&23092-R1B341_ED237649_36809EBA
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAADK9Fl9e6oFAM28G98AAAAAAA&KRTB&22713-AAADK9Fl9e6oFAM28G98AAAAAAA&KRTB&22715-AAADK9Fl9e6oFAM28G98AAAAAAA
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4927339359897315789&KRTB&23263-4927339359897315789
.analytics.yahoo.com/ Name: IDSYNC
Value: "195n~23wf:18y3~23wf:18xa~23wf:175w~23wf"
.mookie1.com/ Name: syncdata_TAP
Value: 1
.media.net/ Name: data-ze
Value: hzHZL_4QNgthsM8mf_bi~~8
.brand-display.com/ Name: _knxq_
Value: cd08e909-f151-0518-4e49dd2b.1647962955.0.1647962955.1647962955
.dyntrk.com/ Name: dyn_u
Value: 04030001_6239eb4b89a0e
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-62e8ec88-d2ea-41ea-a477-629331ac8f33
.media6degrees.com/ Name: clid
Value: 2r95kcr01170bi9xa3sr84e80000000129010d01301
.media6degrees.com/ Name: acs
Value: 012020k1r95kcrxzt10
.media.net/ Name: data-bs
Value: 62e8ec88-d2ea-41ea-a477-629331ac8f33~~1
.mookie1.com/ Name: syncdata_NEU
Value: 1
.quantserve.com/ Name: d
Value: EIEBFwHcJfijC4jGD-uFAA
.adotmob.com/ Name: uid
Value: 0772220407a3bae13afcafa3
.adotmob.com/ Name: uuid
Value: 0772220407a3bae13afcafa3
.adotmob.com/ Name: partners
Value: IX%3A1647962955680
.sportradarserving.com/ Name: zuuid
Value: 5fa719d4-8452-4932-bbdc-f7ca46c1b25d
.sportradarserving.com/ Name: c
Value: 1647962955
.sportradarserving.com/ Name: zuuid_lu
Value: 1647962955
.arstechnica.com/ Name: _ga_P1P55J3LNW
Value: GS1.1.1647962951.1.0.1647962955.56
.imrworldwide.com/ Name: IMRID
Value: d55ed8c2-a9f4-11ec-828c-47fc9288f865
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1647962955
.yieldoptimizer.com/ Name: fbh0
Value: %7B%7D
.yieldoptimizer.com/ Name: gcma
Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/ Name: rmxc
Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/ Name: cktst
Value: 888708189
.yieldoptimizer.com/ Name: ckid
Value: 2026798750376
.yieldoptimizer.com/ Name: dph
Value: %7B%22t%22%3A%5B115887%5D%2C%22dp%22%3A%5B2233%5D%7D
.yieldoptimizer.com/ Name: ph
Value: %7B%22p%22%3A%5B1025%5D%2C%22t%22%3A%5B115887%5D%7D
.owneriq.net/ Name: p2
Value: adpq
.arstechnica.com/ Name: aamoptsegs
Value: aam%3D226821
.arstechnica.com/ Name: aamconde
Value: conde%3Dsv
.arstechnica.com/ Name: aam_uuid
Value: 65416946501074486881869476194977929017
.clickagy.com/ Name: cb
Value: YjnrTI884vQlRsAa7ViNo8c7
aorta.clickagy.com/ Name: chs
Value: [{"ch":"124","t":"2022-03-22 15:29:16"}]
.mxptint.net/ Name: mxpim
Value: R1B341_ED237649_36809EBA.1.00000000000000006239EB4B000000000000000000000000000000006239EB4C
.pubmatic.com/ Name: SPugT
Value: 1647962955
.fwmrm.net/ Name: _uid
Value: "h8027_7077947005334483048"
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bHoFoFJxPMpelYvo2XO8wv+z0QnGM0pmGS5MWzHmrqhpMbX+xB4fzh4cG5++uzqe6qY2dlbhav2vuCAnekPgJib7ZpQA0goIccPINyFRbEKpA==
.casalemedia.com/ Name: CMST
Value: YjnrSGI5600A
.casalemedia.com/ Name: CMRUM3
Value: 2d6239eb4905a0CAESEN6ZjlNc2LvDK2x3nmbRQpY&ce6239eb4a05a0&e66239eb482760&336239eb4c276062e8ec88-d2ea-41ea-a477-629331ac8f33&9c6239eb4b2760477a6364-4aa2-4979-a7fc-6fe14ccfc4bf&2f6239eb4927606N6kzBX01NwGrD5&586239eb4d2760YjnrRwAAADpnQgQL&f16239eb4805a0&986239eb4927600d8d41f2-870c-413d-ae63-5efc0447587b&dd6239eb4b2760&396239eb4927601813050710606316317&826239eb4ba8c0&0d6239eb4b05a0&c46239eb4b05a0&836239eb49276018072662289794877202&276239eb49276005c5f2ba-e4d6-4fba-8f01-3cff13067e70&2e6239eb4b05a0&496239eb4b05a0&516239eb4a05a0&bf6239eb4b05a0
.adnxs.com/ Name: anj
Value: dTM7k!M40<F7/.XF']wIg2C$OrN7ce!]tcN8i_iqf!oN/@E'zz<*Z0Q`o<0^)Ev8$k8lZ'Uk1_-W/ifm5id0#k>KhOTD4Z]pPi_y0/m2EVCcmk@><z9p^iO^UqgL=I$/2oN3FR@<?R5hB6GEs.iX#)4Wlke+6gxY1Qw1h!`[Cx
.pubmatic.com/ Name: PugT
Value: 1647962957
.onaudience.com/ Name: cookie
Value: cacef401c95126a1
.demdex.net/ Name: dextp
Value: 21-1-1647962952752|269-1-1647962953034|3-1-1647962953349|420-1-1647962953498|60-1-1647962953646|358-1-1647962953871|477-1-1647962954061|481-1-1647962954248|843-1-1647962954480|540-1-1647962954650|601-1-1647962954969|771-1-1647962955244|992-1-1647962955443|1123-1-1647962955565|1175-1-1647962955667|1524-1-1647962955906|22069-1-1647962956007|575-1-1647962956109|53196-1-1647962956214|73426-1-1647962956320|75557-1-1647962956468|79908-1-1647962956569|66757-1-1647962956670|121998-1-1647962956776|796-1-1647962956877|144230-1-1647962956978|144231-1-1647962957079|144232-1-1647962957180|144233-1-1647962957281|144234-1-1647962957383|144235-1-1647962957493|144236-1-1647962957594|144237-1-1647962957696|161033-1-1647962957798|285689-1-1647962957899
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: 5shvpc3xf5kyobcdrhjjojna
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: 3ag0pomd1fu5vxt5sjvssnyw
.ib.mookie1.com/ Name: ibkukiuno
Value: s=16b03d20-6371-4238-a0eb-b94bee8b647a&h=&v=761402851&l=-8585536439267315423&op=&hl=0&vlu=3&tcs=1&dcc=-8585536439269268825
.ib.mookie1.com/ Name: ibkukinet
Value: 1611266348=-8585536439267315423&1611266348=-8585536439267315423

18 Console Messages

Source Level URL
Text
network error URL: https://arstechnica.com/infinityid
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MjE1L3QvMA/kv/PageName=undefined,SiteID=Ars%20Technica,CampaignID=1802C,Channel=website,CreativeID=information%20technology,Placement=undefined
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/
Message:
Access to XMLHttpRequest at 'https://sstats.arstechnica.com/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=F7093025512D2B690A490D44%40AdobeOrg&mid=65227220823465332891854408836296973280&ts=1647962951106' from origin 'https://arstechnica.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://sstats.arstechnica.com/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=F7093025512D2B690A490D44%40AdobeOrg&mid=65227220823465332891854408836296973280&ts=1647962951106
Message:
Failed to load resource: net::ERR_FAILED
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://tags.bluekai.com/site/29859?id=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=dFG79ZbZquXTzM0goitrdW8fhhs0B0Owrl2yYz0u8hlwYQ23Vv1DdI3FgsawSzOB
Message:
Failed to load resource: the server responded with a status of 403 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security error URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Message:
Blocked script execution in 'https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
security error URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Message:
Blocked script execution in 'https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
other warning URL: https://publish.responsiveads.com/libs/radical.r7.min.js(Line 6)
Message:
Allow attribute will take precedence over 'allowfullscreen'.
network error URL: https://fr-actions.trackonomics.net/prod/arstechnica.com/information-technology/2022/03/behold-a-password-phishing-site-that-can-trick-even-savvy-users/action_links.json
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://p.adsymptotic.com/d/px?_pid=11693&_psign=bf265992ae7fbdc1ab4b39651c157974&_puuid=65416946501074486881869476194977929017&_rand=148886561&_pp=adobeXtest&_redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=1524%26dpuuid=${UUID}
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJHtnt4TE2A8nAliNRldpxez4SDK5078MM5VDQT-tMvEJDJ6F_ho8cKmTPAQTpo3YlWc3QB0W431CZAL7XIM3qOnFBwbCv2
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3bffe99bfff69e0c8bc5a98b1f1402dd.safeframe.googlesyndication.com
4d.condenastdigital.com
a.ad.gt
a.sportradarserving.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
abp.mxptint.net
abs-0.twimg.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.avct.cloud
ads.creative-serving.com
ads.pubmatic.com
ads.scorecardresearch.com
adservice.google.com
ak.sail-horizon.com
ampcid.google.com
analytics.google.com
analytics.responsiveads.com
analytics.tiktok.com
analytics.twitter.com
aorta.clickagy.com
ap.lijit.com
api.bounceexchange.com
api.cnevids.com
api.condenast.io
api.rlcdn.com
api.sail-personalize.com
arstechnica.com
as-sec.casalemedia.com
assets.bounceexchange.com
assoc-na.associates-amazon.com
aufp.io
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c21lg-d.media.net
c2shb.ssp.yahoo.com
capture.condenastdigital.com
cdn-magiclinks.trackonomics.net
cdn.arstechnica.net
cdn.cookielaw.org
cdn.mediavoice.com
cdn.memo.co
cdn.syndication.twimg.com
check.analytics.rlcdn.com
choices.trustarc.com
choices.truste.com
cm.adgrx.com
cm.everesttech.net
cm.g.doubleclick.net
condenast.demdex.net
condenastus-d.openx.net
connect.facebook.net
contextual.media.net
creativecdn.com
cs-server-s2s.yellowblue.io
cs.emxdgt.com
cs.media.net
csi.gstatic.com
d.turn.com
d2c8v52ll5s99u.cloudfront.net
dfp.bouncex.net
dis.criteo.com
dmp.adblade.com
dmp.brand-display.com
dmp.v.fwmrm.net
dp2.33across.com
dp8hsntg6do36.cloudfront.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dt.adsafeprotected.com
dwgyu36up6iuz.cloudfront.net
eb2.3lift.com
elsa.memoinsights.com
eus.rubiconproject.com
events.bouncex.net
fastlane.rubiconproject.com
fei.pro-market.net
fonts.gstatic.com
fpa-cdn.arstechnica.com
fpa-events.arstechnica.com
fr-actions.trackonomics.net
fw.adsafeprotected.com
gcdn.2mdn.net
geolocation.onetrust.com
global.ib-ibi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hbx.media.net
htlb.casalemedia.com
i.ytimg.com
ib.adnxs.com
ib.mookie1.com
ice.360yield.com
id.geistm.com
id.rlcdn.com
id.sv.rkdms.com
idpix.media6degrees.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.outbrainimg.com
imasdk.googleapis.com
infinityid.condenastdigital.com
jnn-pa.googleapis.com
js-sec.indexww.com
load77.exelator.com
loadm.exelator.com
loadus.exelator.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
mb.moatads.com
mcdp-sadc1.outbrain.com
medianet-match.dotomi.com
mweb.ck.inmobi.com
odb.outbrain.com
odr.mookie1.com
p.ad.gt
p.adsymptotic.com
p.rfihub.com
p.skimresources.com
pagead2.googlesyndication.com
pbs.getpublica.com
pbs.twimg.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.adsafeprotected.com
pixel.advertising.com
pixel.condenastdigital.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
platform.twitter.com
player.cnevids.com
plugin.mediavoice.com
pm.w55c.net
pmp.mxptint.net
polarcdn-terrax.com
pr-bh.ybp.yahoo.com
prebid.media.net
ps.eyeota.net
pubads.g.doubleclick.net
publish.responsiveads.com
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
px4.ads.linkedin.com
r.skimresources.com
r5---sn-ab5szn7e.c.2mdn.net
rtb.adentifi.com
rtb.mfadsrvr.com
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.skimresources.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
secure-gg.imrworldwide.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
segment-data.zqtk.net
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
srv-1970-01-01-00.pixel.parsely.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssp.behave.com
sstats.arstechnica.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.adsafeprotected.com
static.doubleclick.net
static.hotjar.com
stats.g.doubleclick.net
su.addthis.com
sync-jp.im-apps.net
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.hgrtb.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
syndication.twitter.com
t.co
t.skimresources.com
tag.bounceexchange.com
tag.yieldoptimizer.com
tags.bluekai.com
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
trx-hub.com
u.openx.net
um.simpli.fi
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
vars.hotjar.com
verizon.demdex.net
video2.responsiveads.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
www.youtube.com
x.bidswitch.net
x.dlx.addthis.com
yt3.ggpht.com
z-na.associates-amazon.com
z.moatads.com
cm.g.doubleclick.net
sstats.arstechnica.com
104.127.64.185
104.18.101.194
104.244.42.131
104.244.42.197
104.244.42.200
104.244.43.131
104.36.115.109
104.36.115.113
104.45.178.220
107.178.246.49
107.178.254.65
13.107.42.14
13.225.214.115
13.225.214.125
13.225.214.128
13.225.214.45
13.225.214.48
13.225.214.90
13.225.71.10
13.225.71.50
13.225.71.56
13.225.71.77
13.226.26.62
142.250.176.198
142.250.65.226
142.250.80.2
146.75.28.157
150.136.26.45
151.101.0.239
151.101.129.108
151.101.193.44
151.101.66.49
151.139.128.11
169.61.103.241
172.217.165.130
173.223.56.123
173.231.178.85
18.177.242.21
18.185.185.183
18.213.144.100
18.213.237.106
18.215.24.252
18.232.14.164
18.235.203.194
18.235.85.182
185.167.164.43
185.184.8.65
192.132.33.46
192.35.249.127
198.148.27.139
199.127.204.142
199.187.193.166
199.187.193.179
199.187.193.182
199.232.66.132
199.38.167.128
2001:4860:4802:32::3
204.2.255.224
204.2.255.233
205.234.175.175
209.54.177.54
216.152.140.200
216.200.232.253
23.196.180.24
23.196.181.192
23.199.204.79
23.208.68.201
23.208.68.242
23.208.69.141
23.208.69.76
23.33.238.120
23.52.164.177
23.57.131.216
23.73.244.44
2600:141b:13::17d7:82d1
2600:1901:0:8eee::
2600:1f18:4e9:5a07:56c0:bbbc:18e0:97e
2600:9000:21dd:400:6:44e3:f8c0:93a1
2600:9000:21dd:7200:8:48e:53c0:93a1
2600:9000:21ea:1800:1b:5138:8a40:93a1
2600:9000:21ea:5800:1d:8c8c:47c0:93a1
2602:803:c002:200::113
2606:2800:220:131d:1d30:1f1d:238b:1e56
2606:2800:220:1410:489:141e:20bb:12f6
2606:4700:10::6814:b844
2606:4700::6810:9440
2606:4700::6811:4032
2606:4700::6812:b4f
2606:4700::6812:c05
2606:4700::6812:fd7
2606:4700::6813:d983
2606:ae80:1471:17::1050
2607:ae80:128:1::49
2607:f8b0:4004:c08::9c
2607:f8b0:4006:33::b
2607:f8b0:4006:806::2006
2607:f8b0:4006:806::200e
2607:f8b0:4006:807::200e
2607:f8b0:4006:809::2008
2607:f8b0:4006:809::200a
2607:f8b0:4006:80d::2002
2607:f8b0:4006:80d::2006
2607:f8b0:4006:80d::200e
2607:f8b0:4006:80d::2016
2607:f8b0:4006:816::2002
2607:f8b0:4006:817::2002
2607:f8b0:4006:817::2003
2607:f8b0:4006:81d::2001
2607:f8b0:4006:81d::200a
2607:f8b0:4006:81e::2001
2607:f8b0:4006:81e::2002
2607:f8b0:4006:81f::200e
2607:f8b0:4006:822::2001
2607:f8b0:4006:822::2004
2607:f8b0:4006:822::200e
2607:f8b0:4006:823::2003
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:1d2b:ecd5:fcc0:2c58
2620:1ec:21::14
2620:1ec:c11::200
2a02:6ea0:c400::12
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
2a04:4e42::300
3.208.44.45
3.214.48.204
3.217.143.196
3.222.163.78
3.222.216.235
3.223.211.32
3.228.240.60
3.23.219.58
34.107.148.139
34.111.151.213
34.111.8.32
34.120.155.137
34.120.253.250
34.197.191.32
34.199.73.116
34.206.26.132
34.213.88.197
34.216.205.19
34.226.104.236
34.231.251.31
34.232.146.139
34.233.255.124
34.233.34.144
34.236.83.94
34.239.221.169
34.96.105.8
34.98.64.218
34.98.72.95
35.170.185.65
35.172.142.9
35.190.52.204
35.190.59.101
35.190.60.146
35.190.90.30
35.190.91.160
35.201.67.47
35.207.10.239
35.211.178.172
35.211.233.246
35.244.159.8
35.71.131.137
38.27.122.126
38.91.45.7
44.198.171.22
50.16.197.56
50.19.202.79
51.161.117.181
51.222.80.231
52.0.156.250
52.15.47.104
52.200.205.250
52.203.157.37
52.206.255.175
52.223.22.214
52.43.250.227
52.45.33.138
52.73.123.163
52.73.169.207
52.87.79.81
52.94.220.185
54.145.48.80
54.159.174.121
54.166.34.166
54.192.100.144
54.192.100.165
54.192.102.45
54.192.160.42
54.209.238.15
54.210.222.233
54.211.110.217
54.224.102.47
54.230.162.17
54.230.162.32
54.230.162.33
54.230.162.51
54.234.88.163
54.245.137.190
54.71.86.183
54.84.148.13
63.251.114.137
64.202.112.31
64.202.112.63
64.58.232.179
64.58.232.180
66.225.223.95
67.202.105.21
68.67.160.186
68.67.160.75
69.166.1.10
69.173.151.100
69.90.254.78
72.21.195.65
74.119.119.150
8.28.7.82
8.28.7.83
8.28.7.84
85.114.159.118
99.83.154.140
005f315d6f7cf50f04161a51e17287b5040b513267560b083a3cf39d0b892ba8
0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c
030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06
0353271bdf99d07d4caf78c8170e12828a60f577af59a13ca5e7fd978d793068
0396be2ab58ec30babd0838d7e37d6407475d4361be85ee7451dbac9186add57
039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b33c040105224101afcdaacd82b6dfb3ea1bf9ef3d7478cf5fa163a0ad65e0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0772b2856549930716a0cbd1f3d99945cc185497c433c21deda57438ce559632
0774ea6ef528b18860bd8d9647dd2e0082ae7cbe837dd70296e8197fc8202c26
084171392a949375d4bdfcc454ca4be284f581528613e5f9df6a523ab1b3cb44
087b027d42fb0896297c144a29592243d64e89d03e236dc42b8bcde5a6f89679
08b8b78504677c4bb61018fbcfe343bf7603d3ea56b3b47d9532569104f9b5c0
08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
0a5377eb8e83be2ee2593492f90bebbd34724ec051ef4e5332b9d4d4ea0195cf
0b5c6a8d4a856db56da956eced8af9a5eb6e0a89dc67de5ffc4c83513472a3cc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c9c19b44ffa3c3f80c48454587303ae3d2f2a0df72cd3e5484bbcd75cce33e9
0e8f883120821d38cd98ebbd41bf2f1f480bfad72dda5beaa07c2404b26ebec6
0f7d9aed4638265e031bb81bca29f79fd3081a9b93d4d7cba80f61fabc5dfc13
10879dae51273e85e8eccf72db718168ca14f9fea14d369f11e7e8d4d233f3b5
1097abb6f0992cccc79428374463e7f23b99dae5eb85d7317b20bd57c96031bb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13303457715aaa3d105eb1e59b306132f8e5cafbd08120b3fd806a99e9371e0a
16708dda2536b4b3782313db4a6ec8456cd84da7ae0f56d7d2455e68fc9bc4f0
16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8
171b2560bfb2a27b4387a2f3c5b2454535409c0c15b6bcb084f5327ed0db2188
173d7c7e266672df75c4e048a934c55ee24d9a9028a87fd2957e74d1bd6a8d08
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18794d2ef2e62636a8d7cea1ce420a572c82e448ab1e4a0a9b817013e99e25f4
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
1bf55bc00dbf13180884211c3d301729e67b81f3456225c1fbf97d271d636509
1c5af3858adba05625b6151d8453d7fd80856cac193a614d0421e3f953237499
1c7dcc8216c6f82da2998ceeac2523632c7f9bffe510824b6d082621201f2012
1db77e2d6302a66b6474669f44912ff5c6772c07ce503addadd7f2d1c45fd492
1defb6bc54a7ee9c066136908360e8455c23ee9ad0dec9924e7255d7948cd4be
1f466b08649eef5ad16c20f6d7207bf8818cb107b6241950dbc568cdffc03d63
1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378
1feafaa9eaf1db06371a7897b4563c43a30d6b0de9912310c0b5bc5c4c1a593f
2048b4bd507a51eb73e80d1b7eecde9dc84d36bf9f6e394c6ce4079ebb95950a
20660a9ef7ec454c15b2dc62b3db084e0cc9f74c5bb6de71a96fb1a54aef00f8
207299bf13a26f25403a2add8fd90c6bd1eac4deba70df233b1dd2ae8e4a01cd
217f3f8de5b206d3b25924c717ac57a8b0c8a2cf3d189b6a8451d0b8f4ffd3cf
21b3ed85c9ad38d83cd2fecfaa17d4f6c645314585aa8cfc27f32e411b6e9ca3
2221b570f47d77db7465b55907eddc1295c1a78ce43d36d2e6db2089140b6669
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23665151a78275188f6b6c5095b7eac1d786f241486fde657b9896e2d2445f44
2476db472bf1df970adab62d57f3a0b552319b91459a39a728b10130ed10c817
2497f94d8a997612d5da2ad1d85dc3e430771037e23c2d9c9a89379686ceccac
2577c6353394825cde34bf937dbc4905d99980176a2ca273521c320b7a16c4f1
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5
285489efae847a15226d6c6e35a17a7ea953985b6cdd7803c6b8fba0c20ee7d2
28e332b169942af1515d3eb1c40391556421cd1a8c56f07481e4d43a8c7a015e
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29637e0647104ccc5d5583e652db29ce99e947c858c3d9502960e7ea7f1aea19
2a839621c1886d7c86ec6680054bd432692ec394766f2b1e69c5d7210f0a4944
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
2eee0f492605d1aa4640594f1de0a26e880c9ebc6ee795b21be80f95fbc60dbd
2eee1727c59c542a9e8cc0d1ebbc5f8a458694c79281c092bd04c01d7fd785a8
2f416fde3bc2645024530e06439f3902aa96fd9c6d8226043bb28de43a915ba8
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30bb8ba72aa0d150fb6b35a08c33514bdbe7a1f50c519337a3c105c36f831f21
31ec7d46cee916a8505844cc58cc3b037b78a47e01f6271be3054c75509da27b
347c1d3cab9bbcdcef0b567589f6625907df389c2010199fdd2ecfc17822b337
3557e85820c5b6af8b1f10bbd07b503a8460232b8a7ba5d678c1b379b2dfb764
35aa6009a5e9c65ecc00c19fa23c0556808d65876fead02712c88a1d27f14c0e
361b138d5ee8745e6d460be4dbb1c94e4bd4071bd5d224efdf11fab3ba11beaf
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37dd3f81d56e973482fac4b1177139f49e37a905906ff44d768baaf536d021ea
3a52b590311733cb28ef8c3922b5c24bda2efbd17a25f2b41814d5dc6f4c3065
3b0209841325362235c221628e471145726897e4e1c9b210b6e6b2217fdf2ee8
3b9b7c1072cdf9a8d408829791cdfcf4b829805c2240306d3c1df8a5e4d2b086
3baa42091ee722317dcb034639cc281be403e818cb2c8b6d3d88d14eed031092
3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e12e6fb7eb2c81584c6bad15afd83e91087610147839259815fec741941dcd9
3e18d0e3dd548e9745884578e3cd9f0a492ddbb6f3b797db364b45bb16cadfb3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2cf5f857c617761a251ceef8f6ed452a7690e21f16eff0a70dddf9beea8633
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4110e794b9f0ef266dc7cd502267e9216e2f06d38ac922200e642eafd2668545
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
43935402f95c6e02452551eed170ad4ce21cd71f18dedc5efddd21ed1deca984
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
447116752f524648df509ea00c19e8f8c02e6d8d2e222a3bd6181da27233b173
44e6e446b0a9cedfa57f468b85238b9f00f558808f7f945919bce762b99ed46a
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
46a9ddb1f206a46900872e0a832750ae06925528f81883a3d3517fdb42aefb6d
486bcf8532c028937fb68a57bcf22a6e0862c8e1ab157ea639979d0f7ea9b74d
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48be07dfd1a666195c80c87418811f01201d31a9ebb9fc3cad125cda8d9772b4
492224013d17408b4a5b6d50d78522d194c31f80ee8488407a3a37d66093ce53
49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39
4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
4a10461ab57652e802d25c8c0be3895be08320b90f91a8b6adaa08a38b4e06f7
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba5146eb33e639576b0befa39a523230a21b504b6a68f57bb1a32ea9b514c23
4bdfcca8797010048ec7533490657d7c761e5dbe99899763c0d06af5197bb367
4cc197290ecff661a1d3cc1e88cbf497ff7d88b3a0463731cfecc7a16d88da87
4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8
4f05698200dfffa9a5a6c26b895ee141e438f5b6ebd132b5388329a47397b1e3
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4fb846048afd0ee79141b669572402fc0a024d937c00977e124405d11cd319fe
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b
536886986ff7dd4a2cc4ceee9e5a286cd4fa8346573a8b7564cc1293ba5ba43e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565b9076d7629a85fcd1ea6c5c0b2af1bf01c93777f0d6ef0c11fbacaa8e79b6
56f8838a24cb0cc47dc34a19d6b84d6ce8bf8086b1682bbb990abc13b1e2da65
571479d52cd675db5573fe46973c62cba6d8224a76136fcefeb90f7dc42a6391
589c712d7b907e04091742bd2693558a4d4c7f1242c44e86d2cb120ce4733562
59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282
5a0de354b6dce6d594f490a1f11bf5aeddd0b79780f141cac81bcb7912449cf1
5a71e07d75755fbb9620b855e8a012d96d7c347affd20be53351b7479c91ceee
5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c
5be5b0170ad4bbd2be91182d137933e7de9c7e86b09ec855a4bac015ebfd746f
5c5dcbdd805b4603a4ac478d0e3966033767767309ac8eb2ddb6a1aea68ad2c7
5d5cf5a4a5b7c02915bc261dca0c755d29beda0c0c3a005c78c1682c9934bb3c
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
60efd9b5d5d9557075a7bf18b1b4236d6577d194fbec632589ec057a036a1a3b
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
610819a0c480519aca0afac1e47abea6b114c732c7f5ee04ed2bd517a6bc4687
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
6174614943cc715fb5609ea621a35abe26099e0c4ba20fd2ca5418cd0d86c9d1
617e0f9fee7ef0ca891735246b4b5a61caa3622db4a4256685b061c9f43bd053
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235
62e15c717c858b539583d56df60087d0f0851a69480f52e5637a50fd60d1e53e
655564f3a2be989067e2cb2c6bc9995a55ae13ec9cc0d0c3dc128961faad15e9
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b1a91c2830ef988ff15a3a44c338980e5766187a83383fc14c73ab613c7b10d
6c31dcc878ab2e52cea5f38b4c3f1d1cfec4dbae070da4e460b336b3705bc423
6c3e24399a5d167653c25e149ea5e71d76c00a4977c90cce5156700547506d0f
6e48a7189c3b0ae00291829a74699f8f475018a7e15108f9f68be45ba6d1fbaa
6ea921a03b41e41e09625aae3b262b6475bf7b881c2f1582bfb7d694fead1936
6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a
6f6da05bc856483fa1396166d53bfc51a1ce7cff6b72946d4f3bbe51f493b501
6fce0dbbc989e2f852d8045ea7aaa7db852aab75caef08e0cac9bf3205dff02f
704ffc62ab738cf2442ffaf8bf1bc7e97503373b65860c070a15d758b9b9bd44
70826f84a0322d5b7899932c0ab411af722cb426d6eb456840149ade7140312b
7200732666cad7e17b06c3adefa0f0aaf80e21abf925229038ece9c54fb2419f
7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3
73f27d4243718efdda113078a6c3c882f42e5e7372326fe25ed2d410cbae7aae
7475f5c70d3b6020b6f4621b2e69fba3360bea00a913e60b085af165b93842ec
75a831522065e9fa96d424797593491860618d31c45719d56372936f68c5d376
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207
790ec30d324db549e4f6f3c493251e6e7d4337f0abb13c8e8873fff8b7b235fb
792fb52d8c1252f530303e595491d84e11b979630ad00e000924e326795bf664
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
79976aaa95264ee9d558115794253d31d5b0039a0b6c6214f27188f69af0fbd6
7a2d9b62461bbfb708bef91844bff419c1c256b7b75fad44cada8ca32ed71ac0
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7d16d8c774622dc1ac4a717b9c7b2e115642b28d051910c32b70c94500f2535c
7d91c04c657709af03f6dad61d375c3208d18ab5ff7851c2472007dc05201342
7f285000f74e5fef5cf2edfa7c1383a3a3f2472362d4a4e9eb5297b006c90b7b
7fc88c65d46e83b3f3e9f098f05fd639480332fc3718cd714725e2e4633af4e8
807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752
818e955a10408a60834128ed12cd59839c29d4a9bb8efd81c3ca468adc91554d
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
8269feb369289aa0cf645157f0afead8d0d8cb30851407095aa8fa17ca215b3f
82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391
8305d86074fdee76ef38a7e264f3ac0bfab4051d8f13625b4bbd5396120b1fe1
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
831efce211342ecfc80a2112ff2f527c0b70ac2cae0b330f33ac619faae1e427
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377
83a366075eb2387c6d9f848f42b08df0546027333eccf5813edf95ba45709be2
852cdf8021fd4c2e8a34887e38d418c3bba54c9b2c34a793f285cc5881190042
8538e514bd21fc58bf63d7b8a1f66a07db8fb02493a27d18d45dd5ebbb695b39
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
85c33811c2b04e4e02babe2fd6bd7ac0035f93e95827116429bbda2cf9c6c95d
85db95dbe15c810a710ca6d9094a2a29f2eeea05791cc7aaab7af8939684b978
86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a
86a30f8e9db11bbae0c635e28ecfc851adf400bc0dc8643cea492c95abb99f76
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a
86b1750ac3fa82df8295e51912887cc0f10833802b17dc1f76a31293f7ecf049
87b2408523892f375c00a9d521c67f6eb516ecac25c479a7b15705bfab08fcd3
88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf
8a0646b12ea59d7656a051907b017a14742cbdcadf125034714b1e22750a8f35
8ad31e4e2ca36d66a9484937b76f003c8534d205da98fc90fe9d8fb7706e043b
8b3268e2ce0d2967367801ae12fdcbbb1aa50ab8d786d901530867214b67f04a
8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8dc40a5096530714279199bd98ffbe44f3108bf9dd183ec74d85f69705d86e25
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8e94e13ad10fa95b0ed2a469a007a5f791f47a3d4a02e41cc2a7f5411e38e66e
8edcf5bd609aef18638950de010699cd2765ef88aba3d019feb51a4271807662
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9325e7ffee12aa958b1d3fa602493849cd5d088b0543960badbedb73a1c89640
9431bc6d1a6d036a70c92dfc9000d7965f939671a59705bdd01c3e652048ed9a
966f96855c4351231abe34a8db168a6b61b019ef81aa83da8274e3b22a478142
966f9fd55fdfe4749f7730e25d50c8eaac0c6bc4b1c7c07af3fb56c6d83cc4f2
96840d8bad80f92a013bab64796aa1a29ae6f08e8b5d519e25f37877098b391d
974feb3b255709419aa9d75228aee116a3a57e4fec91ee42cdceea855b198530
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99fb44926cfb6a14310349c6946fd5e706c5928930b568315756956b821885c5
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d03ab991fd2d04a374563e3316657b1356d756ab7e7d7e39740ad02006b7546
9d9c5a638d4f925cddf5ea53a4624552513d1054c033caa1c49715d1fe6e5a61
9f1bb4aa06f4029ccb133cd00a37850d6973072aab9edb957d3a8e4c2370e680
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e0384ee1851cd8d984d13169d84e99706bf852fd4786735f50310e4d0aaa5e
a2bd43c80adc73ae26472a90ec3bd9df44a5b7d2dafb133b8660efd800c719b1
a370f09d7f12e15f17829c3f4468d7ff1d1f82cffc33fbf41db75969c190adf2
a3ef2d596e4a421cff31af19575909b29aa4737d7b260828aee1908ad257a0c4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a581f4bb1e5cc6f9178706e3aad487ac8dd1f404a2f48815a3dcf195c278c51c
a71fe8d26011757be6f1db9efc2ba1a4d877ebc940082e4058a92b89685155b2
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a752705baaf1b6424744a68ce4aeeda0cb4c8c12f63fe609cca51c1e580dda69
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a7f6aaedefa82a0db2f77aff1394cfc3eb2800b5477c12afdde8a4e8d64d2d13
a8a53f78dbd870a2f47fbf1a89b8d1b947758d4e7f9509743a1dc42f53de6e27
aa021bcbfed90971e1173fa412b9daa0faac50fdeab902c92a3e80bba3b202d0
aa3b9513abbbf65a2c8483122648fce1b39b1afa2a69bdf863242f1411baba58
aaf49a78a06ee0bda3017946fcc5c59c798dbfcc936807f1e91b7ef4ccb21c74
ab02478ea267964e5a65448b48c29cdd2fd8a531e0c44b095d2bc80a4553ee88
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad1e6142ee4942d81f5db672be8ecbe0a3252751e92ee31d1167426fcb3b3f9b
ad98ad9971cb4a2f1d506dd85fd8bd6cf1f4962c93d8f9103e2f2b9da8b5a408
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e4127515ea0d575286a02f2874a742c146941d845b7828d47d13adce0dc56a
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b34a51e8ad2166238f42c99d4d580fc5f874eb96520fcb1e2debe57557d5d544
b4cd6d57f9eb84815dea256708e4f5d90917e9f80a53b0253aeeae32b816b727
b530b7a174b5a22906440ec7ecc1bcc1232b34bc4f9ade2e3af37563f888fa5d
b58974732a545c1e5ba8085524ffe1cb806c0429b8681809d7dee4626f942482
b5cc046d527d8c9f1e156a7c783cb596ff7e0f642138d2c11f7d7dba870a5f54
b5f629456e28910d5f2bfd507f1b6f613f66fe81666b59ecd37270c5b9bd73b1
bdc6274ba55886f9e0baacec3eb367365667ce5e7da13a944e5c874f44b6358a
c0425991aea95d11c71e8d494da23254108a00c1b16fb494d5e8655caf509434
c11257bf22776c9a017bc84b08b955bc94fa7d565ad1b93392e88f0808bae71a
c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34
c1da348f81e7e30c5c1af36261d4b08be41572c5f477475d9801149038a230d3
c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c46974d8f6030e4888708b18a5d9a32b25eb765a5708896e1899df449d87aab7
c50eda4f287a72269433f0ec80a2b0c2cdf4cd6c476314e6478d0470cc0e32ee
c5715caa0a3f5073843724c9ccd1dbbd869a3531e660f852537a7b7e2899e3d5
c60967dbe32c86d524205902b7e9f3685390d14e8f5058e118b77defcc0a6483
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7c6c412ed461120e368f1ae82a9576a01b37bf5da8cd65949974bec66f444d1
c9a35e6a04a65ef59009f7f48fda051d802dea8c7814533ba432b6477410c9b0
ca236f7d5fe2787b0e62488e7593881094efaf7c3b220621e7de82eb2141cd62
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a
caea4e756c22ba0cce91e5f837ad86d7711258268004f7638877a2d3eae5434f
caf71c4b20c2974a558237d448519dc53f5faf447af1c055f86effc4c5a07203
cb52c9b5c6b4f30eb9580d4414ecd97d408ffb0579fc9792f379da7e9e43221c
ccf737db735abc5f02779e381e068a79b6ef8b3e7cdc6215df923f470ffcd70d
cd1f09b50a60b60fde16c1c923e1d9ff79e629104596f7c5b2fe1997a0dc526f
ce02a171fe79c0155c0e09b826d4e6542ab09be711d05cf4d75d569622a9d24c
ce8beb4b5a3b9e7da71655922c936c9848e8253be8e42407a40825e8354fb01a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff3ff7513a42187f914df965c0006c8756f549dc13ffb64540767042902a748
d0406558b344f6b641478db2a64ef61e08ff2737ead53ea5270eb3ecfcd20389
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0ef936654ba84031c1ef90617069aceaab3dac1dd0912b76ebd449f9a566e55
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3
d42ba629a2a59bea0220491a8b229d37f69f34b95645bdd00df5116b0456a7dc
d574ea3f744818bf42eb39c6ae49bebf0b7134e722d9dd9c3a2c500b79672cd9
d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d956b6ce9c7e3d36b4197a9d0ea8c55f6c25b41ed54e0e26929a8f0aa81875ea
daae99d1018824ce99b27667cd67b2ae91ad83f40d112007a28633bd4b2d5b78
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de24551bd4396fc8579b2d87ce01944553dd48fb52775d14373725a50efa0c37
de5e37739b5797e8ba9dba4a2dcb65f37c36a65fe839cb306162e21c74ba166e
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
df4dfce91360eb1c6782869a1c8965e522b5f50eaf76ac527fe176db6f371251
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e312bc18779e0d9c6626ee0bdb426676ebb2835346604c114191b3ffe4251527
e336ff50623cff960c2396944be4392139f63dcc032e5f3428d81489fdfe697a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f757f073933aea8a3bc1519a2b7e394435e1bff2dc858b78af04e0bdd46723
e42808d7e52317336b8ce5e70efec1e44875ab17d58f9a3640bace9b7e314950
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6329f9da8bd73d7da639e22374d0fecd0cf7107ada14f3e7e38b5fb62617a06
e63be51821eaa46045883265953a319988d8695814e1f433a659b672a19fe9ac
e74b9cb9d8871d300d2a1d36ce2cd00dfbfe0c5d8066d1d415c4ce620a919d47
e8830a414dfeb4c0e0f519d3419f69849df9226f329357c938333dbf2c956f63
e8f2f9ba1bdb262792fd853e2877f98091c07d8e890d8ca26061b85d51393caf
e944e6d1b0904bc0c1298fe828ec727bc6a9b46f0b4799e197a1a2acc46fb685
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed5a952026b3c54b85fb53b4a1e373c8aff2c0e6d7296aeccd59b97c4e3bd846
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc6b995a3b037727a4c8e7fe1756c192099f9658c4091ee55c61d3ba85e3920
efccafbe21debef975f722e55c576a5ca89d67f343d24567e208df6143ffd4ac
efdbd8582066a12cf45115f1e150d2a8de06bf6b14db3feca98b116efeb9e0bb
f083f996f1669df92ddb29cbd4772a8f37f57a03ebbedf8fc98bcc77cbe91de5
f1992550b49b64ca79e34f8f3ae5990485cb4e14da285591a6c8e550082e3e06
f277cc840da33f2e4731e6b3e5403d7bdcaa299304aa61452deb63e297a8523b
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f361e4e65a7a976138264bdc40a474a13f61406c5c304e5acd7ad087e487e0ef
f3e8f1f5163b712a260f0211d88ccb0973003057ea14c3c18997c3a5d8259e0b
f44d481ead8051ef5e202177f9836d2dd6429a5b5e3d70157b7331398c37e9e3
f4daab968eb3ea9e6820544f46f5002c21148f60e370e97de1748f2832e676fd
f5927303a36e95318f327a42fb9c64be3d93cb3833fde9642e4d333d655ef79f
f59bf314ed9b4f7a0d58529459e9ba5b955885e91fcde208063bdcd9d0a80f1e
f5ac0a25f564c900dd08e75387d380313ab30b3dcc5de1b1ca3def04799b2bcb
f6b352979b0153deb67020a332f179fb99a0822040de5e019af272c2920192b1
f74c04529f8d5f9c248eda87caec654de5e5c61dd40e9ac4696b026d2841b131
f8ed2c0ccc0e4f4763e7a7a27a335fbcf6781898a149442e849b7f213e042ea3
f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d
f9d9e96c4439beeca49a1a10f9dffe6f5cd0b604d13aa13af170d0bc62d8ca1b
fb61f126d2ec956839488827305b92350ebbe1f1aff9c971b6144faf755f7088
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fcdcbbce0aef5215c568c1562d672cce64aaefbd8ae7fed87c82dff32c360481
fea322f456810170b635d0be50c4878688dfa63285f79768823c69a85626942c
ffb2f622f9247cb84acdccc2a89a9e2f74e3d183aad3484589d8a0ffaddc35b1
ffcca73fcf57a9104b8b1c23c45b32b01994b657acff47a8b8737a51b5049657