urlscan.io logo urlscan.io
SecurityTrails logo

www.wired.com Open in urlscan Pro
151.101.130.194  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Submission: On September 19 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 132 IPs in 7 countries across 127 domains to perform 543 HTTP transactions. The main IP is 151.101.130.194, located in United States and belongs to FASTLY, US. The main domain is www.wired.com. The Cisco Umbrella rank of the primary domain is 6979.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q3 on September 2nd 2022. Valid for: a year.
This is the only time www.wired.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
25 151.101.130.194 54113 (FASTLY)
1 14 151.101.0.239 54113 (FASTLY)
6 2606:4700::68... 13335 (CLOUDFLAR...)
11 2607:f8b0:400... 15169 (GOOGLE)
24 23.64.61.169 16625 (AKAMAI-AS)
3 13.224.205.195 16509 (AMAZON-02)
3 23.64.61.6 16625 (AKAMAI-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:600... 54113 (FASTLY)
1 3.95.43.37 14618 (AMAZON-AES)
6 151.101.64.239 54113 (FASTLY)
2 2606:4700:440... 13335 (CLOUDFLAR...)
3 18.217.94.233 16509 (AMAZON-02)
3 13.224.214.111 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 54.85.209.9 14618 (AMAZON-AES)
1 13.224.214.16 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
5 151.101.128.239 54113 (FASTLY)
2 151.101.192.239 54113 (FASTLY)
2 13.224.202.36 16509 (AMAZON-02)
3 2602:803:c002... 26667 (RUBICONPR...)
3 26 104.18.18.126 13335 (CLOUDFLAR...)
4 52.4.33.45 14618 (AMAZON-AES)
3 16 35.244.159.8 15169 (GOOGLE)
2 34.107.148.139 15169 (GOOGLE)
2 74.119.119.129 19750 (AS-CRITEO)
1 13.224.214.30 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
4 13.224.208.35 16509 (AMAZON-02)
2 24 52.36.124.159 16509 (AMAZON-02)
2 6 2620:116:800b... 14618 (AMAZON-AES)
1 2a04:4e42:200... 54113 (FASTLY)
1 13.224.214.105 16509 (AMAZON-02)
4 2a03:2880:f03... 32934 (FACEBOOK)
1 34.120.253.250 15169 (GOOGLE)
1 2620:112:f002... 6336 (TURN-US-ASN)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
1 13.224.214.63 16509 (AMAZON-02)
2 35.86.50.147 16509 (AMAZON-02)
1 13.224.214.70 16509 (AMAZON-02)
4 23.49.248.25 20940 (AKAMAI-ASN1)
1 2600:9000:20e... 16509 (AMAZON-02)
1 23.64.61.104 16625 (AKAMAI-AS)
3 5 13.224.214.36 16509 (AMAZON-02)
5 11 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
16 35 142.250.176.194 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
5 9 107.178.246.49 15169 (GOOGLE)
8 14 3.33.220.150 16509 (AMAZON-02)
11 2607:f8b0:400... 15169 (GOOGLE)
1 13.224.208.178 16509 (AMAZON-02)
2 17 52.46.151.131 16509 (AMAZON-02)
1 44.209.73.62 14618 (AMAZON-AES)
1 151.101.193.140 54113 (FASTLY)
4 34.98.72.95 15169 (GOOGLE)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 13.107.42.14 8068 (MICROSOFT...)
1 3 104.18.101.194 13335 (CLOUDFLAR...)
2 75.2.40.13 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
16 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
2 13.224.214.103 16509 (AMAZON-02)
2 52.41.193.199 16509 (AMAZON-02)
1 1 34.228.96.109 14618 (AMAZON-AES)
25 44.194.129.7 14618 (AMAZON-AES)
10 2607:f8b0:400... 15169 (GOOGLE)
3 13.224.208.192 16509 (AMAZON-02)
1 13.224.214.119 16509 (AMAZON-02)
2 70.42.32.255 22075 (AS-OUTBRAIN)
1 13.224.201.38 16509 (AMAZON-02)
2 18.232.234.45 14618 (AMAZON-AES)
5 13.224.214.53 16509 (AMAZON-02)
2 2620:100:a001::4 19750 (AS-CRITEO)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 44.240.10.58 16509 (AMAZON-02)
3 3 68.67.179.164 29990 (ASN-APPNEX)
1 12 2600:1f14:426... 16509 (AMAZON-02)
2 3 8.28.7.83 62713 (AS-PUBMATIC)
3 3 34.237.73.49 14618 (AMAZON-AES)
2 2 34.227.179.190 14618 (AMAZON-AES)
2 2 69.166.1.12 27630 (AS-XFERNET)
7 12 8.43.72.98 26667 (RUBICONPR...)
1 2600:9000:20e... 16509 (AMAZON-02)
4 2a03:2880:f13... 32934 (FACEBOOK)
6 2607:f8b0:400... 15169 (GOOGLE)
1 3.95.113.43 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 142.251.163.154 15169 (GOOGLE)
2 13.224.214.109 16509 (AMAZON-02)
12 2607:f8b0:400... 15169 (GOOGLE)
1 34.194.161.83 14618 (AMAZON-AES)
6 23.78.168.242 16625 (AKAMAI-AS)
1 3 198.148.27.140 19189 (PULSEPOINT)
2 6 54.175.87.114 14618 (AMAZON-AES)
1 1 199.187.193.181 47043 (SMARTADSE...)
6 8 68.67.160.24 29990 (ASN-APPNEX)
2 2 35.71.139.29 16509 (AMAZON-02)
2 52.24.177.43 16509 (AMAZON-02)
1 1 13.224.214.125 16509 (AMAZON-02)
1 199.250.162.129 26459 (TTD-ASN-01)
4 2600:1400:d:5... 20940 (AKAMAI-ASN1)
3 2607:f8b0:400... 15169 (GOOGLE)
10 10 151.101.66.49 54113 (FASTLY)
2 5 2600:1f18:4e9... 14618 (AMAZON-AES)
5 2606:ae80:145... 26762 (CNVR-US-EAST)
1 54.200.124.182 16509 (AMAZON-02)
6 6 74.121.140.14 30419 (MEDIAMATH...)
2 13.224.214.35 16509 (AMAZON-02)
3 3 207.198.113.87 13768 (COGECO-PEER1)
3 3 54.172.188.135 14618 (AMAZON-AES)
3 104.18.19.126 13335 (CLOUDFLAR...)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
2 3.129.159.219 16509 (AMAZON-02)
2 2 50.16.197.56 14618 (AMAZON-AES)
1 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 142.251.40.198 15169 (GOOGLE)
4 142.250.65.194 15169 (GOOGLE)
1 1 8.43.72.97 26667 (RUBICONPR...)
6 34.111.8.32 15169 (GOOGLE)
1 1 23.208.216.126 16625 (AKAMAI-AS)
1 52.94.223.167 16509 (AMAZON-02)
1 1 52.3.25.241 14618 (AMAZON-AES)
1 1 31.220.27.135 39572 (ADVANCEDH...)
9 10 70.42.32.63 22075 (AS-OUTBRAIN)
4 4 199.38.167.128 54312 (ROCKETFUEL)
1 2 51.222.39.186 16276 (OVH)
4 34.117.228.201 396982 (GOOGLE-CL...)
1 34.120.155.137 15169 (GOOGLE)
14 23.195.100.26 16625 (AKAMAI-AS)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
4 4 23.48.25.35 16625 (AKAMAI-AS)
2 10 23.52.167.93 16625 (AKAMAI-AS)
1 4 2620:100:a001::c 19750 (AS-CRITEO)
4 4 52.45.55.227 14618 (AMAZON-AES)
2 74.119.119.150 19750 (AS-CRITEO)
8 8 35.211.178.172 15169 (GOOGLE)
2 34.199.73.116 14618 (AMAZON-AES)
4 4 35.207.24.140 15169 (GOOGLE)
1 13.224.214.101 16509 (AMAZON-02)
1 13.224.214.47 16509 (AMAZON-02)
1 1 67.202.105.24 32748 (STEADFAST)
9 13.224.214.3 16509 (AMAZON-02)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.244.42.195 13414 (TWITTER)
1 1 34.111.151.213 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 204.2.255.224 2914 (NTT-LTD-2914)
2 2 185.167.164.37 198622 (ADFORM)
1 1 104.36.115.113 62713 (AS-PUBMATIC)
1 1 174.137.133.49 27257 (WEBAIR-IN...)
2 2 34.239.109.150 14618 (AMAZON-AES)
2 2 2606:4700:440... 13335 (CLOUDFLAR...)
2 2 35.190.52.204 15169 (GOOGLE)
1 1 2600:1901:0:8... 15169 (GOOGLE)
2 2 184.86.229.123 16625 (AKAMAI-AS)
1 1 4.78.226.224 3356 (LEVEL3)
1 74.119.119.139 19750 (AS-CRITEO)
1 1 54.162.244.84 14618 (AMAZON-AES)
1 1 100.24.249.189 14618 (AMAZON-AES)
1 34.197.122.29 14618 (AMAZON-AES)
1 2600:1f18:659... 14618 (AMAZON-AES)
1 3.220.58.99 14618 (AMAZON-AES)
1 2 192.35.249.120 11742 (SPOTX-IAD)
1 1 146.59.148.16 16276 (OVH)
2 2 64.58.232.176 13649 (ASN-VINS)
1 2 64.58.232.177 13649 (ASN-VINS)
1 142.250.72.98 ()
543 132
25    151.101.130.194 (United States)

ASN54113 (FASTLY, US)
www.wired.com
14    151.101.0.239 (United States)

ASN54113 (FASTLY, US)
media.wired.com
www.architecturaldigest.com
www.glamour.com
www.teenvogue.com
www.them.us
covers.conde.io
6    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
11    2607:f8b0:4006:80a::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.ca
24    23.64.61.169 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-61-169.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
3    13.224.205.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-205-195.phl50.r.cloudfront.net
c.amazon-adsystem.com
3    23.64.61.6 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-61-6.deploy.static.akamaitechnologies.com
js-sec.indexww.com
1    2607:f8b0:4006:80a::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
apis.google.com
2    2607:f8b0:4006:817::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
news.google.com
1    2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    3.95.43.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-43-37.compute-1.amazonaws.com
segment-data.zqtk.net
6    151.101.64.239 (United States)

ASN54113 (FASTLY, US)
journey.wired.com
www.cntraveler.com
www.gq.com
www.vanityfair.com
pixel.condenastdigital.com
2    2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
3    18.217.94.233 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-217-94-233.us-east-2.compute.amazonaws.com
mb.moatads.com
geo.moatads.com
3    13.224.214.111 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-111.phl50.r.cloudfront.net
player.cnevids.com
3    2607:f8b0:4006:81e::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    54.85.209.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-209-9.compute-1.amazonaws.com
infinityid.condenastdigital.com
1    13.224.214.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-16.phl50.r.cloudfront.net
ats.rlcdn.com
3    2607:f8b0:4006:809::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2607:f8b0:4006:809::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)
8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
5    151.101.128.239 (United States)

ASN54113 (FASTLY, US)
www.allure.com
www.epicurious.com
www.newyorker.com
pitchfork.com
www.vogue.com
2    151.101.192.239 (United States)

ASN54113 (FASTLY, US)
www.bonappetit.com
www.self.com
2    13.224.202.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-202-36.phl50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
3    2602:803:c002:200::42 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
26    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
as-sec.casalemedia.com
4    52.4.33.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-33-45.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
16    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
condenastus-d.openx.net
u.openx.net
us-u.openx.net
2    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
1    13.224.214.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-30.phl50.r.cloudfront.net
geo.privacymanager.io
3    2607:f8b0:4006:80d::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    13.224.208.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-208-35.phl50.r.cloudfront.net
d2c8v52ll5s99u.cloudfront.net
24    52.36.124.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-124-159.us-west-2.compute.amazonaws.com
dpm.demdex.net
6    2620:116:800b:21:b08a:1dc5:659b:4055 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
1    2a04:4e42:200::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    13.224.214.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-105.phl50.r.cloudfront.net
ak.sail-horizon.com
4    2a03:2880:f03a:1c:face:b00c:0:3 (Minneapolis, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    34.120.253.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    2600:141b:13::17d7:82d1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    13.224.214.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-63.phl50.r.cloudfront.net
cdn.memo.co
2    35.86.50.147 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-86-50-147.us-west-2.compute.amazonaws.com
a.ad.gt
1    13.224.214.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-70.phl50.r.cloudfront.net
static.hotjar.com
4    23.49.248.25 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-248-25.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2600:9000:20ed:ba00:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-magiclinks.trackonomics.net
1    23.64.61.104 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-64-61-104.deploy.static.akamaitechnologies.com
amplify.outbrain.com
5    13.224.214.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-36.phl50.r.cloudfront.net
sb.scorecardresearch.com
ads.scorecardresearch.com
11    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
35    142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
cm.g.doubleclick.net
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
9    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
14    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
insight.adsrvr.org
11    2607:f8b0:4006:81c::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
ampcid.google.com
1    13.224.208.178 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-208-178.phl50.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
17    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    44.209.73.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-73-62.compute-1.amazonaws.com
pbs.getpublica.com
1    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
4    34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
3    104.18.101.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
3    2607:f8b0:4006:81c::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
googleads.g.doubleclick.net
16    2607:f8b0:4006:824::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2600:9000:20ed:de00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    13.224.214.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-103.phl50.r.cloudfront.net
script.hotjar.com
2    52.41.193.199 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-41-193-199.us-west-2.compute.amazonaws.com
condenast.demdex.net
1    34.228.96.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-96-109.compute-1.amazonaws.com
cm.everesttech.net
25    44.194.129.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-129-7.compute-1.amazonaws.com
capture.condenastdigital.com
10    2607:f8b0:4006:820::2006 (Rockville, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    13.224.208.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-208-192.phl50.r.cloudfront.net
dwgyu36up6iuz.cloudfront.net
1    13.224.214.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-119.phl50.r.cloudfront.net
vars.hotjar.com
2    70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
1    13.224.201.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-201-38.phl50.r.cloudfront.net
cdn.parsely.com
2    18.232.234.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-234-45.compute-1.amazonaws.com
elsa.memoinsights.com
5    13.224.214.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-53.phl50.r.cloudfront.net
dp8hsntg6do36.cloudfront.net
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    2606:4700:20::681a:b19 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    44.240.10.58 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-10-58.us-west-2.compute.amazonaws.com
p.ad.gt
3    68.67.179.164 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
12    2600:1f14:426:3f00:f108:c7fb:5062:bafe (Boardman, United States)

ASN16509 (AMAZON-02, US)
ids.ad.gt
3    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
3    34.237.73.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-73-49.compute-1.amazonaws.com
match.prod.bidr.io
2    34.227.179.190 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-179-190.compute-1.amazonaws.com
ad.360yield.com
2    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
12    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    2600:9000:20ed:fc00:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)
pxl.qccerttest.com
4    2a03:2880:f13a:83:face:b00c:0:25de (Minneapolis, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
6    2607:f8b0:4006:808::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
www.googletagservices.com
1    3.95.113.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-113-43.compute-1.amazonaws.com
4d.condenastdigital.com
1    2607:f8b0:4006:808::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
ampcid.google.ca
2    2607:f8b0:4006:81e::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
2    2607:f8b0:4004:c06::9b (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2607:f8b0:4006:81e::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.ca
1    142.251.163.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f154.1e100.net
bid.g.doubleclick.net
2    13.224.214.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-109.phl50.r.cloudfront.net
choices.truste.com
12    2607:f8b0:4006:823::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    34.194.161.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-161-83.compute-1.amazonaws.com
p1.parsely.com
6    23.78.168.242 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-168-242.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
6    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    199.187.193.181 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
8    68.67.160.24 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    52.24.177.43 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-177-43.us-west-2.compute.amazonaws.com
id.hadron.ad.gt
1    13.224.214.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-125.phl50.r.cloudfront.net
aa.agkn.com
1    199.250.162.129 (United States)

ASN26459 (TTD-ASN-01, US)
va6-bid.adsrvr.org
4    2600:1400:d:598::4469 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
3    2607:f8b0:4006:81d::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.com
10    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    2600:1f18:4e9:5a02:de18:75cd:f3b9:7bd3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
5    2606:ae80:1451:19::1400 (United States)

ASN26762 (CNVR-US-EAST, US)
pulsepoint-match.dotomi.com
medianet-match.dotomi.com
dclk-match.dotomi.com
casale-match.dotomi.com
1    54.200.124.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-124-182.us-west-2.compute.amazonaws.com
pixels.ad.gt
6    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    13.224.214.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-35.phl50.r.cloudfront.net
check.analytics.rlcdn.com
3    207.198.113.87 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    54.172.188.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-188-135.compute-1.amazonaws.com
sync.crwdcntrl.net
3    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
dsum.casalemedia.com
1    2606:4700::6813:ad6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
2    3.129.159.219 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-129-159-219.us-east-2.compute.amazonaws.com
sync.adotmob.com
2    50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com
loadm.exelator.com
1    2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
1    142.251.40.198 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f6.1e100.net
ad.doubleclick.net
4    142.250.65.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s72-in-f2.1e100.net
googleads4.g.doubleclick.net
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
6    34.111.8.32 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
events.bouncex.net
dfp.bouncex.net
1    23.208.216.126 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-216-126.deploy.static.akamaitechnologies.com
su.addthis.com
1    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    52.3.25.241 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-25-241.compute-1.amazonaws.com
fksnk.com
1    31.220.27.135 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
10    70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
4    199.38.167.128 (United States)

ASN54312 (ROCKETFUEL, US)
a.rfihub.com
p.rfihub.com
2    51.222.39.186 (Canada)

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net
onetag-sys.com
4    34.117.228.201 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 201.228.117.34.bc.googleusercontent.com
rtb0.doubleverify.com
tps.doubleverify.com
rtbc-ue1.doubleverify.com
tpsc-ue1.doubleverify.com
1    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
14    23.195.100.26 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-100-26.deploy.static.akamaitechnologies.com
contextual.media.net
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
4    23.48.25.35 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-48-25-35.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
stags.bluekai.com
10    23.52.167.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-167-93.deploy.static.akamaitechnologies.com
hbx.media.net
cs.media.net
c21lg-d.media.net
4    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
4    52.45.55.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-55-227.compute-1.amazonaws.com
pm.w55c.net
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
8    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
2    34.199.73.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-73-116.compute-1.amazonaws.com
dmp.adblade.com
4    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
1    13.224.214.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-101.phl50.r.cloudfront.net
fr-actions.trackonomics.net
1    13.224.214.47 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-47.phl50.r.cloudfront.net
trx-hub.com
1    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
dp2.33across.com
9    13.224.214.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-3.phl50.r.cloudfront.net
choices.trustarc.com
1    2606:4700::6812:a4f (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    2606:4700::6812:c4c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
1    204.2.255.224 (Bear, United States)

ASN2914 (NTT-LTD-2914, US)
aep.mxptint.net
2    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    104.36.115.113 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
2    34.239.109.150 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-109-150.compute-1.amazonaws.com
ads.avct.cloud
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    35.190.52.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.52.190.35.bc.googleusercontent.com
tag.yieldoptimizer.com
1    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
2    184.86.229.123 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-86-229-123.deploy.static.akamaitechnologies.com
px.owneriq.net
1    4.78.226.224 (Fort Worth, United States)

ASN3356 (LEVEL3, US)
abp.mxptint.net
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    54.162.244.84 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-162-244-84.compute-1.amazonaws.com
aorta.clickagy.com
1    100.24.249.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-249-189.compute-1.amazonaws.com
usermatch.krxd.net
1    34.197.122.29 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-122-29.compute-1.amazonaws.com
beacon.krxd.net
1    2600:1f18:6593:f606:b0c3:6468:eab1:934c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
1    3.220.58.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-58-99.compute-1.amazonaws.com
id.sv.rkdms.com
2    192.35.249.120 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
1    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel.onaudience.com
2    64.58.232.176 (United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
2    64.58.232.177 (United States)

ASN13649 (ASN-VINS, US)
PTR: be31-199.crrt01.las04.flexential.net
ib.mookie1.com
1    142.250.72.98 (None, )

ASN- ()
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
57 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
pubads.g.doubleclick.net — Cisco Umbrella Rank: 437
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
bid.g.doubleclick.net — Cisco Umbrella Rank: 428
ad.doubleclick.net — Cisco Umbrella Rank: 178
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
256 KB
35 wired.com
www.wired.com — Cisco Umbrella Rank: 6979
media.wired.com — Cisco Umbrella Rank: 32567
journey.wired.com — Cisco Umbrella Rank: 70411
2 MB
32 googlesyndication.com
8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
ade.googlesyndication.com
170 KB
29 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
r.casalemedia.com — Cisco Umbrella Rank: 849
dsum.casalemedia.com — Cisco Umbrella Rank: 1306
as-sec.casalemedia.com — Cisco Umbrella Rank: 1353
25 KB
29 condenastdigital.com
infinityid.condenastdigital.com — Cisco Umbrella Rank: 24918
pixel.condenastdigital.com — Cisco Umbrella Rank: 19258
capture.condenastdigital.com — Cisco Umbrella Rank: 15095
4d.condenastdigital.com — Cisco Umbrella Rank: 18505
18 KB
27 moatads.com
z.moatads.com — Cisco Umbrella Rank: 403
mb.moatads.com — Cisco Umbrella Rank: 659
px.moatads.com — Cisco Umbrella Rank: 467
geo.moatads.com — Cisco Umbrella Rank: 668
306 KB
26 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
condenast.demdex.net — Cisco Umbrella Rank: 19976
30 KB
26 media.net
prebid.media.net — Cisco Umbrella Rank: 1065
contextual.media.net — Cisco Umbrella Rank: 559
hbx.media.net — Cisco Umbrella Rank: 1441
cs.media.net — Cisco Umbrella Rank: 1318
c21lg-d.media.net — Cisco Umbrella Rank: 1716
84 KB
23 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 6415
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232
62 KB
22 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466 Failed
token.rubiconproject.com — Cisco Umbrella Rank: 667
eus.rubiconproject.com — Cisco Umbrella Rank: 564
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 796
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
41 KB
18 ad.gt
a.ad.gt — Cisco Umbrella Rank: 3831
p.ad.gt — Cisco Umbrella Rank: 4394
ids.ad.gt — Cisco Umbrella Rank: 3454
id.hadron.ad.gt — Cisco Umbrella Rank: 4243
pixels.ad.gt — Cisco Umbrella Rank: 4386
22 KB
16 openx.net
condenastus-d.openx.net — Cisco Umbrella Rank: 22530
u.openx.net — Cisco Umbrella Rank: 650
us-u.openx.net — Cisco Umbrella Rank: 396
3 KB
15 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
va6-bid.adsrvr.org — Cisco Umbrella Rank: 1535
insight.adsrvr.org — Cisco Umbrella Rank: 624
8 KB
15 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 953
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
5 KB
15 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1358
idsync.rlcdn.com — Cisco Umbrella Rank: 331
check.analytics.rlcdn.com — Cisco Umbrella Rank: 3955
api.rlcdn.com — Cisco Umbrella Rank: 804
id.rlcdn.com — Cisco Umbrella Rank: 561
113 KB
13 cloudfront.net
d2c8v52ll5s99u.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
dwgyu36up6iuz.cloudfront.net
dp8hsntg6do36.cloudfront.net
1 MB
12 google.com
apis.google.com — Cisco Umbrella Rank: 98
news.google.com — Cisco Umbrella Rank: 5276
adservice.google.com — Cisco Umbrella Rank: 75
ampcid.google.com — Cisco Umbrella Rank: 2077
analytics.google.com — Cisco Umbrella Rank: 402
www.google.com — Cisco Umbrella Rank: 2
75 KB
11 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 432
ib.adnxs.com — Cisco Umbrella Rank: 228
10 KB
11 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1036
sync-tm.everesttech.net — Cisco Umbrella Rank: 562
2 KB
10 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 568
6 KB
10 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
253 KB
10 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
23 KB
9 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 740
35 KB
9 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 436
1 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
gum.criteo.com — Cisco Umbrella Rank: 406
dis.criteo.com — Cisco Umbrella Rank: 688
mug.criteo.com — Cisco Umbrella Rank: 2876
9 KB
8 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
5 KB
8 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 470
rtb0.doubleverify.com — Cisco Umbrella Rank: 675
tps.doubleverify.com — Cisco Umbrella Rank: 481
rtbc-ue1.doubleverify.com — Cisco Umbrella Rank: 2057
tpsc-ue1.doubleverify.com — Cisco Umbrella Rank: 1342
131 KB
7 bounceexchange.com
tag.bounceexchange.com — Cisco Umbrella Rank: 2610
assets.bounceexchange.com — Cisco Umbrella Rank: 2202
api.bounceexchange.com — Cisco Umbrella Rank: 2463
264 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
4 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
www.linkedin.com — Cisco Umbrella Rank: 623
px4.ads.linkedin.com — Cisco Umbrella Rank: 6198
4 KB
6 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905
pixel.quantserve.com — Cisco Umbrella Rank: 423
12 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 410
129 KB
5 dotomi.com
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 5704
medianet-match.dotomi.com — Cisco Umbrella Rank: 7468
dclk-match.dotomi.com — Cisco Umbrella Rank: 3005
casale-match.dotomi.com — Cisco Umbrella Rank: 2448
451 B
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 153
ads.scorecardresearch.com — Cisco Umbrella Rank: 2354
2 KB
5 google.ca
adservice.google.ca — Cisco Umbrella Rank: 13421
ampcid.google.ca — Cisco Umbrella Rank: 87375
www.google.ca — Cisco Umbrella Rank: 8529
2 KB
5 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 615
cdn.indexww.com — Cisco Umbrella Rank: 1381
19 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 911
1 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 739
3 KB
4 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 2043
dfp.bouncex.net — Cisco Umbrella Rank: 4745
549 B
4 rfihub.com
a.rfihub.com — Cisco Umbrella Rank: 2958
p.rfihub.com — Cisco Umbrella Rank: 728
4 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
119 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
583 B
4 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 883
image6.pubmatic.com — Cisco Umbrella Rank: 648
1 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 966
70 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 591
script.hotjar.com — Cisco Umbrella Rank: 779
vars.hotjar.com — Cisco Umbrella Rank: 852
74 KB
4 turn.com
d.turn.com — Cisco Umbrella Rank: 1042
ad.turn.com — Cisco Umbrella Rank: 742
1 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
280 KB
3 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 501
3 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1378
load77.exelator.com — Cisco Umbrella Rank: 2424
2 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 725
2 KB
3 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 593
2 KB
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 524
3 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 488
1 KB
3 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 492
466 B
3 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2418
tr.outbrain.com — Cisco Umbrella Rank: 2246
4 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 424
363 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
271 KB
3 cnevids.com
player.cnevids.com — Cisco Umbrella Rank: 16860
38 KB
2 mookie1.com
ib.mookie1.com — Cisco Umbrella Rank: 2340
2 KB
2 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1965
941 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 563
1 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1103
beacon.krxd.net — Cisco Umbrella Rank: 513
528 B
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 973
1 KB
2 yieldoptimizer.com
tag.yieldoptimizer.com — Cisco Umbrella Rank: 4598
972 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 826
s.tribalfusion.com — Cisco Umbrella Rank: 2209
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 2715
888 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 637
1 KB
2 mxptint.net
aep.mxptint.net — Cisco Umbrella Rank: 5847
abp.mxptint.net — Cisco Umbrella Rank: 19809
1 KB
2 adblade.com
dmp.adblade.com — Cisco Umbrella Rank: 6564
458 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 754
543 B
2 addthis.com
su.addthis.com — Cisco Umbrella Rank: 2413
x.dlx.addthis.com — Cisco Umbrella Rank: 1196
692 B
2 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1379
222 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 407
736 B
2 truste.com
choices.truste.com — Cisco Umbrella Rank: 730
20 KB
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1018
2 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 683
685 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
58 KB
2 memoinsights.com
elsa.memoinsights.com — Cisco Umbrella Rank: 25518
1 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2822
p1.parsely.com — Cisco Umbrella Rank: 2187
21 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2703
497 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 734
719 B
2 trackonomics.net
cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 5430
fr-actions.trackonomics.net — Cisco Umbrella Rank: 9402
29 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 678
704 B
1 conde.io
covers.conde.io — Cisco Umbrella Rank: 98103
412 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3161
248 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 4070
622 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 10822
411 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1502
431 B
1 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2305
305 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6824
539 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1727
366 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 538
353 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 2385
552 B
1 33across.com
dp2.33across.com — Cisco Umbrella Rank: 9200
500 B
1 trx-hub.com
trx-hub.com — Cisco Umbrella Rank: 6344
446 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 4096
334 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4584
614 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
361 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 448
636 B
1 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 5519
329 B
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 983
549 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 4117
14 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846
2 KB
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1569
157 B
1 getpublica.com
pbs.getpublica.com — Cisco Umbrella Rank: 22315
388 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4108
390 B
1 memo.co
cdn.memo.co — Cisco Umbrella Rank: 31143
7 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 769
3 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2700
44 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1451
8 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1400
594 B
1 vogue.com
www.vogue.com — Cisco Umbrella Rank: 28091
1 KB
1 vanityfair.com
www.vanityfair.com — Cisco Umbrella Rank: 25732
1 KB
1 them.us
www.them.us — Cisco Umbrella Rank: 33385
722 B
1 teenvogue.com
www.teenvogue.com — Cisco Umbrella Rank: 32210
1 KB
1 self.com
www.self.com — Cisco Umbrella Rank: 32024
1 KB
1 pitchfork.com
pitchfork.com — Cisco Umbrella Rank: 26482
1 KB
1 newyorker.com
www.newyorker.com — Cisco Umbrella Rank: 6111
1 KB
1 gq.com
www.gq.com — Cisco Umbrella Rank: 31196
1 KB
1 glamour.com
www.glamour.com — Cisco Umbrella Rank: 14537
1 KB
1 epicurious.com
www.epicurious.com — Cisco Umbrella Rank: 34747
1 KB
1 cntraveler.com
www.cntraveler.com — Cisco Umbrella Rank: 30450
1 KB
1 bonappetit.com
www.bonappetit.com — Cisco Umbrella Rank: 26858
1 KB
1 architecturaldigest.com
www.architecturaldigest.com — Cisco Umbrella Rank: 31182
1 KB
1 allure.com
www.allure.com — Cisco Umbrella Rank: 31909
1 KB
1 zqtk.net
segment-data.zqtk.net — Cisco Umbrella Rank: 8988
537 B
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1329
397 B
543 127
Domain Requested by
35 cm.g.doubleclick.net 16 redirects www.wired.com
googleads.g.doubleclick.net
u.openx.net
eus.rubiconproject.com
8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
25 capture.condenastdigital.com www.wired.com
25 www.wired.com www.wired.com
journey.wired.com
24 dpm.demdex.net 2 redirects www.wired.com
21 px.moatads.com www.wired.com
8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
18 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
17 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
bh.contextweb.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
us-u.openx.net
16 pagead2.googlesyndication.com www.wired.com
8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
bid.g.doubleclick.net
ad.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
securepubads.g.doubleclick.net
14 contextual.media.net www.wired.com
contextual.media.net
13 us-u.openx.net 3 redirects u.openx.net
www.wired.com
us-u.openx.net
12 tpc.googlesyndication.com 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
securepubads.g.doubleclick.net
12 ids.ad.gt 1 redirects www.wired.com
10 b1sync.zemanta.com 9 redirects www.wired.com
10 sync-tm.everesttech.net 10 redirects
10 s0.2mdn.net imasdk.googleapis.com
www.wired.com
s0.2mdn.net
8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
10 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.wired.com
10 securepubads.g.doubleclick.net www.wired.com
securepubads.g.doubleclick.net
9 choices.trustarc.com choices.truste.com
www.wired.com
choices.trustarc.com
9 match.adsrvr.org 8 redirects www.wired.com
9 pixel.tapad.com 5 redirects www.wired.com
us-u.openx.net
9 media.wired.com www.wired.com
8 x.bidswitch.net 8 redirects
8 ib.adnxs.com 6 redirects googleads.g.doubleclick.net
7 token.rubiconproject.com 6 redirects 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
7 idsync.rlcdn.com 3 redirects www.wired.com
condenast.demdex.net
us-u.openx.net
6 cs.media.net 2 redirects contextual.media.net
6 sync.mathtag.com 6 redirects
6 ups.analytics.yahoo.com 2 redirects us-u.openx.net
contextual.media.net
6 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
www.wired.com
8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
6 cdn.cookielaw.org www.wired.com
cdn.cookielaw.org
5 insight.adsrvr.org 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
www.wired.com
5 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
5 pr-bh.ybp.yahoo.com 2 redirects u.openx.net
ssum-sec.casalemedia.com
5 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
5 dp8hsntg6do36.cloudfront.net www.wired.com
d2c8v52ll5s99u.cloudfront.net
5 pixel.quantserve.com 2 redirects www.wired.com
4 rtb.mfadsrvr.com 4 redirects
4 pm.w55c.net 4 redirects
4 gum.criteo.com 1 redirects contextual.media.net
static.criteo.net
4 id.rlcdn.com 2 redirects contextual.media.net
4 googleads4.g.doubleclick.net www.wired.com
ad.doubleclick.net
4 cdn.doubleverify.com 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
ad.doubleclick.net
cdn.doubleverify.com
www.wired.com
4 www.googletagservices.com 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
www.googletagservices.com
4 www.facebook.com www.wired.com
4 px.ads.linkedin.com 3 redirects eus.rubiconproject.com
4 assets.bounceexchange.com tag.bounceexchange.com
assets.bounceexchange.com
4 sb.scorecardresearch.com 2 redirects www.wired.com
4 analytics.tiktok.com www.wired.com
analytics.tiktok.com
4 connect.facebook.net www.wired.com
connect.facebook.net
d2c8v52ll5s99u.cloudfront.net
4 d2c8v52ll5s99u.cloudfront.net player.cnevids.com
d2c8v52ll5s99u.cloudfront.net
4 c2shb.ssp.yahoo.com www.wired.com
3 stags.bluekai.com 3 redirects
3 p.rfihub.com 3 redirects
3 ad.turn.com 3 redirects
3 events.bouncex.net www.wired.com
3 sync.crwdcntrl.net 3 redirects
3 pixel-sync.sitescout.com 3 redirects
3 www.google.com 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
www.wired.com
tpc.googlesyndication.com
3 bh.contextweb.com 1 redirects s.amazon-adsystem.com
bh.contextweb.com
3 match.prod.bidr.io 3 redirects
3 image2.pubmatic.com 2 redirects
3 secure.adnxs.com 3 redirects
3 dwgyu36up6iuz.cloudfront.net www.wired.com
d2c8v52ll5s99u.cloudfront.net
3 p.adsymptotic.com 1 redirects www.wired.com
3 imasdk.googleapis.com player.cnevids.com
imasdk.googleapis.com
3 fastlane.rubiconproject.com www.wired.com
3 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
3 www.googletagmanager.com www.wired.com
www.googletagmanager.com
3 player.cnevids.com www.wired.com
player.cnevids.com
3 js-sec.indexww.com www.wired.com
3 c.amazon-adsystem.com www.wired.com
c.amazon-adsystem.com
3 z.moatads.com www.wired.com
d2c8v52ll5s99u.cloudfront.net
8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
2 ib.mookie1.com 1 redirects
2 global.ib-ibi.com 2 redirects
2 sync.search.spotxchange.com 1 redirects
2 px.owneriq.net 2 redirects
2 tag.yieldoptimizer.com 2 redirects
2 c21lg-d.media.net contextual.media.net
2 ads.avct.cloud 2 redirects
2 c1.adform.net 2 redirects
2 cdn.indexww.com ssum-sec.casalemedia.com
2 dmp.adblade.com contextual.media.net
2 dis.criteo.com contextual.media.net
2 medianet-match.dotomi.com contextual.media.net
2 hbx.media.net contextual.media.net
2 onetag-sys.com 1 redirects www.wired.com
2 api.bounceexchange.com assets.bounceexchange.com
2 loadm.exelator.com 2 redirects
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 sync.adotmob.com ssum-sec.casalemedia.com
2 check.analytics.rlcdn.com www.wired.com
2 id.hadron.ad.gt
2 eb2.3lift.com 2 redirects
2 choices.truste.com 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
2 googleads.g.doubleclick.net 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
www.wired.com
2 www.google.ca www.wired.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.google.com www.googletagmanager.com
2 pubads.g.doubleclick.net d2c8v52ll5s99u.cloudfront.net
imasdk.googleapis.com
2 sync.go.sonobi.com 2 redirects
2 ad.360yield.com 2 redirects
2 static.criteo.net www.wired.com
static.criteo.net
2 elsa.memoinsights.com cdn.memo.co
2 tr.outbrain.com amplify.outbrain.com
www.wired.com
2 condenast.demdex.net www.wired.com
2 script.hotjar.com static.hotjar.com
script.hotjar.com
2 api.sail-personalize.com ak.sail-horizon.com
2 pixel.condenastdigital.com www.wired.com
2 pippio.com 2 redirects
2 a.ad.gt www.googletagmanager.com
p.ad.gt
2 bidder.criteo.com www.wired.com
2 prebid.media.net www.wired.com
2 condenastus-d.openx.net www.wired.com
2 htlb.casalemedia.com www.wired.com
2 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
2 adservice.google.ca securepubads.g.doubleclick.net
2 mb.moatads.com z.moatads.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 news.google.com www.wired.com
news.google.com
1 ade.googlesyndication.com
1 tpsc-ue1.doubleverify.com cdn.doubleverify.com
1 covers.conde.io 1 redirects
1 pixel.onaudience.com 1 redirects
1 as-sec.casalemedia.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 dmp.v.fwmrm.net
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 aorta.clickagy.com 1 redirects
1 mug.criteo.com
1 abp.mxptint.net 1 redirects
1 ads.scorecardresearch.com 1 redirects
1 fei.pro-market.net 1 redirects
1 s.tribalfusion.com 1 redirects
1 a.tribalfusion.com 1 redirects
1 casale-match.dotomi.com ssum-sec.casalemedia.com
1 dsp.adkernel.com 1 redirects
1 image6.pubmatic.com 1 redirects
1 aep.mxptint.net 1 redirects
1 dclk-match.dotomi.com 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
1 dmp.brand-display.com 1 redirects
1 analytics.twitter.com www.wired.com
1 idpix.media6degrees.com 1 redirects
1 dp2.33across.com 1 redirects
1 trx-hub.com www.wired.com
1 fr-actions.trackonomics.net cdn-magiclinks.trackonomics.net
1 dfp.bouncex.net assets.bounceexchange.com
1 x.dlx.addthis.com 1 redirects
1 geo.moatads.com z.moatads.com
1 rtbc-ue1.doubleverify.com cdn.doubleverify.com
1 api.rlcdn.com www.wired.com
1 tps.doubleverify.com cdn.doubleverify.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 a.rfihub.com 1 redirects
1 s.uuidksinc.net 1 redirects
1 fksnk.com 1 redirects
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 su.addthis.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 ad.doubleclick.net www.googletagservices.com
1 load77.exelator.com www.wired.com
1 csync.loopme.me 1 redirects
1 r.casalemedia.com ssum-sec.casalemedia.com
1 pixels.ad.gt p.ad.gt
1 pulsepoint-match.dotomi.com bh.contextweb.com
1 va6-bid.adsrvr.org 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
1 aa.agkn.com 1 redirects
1 ssbsync-us.smartadserver.com 1 redirects
1 u.openx.net s.amazon-adsystem.com
1 p1.parsely.com www.wired.com
1 bid.g.doubleclick.net 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
1 ampcid.google.ca www.google-analytics.com
1 4d.condenastdigital.com pixel.condenastdigital.com
1 pxl.qccerttest.com www.wired.com
1 p.ad.gt a.ad.gt
1 cdn.hadronid.net a.ad.gt
1 ampcid.google.com www.google-analytics.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 vars.hotjar.com static.hotjar.com
1 cm.everesttech.net 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 px4.ads.linkedin.com 1 redirects
1 www.linkedin.com 1 redirects
1 alb.reddit.com www.wired.com
1 pbs.getpublica.com player.cnevids.com
1 d1z2jf7jlzjs58.cloudfront.net www.wired.com
1 tags.rd.linksynergy.com 1 redirects
1 amplify.outbrain.com www.wired.com
1 cdn-magiclinks.trackonomics.net www.wired.com
1 static.hotjar.com www.wired.com
1 cdn.memo.co www.wired.com
1 snap.licdn.com www.wired.com
1 d.turn.com www.wired.com
1 tag.bounceexchange.com www.wired.com
1 ak.sail-horizon.com www.googletagmanager.com
1 www.redditstatic.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 geo.privacymanager.io ats.rlcdn.com
1 www.vogue.com www.wired.com
1 www.vanityfair.com www.wired.com
1 www.them.us www.wired.com
1 www.teenvogue.com www.wired.com
1 www.self.com www.wired.com
1 pitchfork.com www.wired.com
1 www.newyorker.com www.wired.com
1 www.gq.com www.wired.com
1 www.glamour.com www.wired.com
1 www.epicurious.com www.wired.com
1 www.cntraveler.com www.wired.com
1 www.bonappetit.com www.wired.com
1 www.architecturaldigest.com www.wired.com
1 www.allure.com www.wired.com
1 ats.rlcdn.com www.wired.com
1 infinityid.condenastdigital.com www.wired.com
1 journey.wired.com www.wired.com
1 segment-data.zqtk.net www.wired.com
1 polyfill.io www.wired.com
1 apis.google.com www.wired.com
543 219
Subject Issuer Validity Valid
condenast.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-02 -
2023-10-04		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.news.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-08 -
2023-04-09		 a year crt.sh
*.zqtk.net
Amazon		 2022-07-18 -
2023-08-16		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
*.cnevids.com
Amazon		 2022-09-03 -
2023-10-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
conde.io
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.google.ca
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-22 -
2023-06-21		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
ak.sail-horizon.com
Amazon		 2022-01-06 -
2023-02-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-29 -
2022-09-27		 3 months crt.sh
tag.bounceexchange.com
R3		 2022-07-28 -
2022-10-26		 3 months crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-02 -
2023-04-01		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
memo.co
Amazon		 2022-04-27 -
2023-05-26		 a year crt.sh
*.ad.gt
Amazon		 2022-05-10 -
2023-06-08		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.trackonomics.net
Go Daddy Secure Certificate Authority - G2		 2021-12-22 -
2023-01-23		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.getpublica.com
Amazon		 2022-06-01 -
2023-06-30		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2022-08-07 -
2022-11-05		 3 months crt.sh
api.sail-personalize.com
Amazon		 2022-05-25 -
2023-06-23		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.parsely.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
memoinsights.com
Amazon		 2022-04-27 -
2023-05-26		 a year crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.hadronid.net
GTS CA 1P5		 2022-08-18 -
2022-11-16		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.truste.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
id.hadron.ad.gt
Amazon		 2022-08-24 -
2023-09-22		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
ids.ad.gt
R3		 2022-07-22 -
2022-10-20		 3 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
analytics.rlcdn.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
*.adotmob.com
Amazon		 2022-05-25 -
2023-06-23		 a year crt.sh
*.wunderkind.co
R3		 2022-08-13 -
2022-11-11		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2023-02-15		 6 months crt.sh
dmp.adblade.com
R3		 2022-09-02 -
2022-12-01		 3 months crt.sh
*.trx-hub.com
Amazon		 2022-02-20 -
2023-03-21		 a year crt.sh
*.trustarc.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh

This page contains 43 frames:

Primary Page: https://www.wired.com/story/uber-hack-mfa-phishing/
Frame ID: 886A577F355FC19DC5C5601697BCE31D
Requests: 250 HTTP requests in this frame

Frame: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1BB2674A5ADC99759EFD041E0634F19E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 20D5C67F124BFA42AFF763BF3CCBFFA6
Requests: 27 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Frame ID: C6651BE325BF9586770475E8CCACC5C8
Requests: 1 HTTP requests in this frame

Frame: https://condenast.demdex.net/dest5.html?d_nsid=0
Frame ID: 919A6E2BAF735743D4D83411732D3C43
Requests: 36 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.531.0_en.html
Frame ID: 7EFBE9F66827D4FBB2741C38BA7D62F7
Requests: 2 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 6920356C8833884795520F3C5E483920
Requests: 1 HTTP requests in this frame

Frame: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 857AB6D218EF5EC5B92583536A3FC837
Requests: 19 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 4C26EDAF4C02FB05D3FF5FBCD472012A
Requests: 1 HTTP requests in this frame

Frame: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CFB0E7A9F3B961DB572E157C758F91BA
Requests: 45 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxC0w8rDAhiKgJK_ATAB&v=APEucNXM9gOEcQUgcENctxkxJYw08a762PpFNEd3SK1Bwcx1Jdc_Jr8QaqH6dz9TY1SgmrbOWHyggzUgfoijyjVgifh1L50Znw
Frame ID: FBD29DA854B116BCE5373E6F423085F1
Requests: 5 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: EAD01A10E96CF736603E6CE9C2093A6A
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 346BD150032321FC10858433DC195C4E
Requests: 11 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: E7FEC2D35EDF47F00837B277BB2AAEAF
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1YblRXMjE1RTJ1S3gyQkNxQ1hRTEFqQ3BzMnZlVUcyN35B
Frame ID: 780F935496C381DB55E53CC134B4E1BE
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 7A48C3C53FAEEC95C4234E5095AA6F6D
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7826486786654209056&gdpr=0&gdpr_consent=
Frame ID: E604344099EA4B00349243EAACC42405
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=8264677328858952876&ex=appnexus.com
Frame ID: F79F1C00A327B8C59160652F4C435E3C
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=614278318266112921207
Frame ID: E75C8E6F16040575945CC23F8EEFD3D5
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F9F7060DDE6B4C39222E284205DBB173
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: DBC2D8079F83E28ACFCC6435578EFE9C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3EBDA0B93A9F97F317570B84C9E1BC19
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15895870535127717286/index.html
Frame ID: 735C6CED8D8796B744E28AFEF7F1681F
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E4F72E1BD8F1D634E3522C8966295981
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3094.js
Frame ID: 5FC56D31A81CB1947B7573ED584C8BA7
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 020E1951407E0DBCA93EEC5F087041C3
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: F1CCBB029326D41BC4C4A12177CD7C13
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 0E9A14E8BDFA4BE8299CE841320658DB
Requests: 16 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 2A981C38A4E2E0C9FC1A1D041AF84DDB
Requests: 16 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Frame ID: E94BC6F0708133A8243219EB3D4BDDE2
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 7F582261A3695F49E7D6805EFE481C71
Requests: 2 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Frame ID: 974F9B26B4C82E5E7735FC6BDA28B502
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 530AA42D6829861A82781A17A1C5F04A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 2B3352F2625D54204DEFA77075344944
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Frame ID: D368DACABB23E4052979B04EB541A75F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 08731BBE42EC5AA2EAEA24EC41B5BD99
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: FB98B134A93BA30CADBCDD69F0C39F1B
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3066089221455439000V10&type=rkt&refUrl=&vid=36073222703066089221455439000V10&ovsid=6043531667806354008
Frame ID: A0EF44382FF018BC2F4CA875D8AA842C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3066089221455439000V10&type=rkt&refUrl=&vid=36073222993066089221455439000V10&ovsid=6043531667806354008
Frame ID: 7D13DFCFEC35E4435CC7EE068AC56B0F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.wired.com
Frame ID: 75747ECB38150A3A7791890862E227FA
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 87BE4F550696882C2789BBF185F05A01
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E72809D08A9F430F123AEA652D8FF0EE
Requests: 2 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: CF99E518C4E5E0C54C06442CBB19ED86
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Uber Hack’s Devastation Is Just Starting to Reveal Itself | WIREDMenuStory SavedCloseStory SavedCloseSearchFacebookTwitterEmailSave StoryFacebookTwitterEmailSave StoryTwitterFacebookTwitterPinterestYouTubeInstagramTiktok

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

543
Requests

77 %
HTTPS

27 %
IPv6

127
Domains

219
Subdomains

132
IPs

7
Countries

6703 kB
Transfer

20106 kB
Size

236
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035094&ns__t=1663607318529&ns_c=UTF-8&c8=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED&c7=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1663607318529&ns_c=UTF-8&c8=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED&c7=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&c9=
Request Chain 113
  • https://idsync.rlcdn.com/709387.gif?partner_uid=7019f732-25e0-4a38-bce5-b53f5c128960&gtmcb=1276863855 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIumKxIwCiwIARCFvQkaJDcwMTlmNzMyLTI1ZTAtNGEzOC1iY2U1LWI1M2Y1YzEyODk2MBAAGg0IlsSimQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=e39ff2cbcfdb8209793ecb6fbcf33842f7c1c58bf061f5b02b9e06711841ca4f791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBlMzlmZjJjYmNmZGI4MjA5NzkzZWNiNmZiY2YzMzg0MmY3YzFjNThiZjA2MWY1YjAyYjllMDY3MTE4NDFjYTRmNzkxNDI2YjU0MTdkY2UyMRAAGgwIl8SimQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBlMzlmZjJjYmNmZGI4MjA5NzkzZWNiNmZiY2YzMzg0MmY3YzFjNThiZjA2MWY1YjAyYjllMDY3MTE4NDFjYTRmNzkxNDI2YjU0MTdkY2UyMRAAGgwIl8SimQYSBAgCEABCAEoA&google_gid=CAESEO459HfW2lftPhAe8_ntQKc&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=18a0bc53-da43-4e0d-9c80-53075592361a
Request Chain 114
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=undefined HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_device_id=undefined
Request Chain 115
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=648&partner_device_id=7019f732-25e0-4a38-bce5-b53f5c128960 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=648&partner_device_id=7019f732-25e0-4a38-bce5-b53f5c128960 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3aad9dc9-c03e-496d-ab1f-c7599363f9b7%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3aad9dc9-c03e-496d-ab1f-c7599363f9b7%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&ttd_puid=3aad9dc9-c03e-496d-ab1f-c7599363f9b7%2C
Request Chain 119
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Request Chain 123
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1663607318795&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1663607318795&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D434737%26time%3D1663607318795%26url%3Dhttps%253A%252F%252Fwww.wired.com%252Fstory%252Fuber-hack-mfa-phishing%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1663607318795&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1663607318795&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&cookiesTest=true&liSync=true&e_ipv6=AQLhHquqgTKinAAAAYNWuS6WdfwCWjIf9DVrSaINAMh3g6m3UhhLLI1R5cfQqy4PJWgYGv2oTA HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=26e01f1b-8ffe-434e-a9d8-9cf5bb92dcde HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=26e01f1b-8ffe-434e-a9d8-9cf5bb92dcde&_expected_cookie=918e1a4c396a072ddff2f5ae06c6138b
Request Chain 137
  • https://cm.everesttech.net/cm/dd?d_uuid=66373113506026136401086284029216043361 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YyiiFwAAAEe96ANP
Request Chain 167
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001663607319-29KI610D-PHIA&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001663607319-29KI610D-PHIA%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001663607319-29KI610D-PHIA&adnxs_id=8264677328858952876&gdpr=0
Request Chain 168
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001663607319-29KI610D-PHIA&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&id=AU1D-0100-001663607319-29KI610D-PHIA
Request Chain 169
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001663607319-29KI610D-PHIA HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001663607319-29KI610D-PHIA HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=B109023D-C51B-4BDD-A2D3-0FCE792BE5B7&id=AU1D-0100-001663607319-29KI610D-PHIA
Request Chain 170
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001663607319-29KI610D-PHIA HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001663607319-29KI610D-PHIA&google_gid=CAESEK3tfNwu7NWKHOhLMvCqGLI&google_cver=1&google_ula=450542624,0
Request Chain 171
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001663607319-29KI610D-PHIA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2MzYwNzMxOS0yOUtJNjEwRC1QSElB
Request Chain 172
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001663607319-29KI610D-PHIA&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001663607319-29KI610D-PHIA HTTP 302
  • https://ids.ad.gt/api/v1/adb_match?adb=66373113506026136401086284029216043361&id=AU1D-0100-001663607319-29KI610D-PHIA
Request Chain 173
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001663607319-29KI610D-PHIA HTTP 303
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001663607319-29KI610D-PHIA&_bee_ppp=1 HTTP 303
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AADn0U7GUUQAAA_UoQQBHw&id=AU1D-0100-001663607319-29KI610D-PHIA
Request Chain 174
  • https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001663607319-29KI610D-PHIA%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001663607319-29KI610D-PHIA%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001663607319-29KI610D-PHIA&impr_uid=156f4374-5314-4efa-b48b-bb3f41dda401
Request Chain 175
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001663607319-29KI610D-PHIA&uid=[UID]&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001663607319-29KI610D-PHIA&uid=c7f8bd10-634b-45d5-8363-86dc55b45c70&gdpr=0
Request Chain 176
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001663607319-29KI610D-PHIA&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001663607319-29KI610D-PHIA&rub=L890UEAB-I-J01J&gdpr=0
Request Chain 227
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 229
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 230
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1YblRXMjE1RTJ1S3gyQkNxQ1hRTEFqQ3BzMnZlVUcyN35B
Request Chain 232
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7826486786654209056&gdpr=0&gdpr_consent=
Request Chain 233
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=8264677328858952876&ex=appnexus.com
Request Chain 234
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=614278318266112921207
Request Chain 244
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=66373113506026136401086284029216043361 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=213420604279323267950
Request Chain 259
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8iKXiPUhteJ9dxzFB1Xj4&google_cver=1
Request Chain 260
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyiiGGLSm-lWytm.iJ357gAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8iKXiPUhteJ9dxzFB1Xj4&google_cver=1&google_hm=2
Request Chain 261
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPu_lnP5377qEbOxYqXNsSw&google_cver=1
Request Chain 262
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI2NDY3NzMyODg1ODk1Mjg3Ng%3D%3D
Request Chain 273
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YyiiFwAAAEe96ANP
Request Chain 275
  • https://match.adsrvr.org/track/cmf/openx?oxid=7c9c61b1-6dc3-7a19-c760-94a1a9464cbe&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&ttd_puid=7c9c61b1-6dc3-7a19-c760-94a1a9464cbe&gdpr=0&gdpr_consent=
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECw_uSqPNB8uFrNOlPd_1No&google_cver=1
Request Chain 278
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=VXNSUlNlRDJEZFFFZUZoZDdRRXpfZw&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEB3HunQrisGGqWbLku114Tw&google_cver=1
Request Chain 285
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=66373113506026136401086284029216043361&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d66373113506026136401086284029216043361 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=57306328-a219-4200-a76f-0b221154f721&ddsuuid=66373113506026136401086284029216043361
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyiiGGLSm_lWytm-iJ357gAAAd0AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENxkKKv4VWQdY6PFC8d0Wrw&google_cver=1
Request Chain 295
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&expiration=1666199321&gdpr=0&gdpr_consent=
Request Chain 296
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyiiGGLSm-lWytm.iJ357gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED8iKXiPUhteJ9dxzFB1Xj4&google_cver=1&google_hm=2
Request Chain 297
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=90bdf3b3-ba17-4bca-a94a-de573e2a8405-6328a219-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D90bdf3b3-ba17-4bca-a94a-de573e2a8405-6328a219-4341%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D90bdf3b3-ba17-4bca-a94a-de573e2a8405-6328a219-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=90bdf3b3-ba17-4bca-a94a-de573e2a8405-6328a219-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D90bdf3b3-ba17-4bca-a94a-de573e2a8405-6328a219-4341%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253D90bdf3b3-ba17-4bca-a94a-de573e2a8405-6328a219-4341%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=90bdf3b3-ba17-4bca-a94a-de573e2a8405-6328a219-4341&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3D90bdf3b3-ba17-4bca-a94a-de573e2a8405-6328a219-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=90bdf3b3-ba17-4bca-a94a-de573e2a8405-6328a219-4341&gdpr=0&gdpr_consent=
Request Chain 298
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=8210b848-c2fc-40a7-b79f-217b73523159&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 300
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8264677328858952876
Request Chain 305
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=66373113506026136401086284029216043361 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=66373113506026136401086284029216043361&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 310
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=L890UEAB-I-J01J HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L890UEAB-I-J01J&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Request Chain 314
  • https://su.addthis.com/red/usync?pid=16&puid=66373113506026136401086284029216043361&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D420%26dpuuid%3D%7B%7Buid%7D%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=420&dpuuid=6328a219248f7a83
Request Chain 317
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&gdpr=0&gdpr_consent=&expires=30
Request Chain 318
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/IQuvQXc5wGaVZW7MRLrC6A?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3928989494876636508
Request Chain 319
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L890UEAB-I-J01J&us_privacy=1---
Request Chain 320
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5MFVFQUItSS1KMDFK&us_privacy=1---
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGhB1onajtgy-l7I_d1VHg8&google_cver=1
Request Chain 322
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Xv0OUbAxRti3HEIZPika4w&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Xv0OUbAxRti3HEIZPika4w
Request Chain 323
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWMyOGEyNjVjMTcxMzkzN2YzM2U4ZTcwMzRkMjIyMDQzNDliZmQwNQ&us_privacy=1---
Request Chain 332
  • https://idsync.rlcdn.com/365868.gif?partner_uid=66373113506026136401086284029216043361 HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=2c9ba033b4b15fddbd056c55cf92b96a4a8ad990f85da4384509f1895da8f55eb0da87c991749652
Request Chain 333
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHYkllaMd-c-n94EzHjxnss&google_cver=1&google_push=AZmPxg-rTqtr-EA_TANVQIsEqUp6rlWrZZpam3IagFyE0HEgGt36GuyaSJZHMUdjzTq-XAO53jyXBGlcQN9m23aSAytTRZ6aLvWEwDVQZ6V644JV2cwBYFhHJLcSy6mPLFuQ_vcZIQKls3i2kKfBJlwzzw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=VzBjKKIZQgCnbwsiEVT3IQ&google_push=AZmPxg-rTqtr-EA_TANVQIsEqUp6rlWrZZpam3IagFyE0HEgGt36GuyaSJZHMUdjzTq-XAO53jyXBGlcQN9m23aSAytTRZ6aLvWEwDVQZ6V644JV2cwBYFhHJLcSy6mPLFuQ_vcZIQKls3i2kKfBJlwzzw
Request Chain 334
  • https://fksnk.com/cs/google?google_gid=CAESEOytGbptA7X3ySa_5qvBKiI&google_cver=1&google_push=AZmPxg8RfQb3zugxHbNn9Rp8fMK5MgRjqFFlj3mZxlIkvHLXwkqDpmShg1xXVn4ROUW1pba6mZ-dp858EXha6kiBqtT2HYGoe-XYTNAfMHHGXWFqWh3dfyv_ypmY4jvUBAeUyysZA-_BfSs69EnmyEUJ9vM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzRBMEI5NjJCNTIwOEZFRg==
Request Chain 335
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEBEZ4iEIRxJe1yGKCS7PpPs&c_param1=AZmPxg_rnEDHn1TU4tpZyIN9PVHHj8_LHtmZoyHnf1yGOIkbwhzFCpConVYegU5-xXmcJZgdB_T6UuDgivXtUxxLvBOXoedXnKz_iC0Ffkr53ivQ3mfTBii0Pf0v5V6Lg6kZcT_rVgE6ay87Zfu3W08yXA&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg_rnEDHn1TU4tpZyIN9PVHHj8_LHtmZoyHnf1yGOIkbwhzFCpConVYegU5-xXmcJZgdB_T6UuDgivXtUxxLvBOXoedXnKz_iC0Ffkr53ivQ3mfTBii0Pf0v5V6Lg6kZcT_rVgE6ay87Zfu3W08yXA
Request Chain 336
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGDIXdVW9W2_BF3JkdG_VMM&google_cver=1&google_push=AZmPxg9dmox_VxwWe5atoAAlaklVlciWItJEwXPBt3hNx8kp-egWfno4_MS0GjSIWqSmRVek1cQek4b0pK0AFtpPtz1qQCmsQyPJiDV8eWXaTOLdARCQ-NWK4icckHXbikHrJ21uBYWYnqBm7Ry773xuflg HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGDIXdVW9W2_BF3JkdG_VMM&google_push=AZmPxg9dmox_VxwWe5atoAAlaklVlciWItJEwXPBt3hNx8kp-egWfno4_MS0GjSIWqSmRVek1cQek4b0pK0AFtpPtz1qQCmsQyPJiDV8eWXaTOLdARCQ-NWK4icckHXbikHrJ21uBYWYnqBm7Ry773xuflg&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9dmox_VxwWe5atoAAlaklVlciWItJEwXPBt3hNx8kp-egWfno4_MS0GjSIWqSmRVek1cQek4b0pK0AFtpPtz1qQCmsQyPJiDV8eWXaTOLdARCQ-NWK4icckHXbikHrJ21uBYWYnqBm7Ry773xuflg&google_hm=dUprUXVWbmFZanAzSFFQd2hIeVU=
Request Chain 337
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAZmPxg8sy3q4Kck8VJ6q9-FqqsD4lz8LE1mK4dAb-LNSf1q-mQuMbZlKvN8A7TgpTXJko3xDs1wLUL8RMsOG5wDTIfaCEP1grmR87TTdcULaB6D3wXhGf1Ntox51Ve3B2b-9q6moXVPT2QVQ8J4xx4MoIKA%26google_hm%3D%5BUID%5D&google_gid=CAESENy-Yr3so3GVvnOpo3XCI0o&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AZmPxg8sy3q4Kck8VJ6q9-FqqsD4lz8LE1mK4dAb-LNSf1q-mQuMbZlKvN8A7TgpTXJko3xDs1wLUL8RMsOG5wDTIfaCEP1grmR87TTdcULaB6D3wXhGf1Ntox51Ve3B2b-9q6moXVPT2QVQ8J4xx4MoIKA&google_hm=c7f8bd10-634b-45d5-8363-86dc55b45c70
Request Chain 338
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDpyZ7nBRmUDLlgYuFQ2fbE&google_cver=1&google_push=AZmPxg_VnqFEz0leAOJgQ0HpzHvibUVdOQ_2C_XgJsCHM-kbZ6CBy9BHMNmFlzQbdagj-ugDZD0A0ePpj4SXyz2JE7Klhgu6NEOkmTny9zrJc8q7pGr5B0T_AHyLKx_qcU1G2mafPRhtlJvo-glRwlG0e9Dy HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AZmPxg_VnqFEz0leAOJgQ0HpzHvibUVdOQ_2C_XgJsCHM-kbZ6CBy9BHMNmFlzQbdagj-ugDZD0A0ePpj4SXyz2JE7Klhgu6NEOkmTny9zrJc8q7pGr5B0T_AHyLKx_qcU1G2mafPRhtlJvo-glRwlG0e9Dy&google_hm=NjA0MzUzMTY2NzgwNjM1NDAwOA==
Request Chain 339
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENXU9J5gFusZram82gtRVvg&google_cver=1&google_push=AZmPxg_d0Iy0eVmHTVRDPngZjOrX21ULPSGVI3pUwyMD2cMoxyHv_vc44zD8bQeDLcyCv0nquePyhP-j66YHt7gEXkGwj2UP7cipcAEdt67IJcm956Mek02FdWmVLY0NAvSzcCPb6-xmByfPbM_oJ3hL5WdK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_d0Iy0eVmHTVRDPngZjOrX21ULPSGVI3pUwyMD2cMoxyHv_vc44zD8bQeDLcyCv0nquePyhP-j66YHt7gEXkGwj2UP7cipcAEdt67IJcm956Mek02FdWmVLY0NAvSzcCPb6-xmByfPbM_oJ3hL5WdK HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 348
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=8264677328858952876
Request Chain 367
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=295a1ed7-a084-4c79-9819-145290dd2d66 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESELzaWNy5fIxqcbzohq6Vd-s&google_cver=1
Request Chain 368
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8264677328858952876
Request Chain 370
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4601057333822261305&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 371
  • https://token.rubiconproject.com/token?pid=6404&puid=66373113506026136401086284029216043361&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=L890UEAB-I-J01J?gdpr=0
Request Chain 375
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=295a1ed7-a084-4c79-9819-145290dd2d66 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=295a1ed7-a084-4c79-9819-145290dd2d66
Request Chain 376
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8264677328858952876
Request Chain 378
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4601057333822261305&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 387
  • https://x.dlx.addthis.com/e/demdex_sync?na_exid=66373113506026136401086284029216043361&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022091917084200016843476930
Request Chain 393
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Drkt%26refUrl%3D%26vid%3D36073222703066089221455439000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3066089221455439000V10&type=rkt&refUrl=&vid=36073222703066089221455439000V10&ovsid=6043531667806354008
Request Chain 395
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Dmma%26refUrl%3D%26vid%3D36073222703066089221455439000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066089221455439000V10&type=mma&refUrl=&vid=36073222703066089221455439000V10&ovsid=57306328-a219-4200-a76f-0b221154f721
Request Chain 396
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA2NjA4OTIyMTQ1NTQzOTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHNE5FQp4YipMQ4tSUx1lto&google_cver=1
Request Chain 397
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Ddxu%26refUrl%3D%26vid%3D36073222703066089221455439000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Ddxu%26refUrl%3D%26vid%3D36073222703066089221455439000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066089221455439000V10&type=dxu&refUrl=&vid=36073222703066089221455439000V10&ovsid=AE1KkLAI1OAkga5
Request Chain 399
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=8f868ba3-3e86-4c8d-9823-c5070bf51869&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171120296&expires=5&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=8f868ba3-3e86-4c8d-9823-c5070bf51869&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 400
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Dzem%26refUrl%3D%26vid%3D36073222703066089221455439000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=uJkQuVnaYjp3HQPwhHyU&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLVJJVVC5KWNZQVS2TQGNEFCUDXNBEHSVJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTMMBXGMZDEMRXGAZTANRWGA4DSMRSGE2DKNJUGM4TAMBQKYYTAJTWONUWIPJTGA3DMMBYHEZDEMJUGU2TIMZZGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLVJJVVC5KWNZQVS2TQGNEFCUDXNBEHSVJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTMMBXGMZDEMRXGAZTANRWGA4DSMRSGE2DKNJUGM4TAMBQKYYTAJTWONUWIPJTGA3DMMBYHEZDEMJUGU2TIMZZGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=uJkQuVnaYjp3HQPwhHyU&refUrl=&type=zem&vid=36073222703066089221455439000V10&vsid=3066089221455439000V10
Request Chain 402
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3066089221455439000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3066089221455439000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=9b78092d-b663-417a-852e-52d53def87e6&cs=1
Request Chain 404
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=83a7adcd-79ab-42ed-8a9b-605fed9b02b2
Request Chain 405
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E HTTP 302
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066089221455439000V10
Request Chain 408
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA2NjA4OTIyMTQ1NTQzOTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHNE5FQp4YipMQ4tSUx1lto&google_cver=1
Request Chain 409
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Drkt%26refUrl%3D%26vid%3D36073222993066089221455439000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3066089221455439000V10&type=rkt&refUrl=&vid=36073222993066089221455439000V10&ovsid=6043531667806354008
Request Chain 411
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D8f868ba3-3e86-4c8d-9823-c5070bf51869&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=57306328-a219-4200-a76f-0b221154f721&expires=30&ssp=medianet&bsw_param=8f868ba3-3e86-4c8d-9823-c5070bf51869&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=8f868ba3-3e86-4c8d-9823-c5070bf51869&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 413
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3066089221455439000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3066089221455439000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=9b78092d-b663-417a-852e-52d53def87e6&cs=1
Request Chain 415
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=83a7adcd-79ab-42ed-8a9b-605fed9b02b2
Request Chain 416
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E HTTP 302
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066089221455439000V10
Request Chain 418
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Dmma%26refUrl%3D%26vid%3D36073222993066089221455439000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066089221455439000V10&type=mma&refUrl=&vid=36073222993066089221455439000V10&ovsid=57306328-a219-4200-a76f-0b221154f721
Request Chain 419
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Ddxu%26refUrl%3D%26vid%3D36073222993066089221455439000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Ddxu%26refUrl%3D%26vid%3D36073222993066089221455439000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066089221455439000V10&type=dxu&refUrl=&vid=36073222993066089221455439000V10&ovsid=AE1KkLAI1OAkga5
Request Chain 420
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Dzem%26refUrl%3D%26vid%3D36073222993066089221455439000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=uJkQuVnaYjp3HQPwhHyU&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLVJJVVC5KWNZQVS2TQGNEFCUDXNBEHSVJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTMMBXGMZDEMRZHEZTANRWGA4DSMRSGE2DKNJUGM4TAMBQKYYTAJTWONUWIPJTGA3DMMBYHEZDEMJUGU2TIMZZGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLVJJVVC5KWNZQVS2TQGNEFCUDXNBEHSVJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTMMBXGMZDEMRZHEZTANRWGA4DSMRSGE2DKNJUGM4TAMBQKYYTAJTWONUWIPJTGA3DMMBYHEZDEMJUGU2TIMZZGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=uJkQuVnaYjp3HQPwhHyU&refUrl=&type=zem&vid=36073222993066089221455439000V10&vsid=3066089221455439000V10
Request Chain 422
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=66373113506026136401086284029216043361 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=3aad9dc9-c03e-496d-ab1f-c7599363f9b7
Request Chain 428
  • https://dp2.33across.com/ps/?pid=897&random=653361332 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=601&dpuuid=211982463078274&random=1663607322
Request Chain 432
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjYzNzMxMTM1MDYwMjYxMzY0MDEwODYyODQwMjkyMTYwNDMzNjE= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECjQtaUcIFYml46EfCKwQdU&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 435
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=66373113506026136401086284029216043361 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=992&dpuuid=1i1h76qrm501a
Request Chain 438
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=xAtQi5MKU4TfD1TVxlxPg5YPUtXfCVOCywzhfRnL
Request Chain 440
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8264677328858952876
Request Chain 441
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YyiiGGLSm_lWytm-iJ357gAAAd0AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YyiiGGLSm_lWytm-iJ357gAAAd0AAAIB
Request Chain 442
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4601057333822261305
Request Chain 443
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=207fe4a3-fad9-40e2-fa8abf2e
Request Chain 445
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=6043531667806354008
Request Chain 446
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=fTrA_io7w_FmPsSgf23f9i8-wqBmOMP3cj0qlkTW
Request Chain 450
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEE6NYGW-aGLKYQVaXMiDPTU&google_cver=1&google_push=AZmPxg-hymQbUeYD66BOl_l7THYMcRwcP4qmg1r7iarkbUfSqcyhSgc-WEvP7zZBevPy99Vj7FyNfVqymiAsAiUePhLF7HG5QUHB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AZmPxg-hymQbUeYD66BOl_l7THYMcRwcP4qmg1r7iarkbUfSqcyhSgc-WEvP7zZBevPy99Vj7FyNfVqymiAsAiUePhLF7HG5QUHB&google_hm=UjFCMzQxX0Y2NzY5QTY5Xzg3QUNFM0VD
Request Chain 451
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGWNl41bR__Hx1AN7LVvlik&google_cver=1&google_push=AZmPxg9LoXA2WtFh25cIuzeO69gf82P0cesWdcSVb_WqQkkOpc-wJ9-I0E-GdTez_UZ_3YUloOEiQLyiaSbNVyz8wIEN3RqyAsa4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=kL3zs7oXS8qpSt5XPiqEBWMoohk
Request Chain 452
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF-4NtzS6yh2tShc7HbbLhM&google_cver=1&google_push=AZmPxg-E460qCIUdjIzfbHhSHbai8kvfgEPC7nVcnLaXDXcaq_DM7wf4GkH08guxqsl4HfEuX2kF5bhHpvcGMcRKid6i05L_NBy4 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF-4NtzS6yh2tShc7HbbLhM&google_cver=1&google_push=AZmPxg-E460qCIUdjIzfbHhSHbai8kvfgEPC7nVcnLaXDXcaq_DM7wf4GkH08guxqsl4HfEuX2kF5bhHpvcGMcRKid6i05L_NBy4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUyNzMwNDkyNzc4NzgwMDIy&google_push=AZmPxg-E460qCIUdjIzfbHhSHbai8kvfgEPC7nVcnLaXDXcaq_DM7wf4GkH08guxqsl4HfEuX2kF5bhHpvcGMcRKid6i05L_NBy4
Request Chain 453
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEAAmEWplp3Mvn9sztr9sTT4&google_cver=1&google_push=AZmPxg8zhJ3yKJ363xMNLTxEnHijYUzjA2vMDl853KHYPVnBOJf5F3MCQHncyR2MKkO8gr79oDSAJQiA8D4aHlZ3ouw4-id_IXCz HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sQkCPcUbS92i0w_OeSvltw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8zhJ3yKJ363xMNLTxEnHijYUzjA2vMDl853KHYPVnBOJf5F3MCQHncyR2MKkO8gr79oDSAJQiA8D4aHlZ3ouw4-id_IXCz
Request Chain 454
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEIbJ4W23OksWobFms2dazn4&google_cver=1&google_push=AZmPxg9awv-EYAPtx6h1nfrEweBP5Qrn3Y-rXXrsGZYc6BryjnnRlvltPWeHfN2Ix-Lv5EcRGkpkFLWDiUVAVssgQnhvyWlm21o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE3NDc5NDQxNDE1MjAzNDYxNDY&google_push=AZmPxg9awv-EYAPtx6h1nfrEweBP5Qrn3Y-rXXrsGZYc6BryjnnRlvltPWeHfN2Ix-Lv5EcRGkpkFLWDiUVAVssgQnhvyWlm21o
Request Chain 455
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEF4R61LAyXDrf54zxi0EL60&google_cver=1&google_push=AZmPxg9PBKgHOTegacSRA6vzb0GslQ93cW5kRrz4101G5T9Gy1uGmFT-vJFqNlJWBTVzPz6XW1YWEqcJXb_CICvBuWLqXRz0GZAohw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9PBKgHOTegacSRA6vzb0GslQ93cW5kRrz4101G5T9Gy1uGmFT-vJFqNlJWBTVzPz6XW1YWEqcJXb_CICvBuWLqXRz0GZAohw&google_hm=dUprUXVWbmFZanAzSFFQd2hIeVU= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 458
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YyiiFwAAAEe96ANP
Request Chain 459
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADn0U7GUUQAAA_UoQQBHw&expiration=1664816923
Request Chain 460
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=57306328-a219-4200-a76f-0b221154f721
Request Chain 462
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=uJkQuVnaYjp3HQPwhHyU&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD25KKNNIXKVTOMFMWU4BTJBIVA53IJB4VK HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD25KKNNIXKVTOMFMWU4BTJBIVA53IJB4VK HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=uJkQuVnaYjp3HQPwhHyU
Request Chain 463
  • https://x.bidswitch.net/sync?ssp=index HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=bf0077cd-9d67-4910-9e46-10bb165e63f6&ssp=index HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=8f868ba3-3e86-4c8d-9823-c5070bf51869
Request Chain 465
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=YyiiGGLSm-lWytm.iJ357gAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_user_id=YyiiGGLSm-lWytm.iJ357gAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662270673164669
Request Chain 469
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233 HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?tc=712665014&t=i&p=2233 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2027896334542
Request Chain 470
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=66373113506026136401086284029216043361 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=-1192262555302735988
Request Chain 476
  • https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7168937232086202263&uid=Q7168937232086202263&ref=%2Feucm%2Fp%2Fadpq HTTP 302
  • https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7168937232086202263
Request Chain 478
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=66373113506026136401086284029216043361&rn=1663607318850&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D66373113506026136401086284029216043361 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=66373113506026136401086284029216043361
Request Chain 482
  • https://sb.scorecardresearch.com/c2/6035094/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 483
  • https://abp.mxptint.net/sn.ashx HTTP 302
  • https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_F6769A69_87ACE3EC&redir=https://abp.mxptint.net/sn.ashx?ak=1
Request Chain 485
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=wired.com&sn=ChromeSyncframe&so=0&topUrl=www.wired.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=6Q2N2nxhb3FwU1IzMzZJTlJnd2NDcVI2T1lNeVd0Q1I3RjEwbFhNVmlUSU45R2lPS0NFQ3dRTkVHQ2RhZis1UGJURWEzRkFTaFNSaTlRT00rRjJoV2pQU2NIWXljbTdqdTFuMG56T0U1OTVWNXg1dnExeVRGVU5jWTB3VDZmS3BPN2FkbENuWEZDL2ZyTE0vdm1yNUFvQ3R2d25HRUhlYjFQdUZXbGhDVjlnTUM3eUY0d1R1QWYzQ2VTMlpIUDc3R0wwSlJLQU94Zk1LbVpSbk5rb0dwT080dGliWFpOMVR0eDY4ODVicU1UUStvQmRrbHBGMi82UGxCZm9FS2dKT29lY1F1azNGN1VtZzA3bS9DKytRZzVTelMvQT09fA&cppv=2
Request Chain 489
  • https://aorta.clickagy.com/pixel.gif?ch=124&cm=66373113506026136401086284029216043361&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:29289150156ddd0f20cad19a6bd3acfc
Request Chain 494
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=66373113506026136401086284029216043361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=66373113506026136401086284029216043361
Request Chain 497
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=66373113506026136401086284029216043361?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=f876724d5fadf28a54903c2f911d4340
Request Chain 503
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXlpaUZ3QUFBRWU5NkFOUA==
Request Chain 506
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YyiiFwAAAEe96ANP&expires=90
Request Chain 509
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YyiiFwAAAEe96ANP
Request Chain 513
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YyiiFwAAAEe96ANP
Request Chain 514
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YyiiFwAAAEe96ANP
Request Chain 515
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YyiiFwAAAEe96ANP
Request Chain 517
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YyiiFwAAAEe96ANP&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YyiiFwAAAEe96ANP&img=1&__user_check__=1&sync_id=b7f72435-383d-11ed-aed7-15e8696a0403
Request Chain 518
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YyiiFwAAAEe96ANP&t=2592000&o=0
Request Chain 520
  • https://pixel.onaudience.com/?partner=130&mapped=66373113506026136401086284029216043361&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m HTTP 302
  • https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
Request Chain 521
  • https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=66373113506026136401086284029216043361 HTTP 302
  • https://ib.mookie1.com/image.sbix?go=244346&pid=268&xid=66373113506026136401086284029216043361 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=285689&dpuuid=66373113506026136401086284029216043361&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D HTTP 302
  • https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=66373113506026136401086284029216043361 HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=66373113506026136401086284029216043361
Request Chain 524
  • https://covers.conde.io/images_covers/cover_wired_600.jpg HTTP 302
  • https://media.wired.com/photos/632486938990652479ff3876/master/w_600,c_limit/WIRED_3009_500x680.jpg

543 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.wired.com/story/uber-hack-mfa-phishing/ 		862 KB
184 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7c6052d8af13184eee9dca36797fd0b748b3d556b1adc933a51a365dbd9b2021
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
none
age
1889
apple-news-services-handled
false
apple-news-services-host
www.wired.com
apple-news-services-parsed-url
/story/uber-hack-mfa-phishing/
apple-news-services-request-url
/story/uber-hack-mfa-phishing/
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 17:08:36 GMT
payment
free
strict-transport-security
max-age=31536000; preload
vary
accept-encoding, cn-experiments, X-UA-Device, Verso, bypass-verso-payment
verso
true
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-esi
on
x-served-by
cache-yul12825-YUL
x-timer
S1663607316.399433,VS0,VE4
x-ua-device
desktop
Uber-Hack-Security-GettyImages-1238322525.jpg
media.wired.com/photos/6324bd9ac4d3ebc9237bc60e/master/w_1600,c_limit/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/6324bd9ac4d3ebc9237bc60e/master/w_1600,c_limit/Uber-Hack-Security-GettyImages-1238322525.jpg
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
905ea556d01332e5b556febce1b8c55cd81d6d984859cf797eaf9137d2c6dd8a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:36 GMT
Connection
keep-alive
Age
243106
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=2025351 idim=2400x1599 ifmt=jpeg ofsz=86170 odim=1600x1066 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-iad-kcgs7200034-IAD, cache-yul12834-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663607317.512224,VS0,VE2
Etag
"Zf3Ga7AtlcSrCX3z4Sv5em7IAOodnSuVb3HfFmwZLao"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
86170
timing-allow-origin
*
X-Cache-Hits
1, 1
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 17:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7BKk7WQU1Z9EDMZmf1T6Vg==
age
7583
vary
Accept-Encoding
content-length
7151
x-ms-lease-status
unlocked
last-modified
Thu, 15 Sep 2022 18:22:15 GMT
server
cloudflare
etag
0x8DA974737287FBC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5bd43f01-f01e-006a-3736-c9844d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74d3eca03d44713e-YUL
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 17:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ERttG9+iQk1LCPjR495NRw==
age
7570
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fdfee482-401e-011a-4343-28b1dc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
74d3eca03d47713e-YUL
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbae2df2e784b3bbc312a7bf40f0048c5f6379fa036351bbbef7935a0c3bf02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27762
x-xss-protection
0
server
sffe
etag
"1338 / 579 of 1000 / last-modified: 1663585777"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 19 Sep 2022 17:08:36 GMT
moatheader.js
z.moatads.com/condenastprebidheader987326845656/ 		217 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a27d8289678c53095dc81f3d8060612f679daf0f5cceb89b5a42866631f932f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 19:15:04 GMT
server
AmazonS3
x-amz-request-id
RYKR9GKX8NSB3B4A
etag
"a1d19a14ae8fef31099c7c24d069e027"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=61354
accept-ranges
bytes
content-length
78248
x-amz-id-2
09OzpUFdv6sDNcxLHhB8h7lbknyGGC/bZsgAmWlWgeFL1syYOSavqfvCCbblPssDhfKeZFcLM78=
apstag.js
c.amazon-adsystem.com/aax2/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Sep 2022 16:40:14 GMT
via
1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront), 1.1 aed3f8ed29085c056c75452d71b07f7e.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:32 GMT
server
AmazonS3
age
1703
etag
W/"0b4d277527066dd35dd7c0288cb596b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
IAD89-C3, PHL50-C1
content-encoding
gzip
x-amz-cf-id
-trZfze26ju70a0Dq4Cw55vhNyznRxb_YvfSp46R86jQfNx5n9_dhQ==
prebid.min.js
www.wired.com/hotzones/esi/wired/ 		273 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/hotzones/esi/wired/prebid.min.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f9f4ab30d5ad26fb21fac14245a63c41deb74cbcd51d6b9000acd6437c1ab5f9
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
via
1.1 varnish
vary
accept-encoding, cn-experiments, Verso, bypass-verso-payment
age
36200
x-cache
HIT
hz-zone
1
content-encoding
gzip
content-length
88184
x-served-by
cache-yul12825-YUL
strict-transport-security
max-age=31536000; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
apple-news-services-host
www.wired.com
x-cache-hits
151
183973-93942139695505.js
js-sec.indexww.com/ht/p/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:36 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 16:51:35 GMT
Server
Apache
ETag
"da4015-ada8-5e90a86439caf"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2632
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
14812
Expires
Mon, 19 Sep 2022 17:52:28 GMT
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0da425eaadbec3853cae0b85493ea7ad6934972097b4f59d2a05dbb130585444
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20361
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Mon, 19 Sep 2022 17:08:36 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"40c22a9ccbd70870"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Sep 2022 17:08:36 GMT
swg.js
news.google.com/swg/js/v1/ 		147 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab7227f2ae21f2daf452863dfa171d2f5c902bf6f12deecd773ef6cb6e06d710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:56:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
700
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46294
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 20:41:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:46:56 GMT
logo-header.a7598835a549cb7d5ce024ef0710935927a034f9.svg
www.wired.com/verso/static/wired/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wired.com/verso/static/wired/assets/logo-header.a7598835a549cb7d5ce024ef0710935927a034f9.svg
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d097e69ff47df9414a0ec07dfc70401084f4599617045a3a3edc7661ff76f3f
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
via
1.1 varnish
age
4665195
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/wired/assets/logo-header.a7598835a549cb7d5ce024ef0710935927a034f9.svg
last-modified
Wed, 27 Jul 2022 16:35:32 GMT
verso
true
content-length
1266
x-amz-id-2
j2kVuyzYbpMghON/nPLnVg/anbupECeRyjBnr4H7RK87zuwb9QwL+1tC7En1i/XW03LwbAHedpE=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607316.479185,VS0,VE1
apple-news-services-request-url
/verso/static/wired/assets/logo-header.a7598835a549cb7d5ce024ef0710935927a034f9.svg
etag
"ce65105f89c50c0f92e35be389684c24"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
PWSTMJNCG3AM274C
access-control-allow-origin
*
expires
Thu, 27 Jul 2023 17:15:21 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
image/svg+xml
apple-news-services-host
www.wired.com
x-cache-hits
152
Lily%20Hay%20Newman%20copy.jpg
media.wired.com/photos/5acba3f40810d969021d9ed3/1:1/w_240,c_limit/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/5acba3f40810d969021d9ed3/1:1/w_240,c_limit/Lily%20Hay%20Newman%20copy.jpg
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1a2805cb40491a1e86d6f29f756e5e46eb48773f7ad1c1e6527c605f9ec7d235

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:36 GMT
Connection
keep-alive
Age
243107
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=564816 idim=2200x2328 ifmt=jpeg ofsz=3202 odim=240x240 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-iad-kjyo7100155-IAD, cache-yul12825-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663607317.513001,VS0,VE1
Etag
"UnsJcHEgc9lZj+uCZIsKyFISCIwzOzH1Ux8V4d53TLY"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
3202
timing-allow-origin
*
X-Cache-Hits
1, 3
logo-reverse.548f3a7478ee71f618044082aa222dd05f31249c.svg
www.wired.com/verso/static/wired/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wired.com/verso/static/wired/assets/logo-reverse.548f3a7478ee71f618044082aa222dd05f31249c.svg
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af29cacfb5125f85da0f1557bb56456abcc1556dbd3094bb56e569890348c984
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
via
1.1 varnish
age
4665196
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/wired/assets/logo-reverse.548f3a7478ee71f618044082aa222dd05f31249c.svg
last-modified
Wed, 27 Jul 2022 16:35:32 GMT
verso
true
content-length
1436
x-amz-id-2
kaEl2yrZFrJqcI4ZUP4k3zb1O3ueVEdzwfwpb+o98s37lBTL5lebpmevdw/wuQ7bSvaVV76kCxI=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607316.479185,VS0,VE1
apple-news-services-request-url
/verso/static/wired/assets/logo-reverse.548f3a7478ee71f618044082aa222dd05f31249c.svg
etag
"2cba2fa9380ed2b50927ed9d520aaa3c"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
PWSJP8EYCY7XKASE
access-control-allow-origin
*
expires
Thu, 27 Jul 2023 17:15:21 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
image/svg+xml
apple-news-services-host
www.wired.com
x-cache-hits
504
BreveText-Book.woff
www.wired.com/verso/static/assets/fonts/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/BreveText-Book.woff
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9daef61d4b711f1d28c3eef6bd8d522b8df518e833767512ad79502cc605dbd
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
via
1.1 varnish
age
1157404
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/BreveText-Book.woff
last-modified
Tue, 06 Sep 2022 07:37:35 GMT
verso
true
content-length
35492
x-amz-id-2
ltvjNdVtFTykTNNS2TA/76SGhhkbfspmJHtzysq9/j8UwMBGcEigte8GUncJnyhQKZZmi6b3jx0=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607316.484268,VS0,VE0
apple-news-services-request-url
/verso/static/assets/fonts/BreveText-Book.woff
etag
"97629378bc029d817ccbb382c7245bd6"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
R8N6KX8F8S5XKHR5
access-control-allow-origin
*
expires
Wed, 06 Sep 2023 07:38:31 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff
apple-news-services-host
www.wired.com
x-cache-hits
134
WiredMono-Bold.woff
www.wired.com/verso/static/assets/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/WiredMono-Bold.woff
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26ed5f6aa822d65b6ea7df8d13f1a217d7a933376a824b7ef52af0e6f64f1a44
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
via
1.1 varnish
age
4665193
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/WiredMono-Bold.woff
last-modified
Wed, 27 Jul 2022 16:34:50 GMT
verso
true
content-length
21196
x-amz-id-2
2jQGIdbCPBvtka5oAke8S/3io9UZOQwPw3UfEsJulf6bwCMWO/xS9oS/1mEhlapaGP1Y8dfrfU0=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607316.484656,VS0,VE1
apple-news-services-request-url
/verso/static/assets/fonts/WiredMono-Bold.woff
etag
"9bae9bc16cf9e407e25b7c9c4ae30e1f"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
J9FT19WC5X48N3K9
access-control-allow-origin
*
expires
Thu, 27 Jul 2023 17:15:22 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff
apple-news-services-host
www.wired.com
x-cache-hits
133
Apercu-Bold-Pro.woff2
www.wired.com/verso/static/assets/fonts/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/Apercu-Bold-Pro.woff2
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
47a6d427b9f549f52ec7103a6ad5ce45c0f69e29b740eb88be8dfa053db21441
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
via
1.1 varnish
age
4160815
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/Apercu-Bold-Pro.woff2
last-modified
Tue, 02 Aug 2022 13:07:52 GMT
verso
true
content-length
46660
x-amz-id-2
W/qu8seH9H+zDkQcvimF8gszVPHyhzR8CR+pZKZr1dYpydT3rKcSxKbvs94DPBXAZqkS0wgZI/8=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607316.484648,VS0,VE1
apple-news-services-request-url
/verso/static/assets/fonts/Apercu-Bold-Pro.woff2
etag
"ea96e87226e7edc6d46a59d76e2055f5"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
N5RV2HENSK6DQ4MF
access-control-allow-origin
*
expires
Wed, 02 Aug 2023 13:21:40 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff2
apple-news-services-host
www.wired.com
x-cache-hits
132
WiredMono-Regular.woff2
www.wired.com/verso/static/assets/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/WiredMono-Regular.woff2
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c8c9128b649afff93f89f77eb2aa5a4bbbb1443bebc5156d0f697780c8beaa26
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
via
1.1 varnish
age
4665195
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/WiredMono-Regular.woff2
last-modified
Wed, 27 Jul 2022 16:34:50 GMT
verso
true
content-length
18912
x-amz-id-2
2yzk0ViMQe5hMtj9pQq8tQbNnwht/T1rZKG8wbZjlqoZSHmAbUQ8PujaPcCCd1u/NxGnuLhruuo=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607316.484641,VS0,VE0
apple-news-services-request-url
/verso/static/assets/fonts/WiredMono-Regular.woff2
etag
"e755d282ae1120887b3b1d207bb930ce"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
J9FRRTV8N1XPJH49
access-control-allow-origin
*
expires
Thu, 27 Jul 2023 17:15:22 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff2
apple-news-services-host
www.wired.com
x-cache-hits
131
ProximaNova-Regular.woff
www.wired.com/verso/static/assets/fonts/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/ProximaNova-Regular.woff
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9e0843dbf1dc0d65a75182a82b945a9373557932e61934c27679c357f20c33a9
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
via
1.1 varnish
age
4665195
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/ProximaNova-Regular.woff
last-modified
Wed, 27 Jul 2022 16:34:46 GMT
verso
true
content-length
27408
x-amz-id-2
vK94WrNrlvehyqCQKzKsXzi3ilvvMTiWyxNcuPbi93PmlrKF1957xvRh9yRQsu/kOSGFyOKt/dc=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607317.545243,VS0,VE1
apple-news-services-request-url
/verso/static/assets/fonts/ProximaNova-Regular.woff
etag
"57acd3677d276ad405bb6838d2b120d5"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
J9FMJ99WCDAJN8XT
access-control-allow-origin
*
expires
Thu, 27 Jul 2023 17:15:22 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff
apple-news-services-host
www.wired.com
x-cache-hits
132
ProximaNova-Bold.woff2
www.wired.com/verso/static/assets/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/ProximaNova-Bold.woff2
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6a4dac260dffc284594d633859fb508b2fcfade38b61c8af9cd55eb23adf9e89
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
via
1.1 varnish
age
1157868
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/ProximaNova-Bold.woff2
last-modified
Tue, 06 Sep 2022 07:28:04 GMT
verso
true
content-length
22500
x-amz-id-2
hgxLIkXWpUJ+kTtIU4P1h2I2x0qBgYBMwnRHdBp9vk79EU7LGgBAE1QeLGlxe2Ux+4mVW1P7ZRU=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607317.545501,VS0,VE0
apple-news-services-request-url
/verso/static/assets/fonts/ProximaNova-Bold.woff2
etag
"2ee806e52a1e28138bd67a5113c99949"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
DH0T36T20PPT8C81
access-control-allow-origin
*
expires
Wed, 06 Sep 2023 07:30:48 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff2
apple-news-services-host
www.wired.com
x-cache-hits
130
BreveText-BookItalic.woff
www.wired.com/verso/static/assets/fonts/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/BreveText-BookItalic.woff
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c34a9420de5b381d4f2459193c70e4d84d5aaa0928a67907a57e2a9e9d3a8852
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
via
1.1 varnish
age
4665194
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/BreveText-BookItalic.woff
last-modified
Wed, 27 Jul 2022 16:34:37 GMT
verso
true
content-length
35744
x-amz-id-2
nRWUMTr4NsxEz+vzS3IawebJ7M73RoD5AKpjSzo4c8/gvOZadsnEOBAFXD5Ic9FOLa2H/JQDC4Y=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607317.545502,VS0,VE1
apple-news-services-request-url
/verso/static/assets/fonts/BreveText-BookItalic.woff
etag
"f8b4eded3c32119b3384de37a8c158a6"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
J9FHWHNW8VP1YPNT
access-control-allow-origin
*
expires
Thu, 27 Jul 2023 17:15:22 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff
apple-news-services-host
www.wired.com
x-cache-hits
1744
polyfill.min.js
polyfill.io/v3/ 		72 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?version=3.103.0&features=Object.assign%2CIntersectionObserver%2CPromise%2Cfetch%2CIntl.Locale%2CIntl.getCanonicalLocales%2CIntl.ListFormat%2CIntl.ListFormat.%7Elocale.en-GB%2CIntl.ListFormat.%7Elocale.en-US%2CIntl.ListFormat.%7Elocale.en-IN%2CIntl.ListFormat.%7Elocale.fr%2CIntl.ListFormat.%7Elocale.es
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
content-encoding
br
last-modified
Wed, 14 Sep 2022 15:11:15 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/105.0.0
server-timing
cache-yul12827, PASS, fastly;desc="Edge time";dur=16
accept-ranges
bytes
content-length
74
chunk.vendors~presenter-account-bookmarks~presenter-account-linking~presenter-account-sign-in-help~present~4ef59780.99def57522c2fd1f557f.js
www.wired.com/verso/static/ 		2 MB
500 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/chunk.vendors~presenter-account-bookmarks~presenter-account-linking~presenter-account-sign-in-help~present~4ef59780.99def57522c2fd1f557f.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cce9d31edf1c7ac059b6f913d03411925ce3d17d21a36e4e97e4dfb19b54b3ce
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
content-encoding
gzip
age
22131
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/chunk.vendors~presenter-account-bookmarks~presenter-account-linking~presenter-account-sign-in-help~present~4ef59780.99def57522c2fd1f557f.js
last-modified
Mon, 19 Sep 2022 10:45:18 GMT
verso
true
content-length
510273
x-amz-id-2
kIYTkbUeBH3t+6xU1SDL83YiOp//u6a/LMWMUUnX/VX25rXH+fAhgK1Tp5ajizsWj2xICB4j2IM=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607317.615004,VS0,VE1
apple-news-services-request-url
/verso/static/chunk.vendors~presenter-account-bookmarks~presenter-account-linking~presenter-account-sign-in-help~present~4ef59780.99def57522c2fd1f557f.js
etag
W/"fe4af04adf50a874c0ac9dd0a33193cb"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
P73S2V03E37P3CN2
via
1.1 varnish
expires
Tue, 19 Sep 2023 10:59:45 GMT
cache-control
max-age=86400
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/javascript
apple-news-services-host
www.wired.com
x-cache-hits
4
chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
www.wired.com/verso/static/ 		2 MB
472 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b01d4ba963be16f491485ac46d5aa89bf52e45fc64fad558aba54b43ce4ca024
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
content-encoding
gzip
age
11146
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
last-modified
Mon, 19 Sep 2022 13:50:50 GMT
verso
true
content-length
482287
x-amz-id-2
HmpQKskS9FEVoxT2LsP+MYj8+HMYbgm1y6xJTqnq7VzwXVf3bBgejtHstSOuPaRCwJw7ghE0C/E=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607317.615264,VS0,VE1
apple-news-services-request-url
/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
etag
W/"f0b5a427d0f80e941b5c93781a18d16b"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
91V74DBZMKV5KABF
via
1.1 varnish
expires
Tue, 19 Sep 2023 14:02:50 GMT
cache-control
max-age=86400
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/javascript
apple-news-services-host
www.wired.com
x-cache-hits
3
presenter-articles.207b6de91f611b0aaad4.js
www.wired.com/verso/static/ 		264 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/presenter-articles.207b6de91f611b0aaad4.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7419908540048c23afc58230effbbd6231be763ee633bf747ff7d30be3785d17
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
content-encoding
gzip
age
22131
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/presenter-articles.207b6de91f611b0aaad4.js
last-modified
Mon, 19 Sep 2022 10:57:26 GMT
verso
true
content-length
81557
x-amz-id-2
T0R4GxRQ59Ft+dhBGSyYatumoO0rvM8rZnUXh+f43J44eJUmgSkMcIJl/5MXFCQ61OEFgLwDmSI=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607317.615215,VS0,VE0
apple-news-services-request-url
/verso/static/presenter-articles.207b6de91f611b0aaad4.js
etag
W/"5c608b93209255f187cba0f5582ca2d3"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
P73WMMT9ETK92Q0G
via
1.1 varnish
expires
Tue, 19 Sep 2023 10:59:45 GMT
cache-control
max-age=86400
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/javascript
apple-news-services-host
www.wired.com
x-cache-hits
83
condenast-amp
segment-data.zqtk.net/ 		312 B
537 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://segment-data.zqtk.net/condenast-amp?url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.43.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-43-37.compute-1.amazonaws.com
Software
nginx /
Resource Hash
d4a9fd9436a3afebc7179d2a360e2e5a2280d7fb522ee463ae783d1b0ae05177

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:36 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://www.wired.com
Cache-Control
max-age=116164
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Wed, 21 Sep 2022 01:24:41 GMT
ads.js
www.wired.com/hotzones/src/ 		0
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/hotzones/src/ads.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
via
1.1 varnish
age
38241
x-served-by
cache-yul12825-YUL
vary
cn-experiments, Verso, bypass-verso-payment
x-cache
HIT
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
hz-zone
1
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
apple-news-services-host
www.wired.com
content-length
0
x-cache-hits
145
pixelpropagate.js
www.wired.com/hotzones/src/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/hotzones/src/pixelpropagate.js?cb=10244
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4de3f44f9af02f0a9ac1366998ed8d04b85caee3bccd4552c04edd8dcd926bee
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
via
1.1 varnish
vary
accept-encoding, cn-experiments, Verso, bypass-verso-payment
age
73040
x-cache
HIT
hz-zone
1
content-encoding
gzip
content-length
1188
x-served-by
cache-yul12825-YUL
strict-transport-security
max-age=31536000; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
apple-news-services-host
www.wired.com
x-cache-hits
210
user-context
www.wired.com/ 		465 B
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/user-context?referrer=&verso=true&location=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6b0f24d267fac3bd4905048bf2e384650a040a010094475a2ff2b090ed8bf883
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
content-encoding
gzip
vary
origin, Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
cache-yul12825-YUL
expires
0
server
nginx/1.15.8
x-frame-options
DENY
x-download-options
noopen
strict-transport-security
max-age=31536000; preload
content-type
application/javascript; charset=utf-8
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
none
timing-allow-origin
*
apple-news-services-host
user-context.condenastdigital.com
x-cache-hits
0
build-81a8a2d4b6012a28cee66c2306ead313.js
journey.wired.com/ 		270 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://journey.wired.com/build-81a8a2d4b6012a28cee66c2306ead313.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7259aaf1b41374f0bfc5da7db2520de524612671731ffc96bd6b4ec2e69d7465

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:36 GMT
Content-Encoding
gzip
Age
479625
X-Cache
HIT
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Content-Length
44317
x-amz-id-2
0k3yQj5u4oEBj8ls74QAogvdYZTqIsTRkuPC0bgbMUPzm+23BZE7fZhy2TMgsNapfHEJ/sW5GQw=
X-Served-By
cache-yul12828-YUL
timing-allow-origin
*
Last-Modified
Wed, 14 Sep 2022 03:53:56 GMT
Server
AmazonS3
Cache-Control
public, max-age=31536000
X-Timer
S1663607317.679743,VS0,VE0
ETag
"81a8a2d4b6012a28cee66c2306ead313"
Vary
Accept-Encoding
x-amz-request-id
S6AR8MDCVKKY8M6C
Via
1.1 varnish
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
561
ProximaNova-RegularItalic.woff
www.wired.com/verso/static/assets/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/ProximaNova-RegularItalic.woff
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8392b864ce606bf8ec20cf749f148dd7134d770200dd81df9b7adbc33a88978e
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
via
1.1 varnish
age
4665195
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/ProximaNova-RegularItalic.woff
last-modified
Wed, 27 Jul 2022 16:34:46 GMT
verso
true
content-length
27564
x-amz-id-2
KA8a5ZxDRuewxyqPMujB5g6qiwuzLLYId5gLVqxq5OdxZZXYadIhqWMtvy9yG9ZSiwmapNkTX4Y=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607317.659115,VS0,VE0
apple-news-services-request-url
/verso/static/assets/fonts/ProximaNova-RegularItalic.woff
etag
"37e0e76d0baa901390de58544942384d"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
J9FMZXZAJN3BPKFS
access-control-allow-origin
*
expires
Thu, 27 Jul 2023 17:15:22 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff
apple-news-services-host
www.wired.com
x-cache-hits
121
WiredMono-Light.woff
www.wired.com/verso/static/assets/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/WiredMono-Light.woff
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7ff758ced20d4139eb5f580cfc93d1161ed5e19a4a2d4020728143855d17adeb
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
via
1.1 varnish
age
2973820
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/WiredMono-Light.woff
last-modified
Tue, 16 Aug 2022 07:04:05 GMT
verso
true
content-length
21256
x-amz-id-2
peinfJYozpcZ94fj4iqSp6lwreRQjG6G9wX4aBR2j+9niTlhBsYnGUbORhzTs5v5TwsjDz7PYac=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607317.659104,VS0,VE0
apple-news-services-request-url
/verso/static/assets/fonts/WiredMono-Light.woff
etag
"86ae3ff7d521e7ad53923c387fddc7b8"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
YTR9694X7VZXB9NZ
access-control-allow-origin
*
expires
Wed, 16 Aug 2023 07:04:57 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff
apple-news-services-host
www.wired.com
x-cache-hits
2
93ddfe0c-4b21-4ad5-8191-612d2a67aad3.json
cdn.cookielaw.org/consent/93ddfe0c-4b21-4ad5-8191-612d2a67aad3/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/93ddfe0c-4b21-4ad5-8191-612d2a67aad3/93ddfe0c-4b21-4ad5-8191-612d2a67aad3.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c9b4ae05fb5b2e0a0f6b8ba4f3e2fd3669261fbb1decbbb9d9238feb65878e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 17:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OMmRMe049FxX2T7UwIPk4g==
age
3149
vary
Accept-Encoding
content-length
1665
x-ms-lease-status
unlocked
last-modified
Wed, 24 Aug 2022 14:59:58 GMT
server
cloudflare
etag
0x8DA85E15030EC7A
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
15697b69-a01e-0132-28ca-b7c663000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74d3eca1eae37154-YUL
expires
Mon, 19 Sep 2022 21:08:36 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		190 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb59848b4e6672fb3b94f7ce6ee8c7f6916c0ea6110c79e1384d9a71e8ebbf1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
74d3eca229524bc5-YUL
date
Mon, 19 Sep 2022 17:08:36 GMT
vary
Accept-Encoding
content-type
text/javascript
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:55:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
775
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:45:41 GMT
v2
mb.moatads.com/yi/ 		394 B
568 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oeOd4UyJc8Q0YElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-QQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pcode=condenastprebidheader987326845656&rx=430755292090&callback=MoatNadoAllJsonpRequest_4285734
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.217.94.233 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-217-94-233.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
6a28b60aabe29b83721c1e0af81e85184c20c96c9c1c65f5f7d84a74642416b0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:37 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"47557ce4f82810d33c62ea94cada165ff1b5d460"
content-length
394
content-type
text/html; charset=UTF-8
config
c.amazon-adsystem.com/cdn/prod/ 		802 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3035&u=https%3A%2F%2Fwww.wired.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
Server /
Resource Hash
823e186d74636c4d48883a6badb1fc5399bf9bad10143289d20330cdbf7f4f22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 13:15:46 GMT
via
1.1 aed3f8ed29085c056c75452d71b07f7e.cloudfront.net (CloudFront)
server
Server
age
13970
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
PHL50-C1
content-length
802
x-amz-cf-id
xnczuePgls7lLLGS-cZHnOi7UGfVVc-4Plrx3UoEVNkfRgqeFCXJ5w==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:40:45 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
26872
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
via
1.1 677c6e9af68514f698151642c19f6c8e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
PHL50-C1
content-type
application/javascript
x-amz-cf-id
-75jFRzCLleS3dCXoaHO71tYO_aQ2iX0BSA2oScH75_e2u5Y0rTZkw==
pubads_impl_2022091401.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f7bdb9c79c5498f8a5ed7229bf62d3ab6d11dca4698bfdd0f6249f624da13c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 10:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454649
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 08:37:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Sep 2023 10:51:07 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		355 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wired.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6d10209938eec5a9fe4ff26d46f0fcd46d5f08c64acdbad2b0d49731f0ed305
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
162
x-xss-protection
0
expires
Mon, 19 Sep 2022 17:08:36 GMT
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		181 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d754e05bc2acdfe544b477f31c057921708a43b9868402c1ae574c5c614dc528
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:36 GMT
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
74d3eca2ee694bca-YUL
access-control-allow-headers
Content-Type
wired.js
player.cnevids.com/interlude/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/interlude/wired.js?verso=true&onReady=CNE_onReady_16636073174380&hasExcludedEmbed=false&embeddedVideos=&rightRail=true&interludeOverrideId=5f2178a1bcdfff5e2a4786ac
Requested by
Host: www.wired.com
URL: https://www.wired.com/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-111.phl50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
619fe63e60464a4fee071a5931bd474b4cafbe619f1d2cb27c241f6bc06897bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Amz-Cf-Pop
PHL50-C1
X-Cache
Miss from cloudfront
Status
200 OK
Connection
keep-alive
Content-Length
10668
X-XSS-Protection
1; mode=block
X-Request-Id
74d0919d-43d8-4cc7-bc0b-8d25db4caf99
X-Runtime
0.006166
X-Backend-Node
10.110.42.227
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
ETag
W/"ade861a332d6513a4324d6eb3d153223"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 e1d636b234c38932eb25194cb146dbcc.cloudfront.net (CloudFront)
Cache-Control
max-age=0, private, must-revalidate
X-Amz-Cf-Id
zq_FvC9g1wTsirw_UUnIjPifnT-poVTj2sj6RFDQR53D8TsFworySQ==
gtm.js
www.googletagmanager.com/ 		589 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5HBJC2K&l=dataLayer
Requested by
Host: www.wired.com
URL: https://www.wired.com/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d505c23eeafb9281187da223f11be7c4da970fb89bff25f0dc920d3f502f3c2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:37 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158073
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 16:15:07 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Sep 2022 17:08:37 GMT
beacon
infinityid.condenastdigital.com/infinityid/ 		35 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infinityid.condenastdigital.com/infinityid/beacon?id=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.209.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-209-9.compute-1.amazonaws.com
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Server
nginx/1.15.8
vary
origin
Content-Type
image/gif
cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
accept-ranges
bytes
Content-Length
35
expires
0
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.35.0/ 		360 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 17:08:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
bDp57sS049dDkRqCL4m53Q==
age
7578
vary
Accept-Encoding
content-length
87115
x-ms-lease-status
unlocked
last-modified
Mon, 06 Jun 2022 06:21:06 GMT
server
cloudflare
etag
0x8DA4784BD4AE529
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
74e8856d-c01e-0004-086f-792d64000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74d3eca8ce1d713e-YUL
undefined
media.wired.com/photos/6324f56136c33c0247a2f098/16:9/w_640,h_450,c_limit/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/6324f56136c33c0247a2f098/16:9/w_640,h_450,c_limit/undefined
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0de94ae1e4dc98c4dfc2e55b93faf202250122afe52b82d724ced0b3e120db9f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:37 GMT
Connection
keep-alive
Age
240641
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=485025 idim=2400x1800 ifmt=jpeg ofsz=5138 odim=640x360 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-iad-kcgs7200176-IAD, cache-yul12834-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663607318.997970,VS0,VE1
Etag
"LAWWlYWFARpBBUU6JEUp3ZwteyMAJuXH4MNZRY9kGN8"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
5138
timing-allow-origin
*
X-Cache-Hits
1, 72
undefined
media.wired.com/photos/5ed0830175fe02f511141a7a/16:9/w_640,h_450,c_limit/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/5ed0830175fe02f511141a7a/16:9/w_640,h_450,c_limit/undefined
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
73d0b3ad6191c9bd1da09afa330eef03cde53d36063d669c0715194b5648f709

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Connection
keep-alive
Age
555823
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=85505 idim=682x511 ifmt=jpeg ofsz=8756 odim=640x360 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-iad-kiad7000118-IAD, cache-yul12825-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663607318.999874,VS0,VE1
Etag
"WdoWwBPJZbFfhM4eINtaFvab2U6L7/Wr6XebwCv0XeE"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
8756
timing-allow-origin
*
X-Cache-Hits
1, 9
undefined
media.wired.com/photos/63250632eecde8c117e7f467/16:9/w_640,h_450,c_limit/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/63250632eecde8c117e7f467/16:9/w_640,h_450,c_limit/undefined
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cc892362e5eda041f4dc9e7cee0407c2df380d8fe65804b6799d93239a55b22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Connection
keep-alive
Age
236351
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=579902 idim=2400x1800 ifmt=jpeg ofsz=10150 odim=640x360 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-iad-kjyo7100113-IAD, cache-yul12834-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663607318.015195,VS0,VE1
Etag
"7FY2vg4Tt5gwfvWadWkQ7PemstC6Xtc1KNNupIQ3tcQ"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
10150
timing-allow-origin
*
X-Cache-Hits
1, 16
undefined
media.wired.com/photos/6324633ceecde8c117e7f401/16:9/w_640,h_450,c_limit/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/6324633ceecde8c117e7f401/16:9/w_640,h_450,c_limit/undefined
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3ae474e9227986bfaa6b83411f707e953993c7b8058abcbe0870ad330a98cffb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Connection
keep-alive
Age
278215
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=3556789 idim=2400x1600 ifmt=jpeg ofsz=53610 odim=640x360 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-fra19164-FRA, cache-yul12825-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663607318.016982,VS0,VE3
Etag
"TbNwfP9VEtkAvMJB8X7PdoCpCx8L8nwLSz3PA9M6XWQ"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
53610
timing-allow-origin
*
X-Cache-Hits
1, 1
ats.js
ats.rlcdn.com/ 		109 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-16.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
via
1.1 53e905605490f05641e5a7bb370e4b1a.cloudfront.net (CloudFront)
etag
"148e21f812b555a13b2a9c6b616141f4"
age
72170
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
content-length
112112
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
date
Sun, 18 Sep 2022 21:05:49 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-type
application/x-javascript
x-amz-cf-id
ztJ6T5o8aeq8CXJmbfD2H8-hQYNDZEkGv42tGIdGhij_oFI-H4kUig==
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.wired.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wired.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		578 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=545560438447052&correlator=1443693347263306&hxva=1&scor=360786624413603&eid=31068458%2C31068928%2C31069627%2C31069635%2C44761478%2C31062930&output=ldjh&gdfp_req=1&vrg=2022091401&ptt=17&impl=fifs&us_privacy=1---&iu_parts=3379%2Cconde.wired%2Cinterstitial%2Csecurity%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&adks=3614482195&sfv=1-0-38&ists=1&fsapi=false&prev_scp=pos%3Dinterstitial%26ctx_slot_type%3Dout_of_page%26ctx_slot_rn%3D0%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Dout_of_page_0%26slot_name%3Dinterstitial_1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_death_injury%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0%26env_device_type%3Ddesktop%26ctx_template%3Dmt_article_two_column%26content_type%3Darticle%26ctx_page_channel%3Dsecurity%26ctx_page_sub_channel%3Dnational-security%26sub_sub_channel%3D%26env_server%3Dproduction%26ctx_cns_version%3D6.62.7%26ctx_page_slug%3Duber-hack-mfa-phishing%26cnt_copilotid%3D632496798990652479ff3877%26cnt_platform%3Dverso%26cnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%26fastly_geo%3Dca%26pageview_id%3D8404177878%26usr_bkt_eva%3D36%26usr_bkt_ses%3D35%26usr_bkt_pv%3D57%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26usr_segments%3Dco.w2238%26cn_metrics%3Dcmr_high%26vnd_prx_segments%3D121100%252C131100%252C131127%252C230004%252C230017%252C230103%252C230133%252C230163%252C230016%252C603525%252C300003%252C210001%252C240000%252C240002%252C240003%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240015%252C240018%252C240019%252Cmiovit%252Czlqtg4%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_entities%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_keywords%3Duber%252Chacker%252Cauthentication%252Cattacker%252Cbreach%252Csystem%252Cnotification%252Caccess%252Czatko%252Ccybersecurity%252Cattack%252Chack_devastation%252Cresearcher%252Csecurity_engineer%252Cservice%252Ctwitter%252Cthursday_evening%252Ccompany%252Cthe_new_york_times%252Ccedric_owens%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D7019f732-25e0-4a38-bce5-b53f5c128960&ppid=7019f73225e04a38bce5b53f5c128960&sc=1&cookie_enabled=1&abxe=1&dt=1663607318137&lmt=1663607318&dlt=1663607316412&idt=1618&adxs=0&adys=56&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=0&ohw=0&ga_vid=987098063.1663607318&ga_sid=1663607318&ga_hid=1330670363&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
12efd30ba2cb9e04161c4ab3bb6c993839c4401d43785b2763d4b96917c5b22e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
306
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		402 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=545560438447052&correlator=1443693347263306&hxva=1&scor=360786624413603&eid=31068458%2C31068928%2C31069627%2C31069635%2C44761478%2C31062930&output=ldjh&gdfp_req=1&vrg=2022091401&ptt=17&impl=fifs&us_privacy=1---&iu_parts=3379%2Cconde.wired.native%2Caside%2Csecurity%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=320x50%7C2x2&fluid=height&ifi=2&adks=1253013061&sfv=1-0-38&fsapi=false&prev_scp=pos%3Daside%26ctx_slot_type%3Daside%26ctx_slot_rn%3D0%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Daside_0%26slot_name%3Daside_1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_death_injury%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0%26env_device_type%3Ddesktop%26ctx_template%3Dmt_article_two_column%26content_type%3Darticle%26ctx_page_channel%3Dsecurity%26ctx_page_sub_channel%3Dnational-security%26sub_sub_channel%3D%26env_server%3Dproduction%26ctx_cns_version%3D6.62.7%26ctx_page_slug%3Duber-hack-mfa-phishing%26cnt_copilotid%3D632496798990652479ff3877%26cnt_platform%3Dverso%26cnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%26fastly_geo%3Dca%26pageview_id%3D8404177878%26usr_bkt_eva%3D36%26usr_bkt_ses%3D35%26usr_bkt_pv%3D57%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26usr_segments%3Dco.w2238%26cn_metrics%3Dcmr_high%26vnd_prx_segments%3D121100%252C131100%252C131127%252C230004%252C230017%252C230103%252C230133%252C230163%252C230016%252C603525%252C300003%252C210001%252C240000%252C240002%252C240003%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240015%252C240018%252C240019%252Cmiovit%252Czlqtg4%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_entities%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_keywords%3Duber%252Chacker%252Cauthentication%252Cattacker%252Cbreach%252Csystem%252Cnotification%252Caccess%252Czatko%252Ccybersecurity%252Cattack%252Chack_devastation%252Cresearcher%252Csecurity_engineer%252Cservice%252Ctwitter%252Cthursday_evening%252Ccompany%252Cthe_new_york_times%252Ccedric_owens%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D7019f732-25e0-4a38-bce5-b53f5c128960&ppid=7019f73225e04a38bce5b53f5c128960&sc=1&cookie_enabled=1&abxe=1&dt=1663607318143&lmt=1663607318&dlt=1663607316412&idt=1618&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=640&ohw=0&ga_vid=987098063.1663607318&ga_sid=1663607318&ga_hid=1330670363&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
295a536985ac8f07fae9253207220d64c4372d4f8b7c5f1cad33ffa8c440968f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
204
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		417 B
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=545560438447052&correlator=1443693347263306&hxva=1&scor=360786624413603&eid=31068458%2C31068928%2C31069627%2C31069635%2C44761478%2C31062930&output=ldjh&gdfp_req=1&vrg=2022091401&ptt=17&impl=fifs&us_privacy=1---&iu_parts=3379%2Cconde.wired.native%2Cin-content%2Csecurity%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=320x50&fluid=height&ifi=3&adks=3600696306&sfv=1-0-38&fsapi=false&prev_scp=pos%3Din-content%26ctx_slot_type%3Din_content%26ctx_slot_rn%3D0%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Din_content_0%26slot_name%3Din_content_1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_death_injury%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0%26env_device_type%3Ddesktop%26ctx_template%3Dmt_article_two_column%26content_type%3Darticle%26ctx_page_channel%3Dsecurity%26ctx_page_sub_channel%3Dnational-security%26sub_sub_channel%3D%26env_server%3Dproduction%26ctx_cns_version%3D6.62.7%26ctx_page_slug%3Duber-hack-mfa-phishing%26cnt_copilotid%3D632496798990652479ff3877%26cnt_platform%3Dverso%26cnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%26fastly_geo%3Dca%26pageview_id%3D8404177878%26usr_bkt_eva%3D36%26usr_bkt_ses%3D35%26usr_bkt_pv%3D57%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26usr_segments%3Dco.w2238%26cn_metrics%3Dcmr_high%26vnd_prx_segments%3D121100%252C131100%252C131127%252C230004%252C230017%252C230103%252C230133%252C230163%252C230016%252C603525%252C300003%252C210001%252C240000%252C240002%252C240003%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240015%252C240018%252C240019%252Cmiovit%252Czlqtg4%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_entities%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_keywords%3Duber%252Chacker%252Cauthentication%252Cattacker%252Cbreach%252Csystem%252Cnotification%252Caccess%252Czatko%252Ccybersecurity%252Cattack%252Chack_devastation%252Cresearcher%252Csecurity_engineer%252Cservice%252Ctwitter%252Cthursday_evening%252Ccompany%252Cthe_new_york_times%252Ccedric_owens%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D7019f732-25e0-4a38-bce5-b53f5c128960&ppid=7019f73225e04a38bce5b53f5c128960&sc=1&cookie_enabled=1&abxe=1&dt=1663607318147&lmt=1663607318&dlt=1663607316412&idt=1618&adxs=262&adys=3006&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&frm=20&vis=1&psz=575x0&msz=575x0&fws=0&ohw=0&ga_vid=987098063.1663607318&ga_sid=1663607318&ga_hid=1330670363&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9451ca22d2a1003d98684847c67d660019bf57980cf92ac8ab81411e0d695e60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
216
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		409 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=545560438447052&correlator=1443693347263306&hxva=1&scor=360786624413603&eid=31068458%2C31068928%2C31069627%2C31069635%2C44761478%2C31062930&output=ldjh&gdfp_req=1&vrg=2022091401&ptt=17&impl=fifs&us_privacy=1---&iu_parts=3379%2Cconde.wired.native%2Cread-more%2Csecurity%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=320x50&fluid=height&ifi=4&adks=4283934905&sfv=1-0-38&fsapi=false&prev_scp=pos%3Dread-more%26ctx_slot_type%3Dread_more%26ctx_slot_rn%3D0%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Dread_more_0%26slot_name%3Dread_more_1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_death_injury%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0%26env_device_type%3Ddesktop%26ctx_template%3Dmt_article_two_column%26content_type%3Darticle%26ctx_page_channel%3Dsecurity%26ctx_page_sub_channel%3Dnational-security%26sub_sub_channel%3D%26env_server%3Dproduction%26ctx_cns_version%3D6.62.7%26ctx_page_slug%3Duber-hack-mfa-phishing%26cnt_copilotid%3D632496798990652479ff3877%26cnt_platform%3Dverso%26cnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%26fastly_geo%3Dca%26pageview_id%3D8404177878%26usr_bkt_eva%3D36%26usr_bkt_ses%3D35%26usr_bkt_pv%3D57%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26usr_segments%3Dco.w2238%26cn_metrics%3Dcmr_high%26vnd_prx_segments%3D121100%252C131100%252C131127%252C230004%252C230017%252C230103%252C230133%252C230163%252C230016%252C603525%252C300003%252C210001%252C240000%252C240002%252C240003%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240015%252C240018%252C240019%252Cmiovit%252Czlqtg4%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_entities%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_keywords%3Duber%252Chacker%252Cauthentication%252Cattacker%252Cbreach%252Csystem%252Cnotification%252Caccess%252Czatko%252Ccybersecurity%252Cattack%252Chack_devastation%252Cresearcher%252Csecurity_engineer%252Cservice%252Ctwitter%252Cthursday_evening%252Ccompany%252Cthe_new_york_times%252Ccedric_owens%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D7019f732-25e0-4a38-bce5-b53f5c128960&ppid=7019f73225e04a38bce5b53f5c128960&sc=1&cookie_enabled=1&abxe=1&dt=1663607318150&lmt=1663607318&dlt=1663607316412&idt=1618&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=987098063.1663607318&ga_sid=1663607318&ga_hid=1330670363&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28fd0a0bb402484e3f7622df7a5539f7bec89921e801d57a5b89d57a9d7658b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
206
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1BB2 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:08:38 GMT
expires
Tue, 19 Sep 2023 17:08:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
5f2178a1bcdfff5e2a4786ac.js
player.cnevids.com/script/video/ 		68 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/script/video/5f2178a1bcdfff5e2a4786ac.js?autoplay=1&muted=1&continuousPlay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=copilotIdOverride&recStrategy=copilotIdOverride&showPlaylistBar=false&isRightRail=true&onIframeReady=onIframeReady16636073181720
Requested by
Host: www.wired.com
URL: https://www.wired.com/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-111.phl50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
2e8a1f45a3760d8c6bdb8b4d2d55ac3532f06ac81bacb6731a30ede548e6cc99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Amz-Cf-Pop
PHL50-C1
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
Status
200 OK
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
6dc5efb6-9f0e-4106-ae61-78b6cab35dc2
X-Runtime
0.006933
X-Backend-Node
10.110.42.227
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
ETag
W/"a95402a579f1f938c5aaeac4a55ea864"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 e1d636b234c38932eb25194cb146dbcc.cloudfront.net (CloudFront)
Cache-Control
max-age=0, private, must-revalidate
X-Amz-Cf-Id
NXbbynnB3l5d3_k9Ajcd5z6dAC-2j_v0gGthiOKKd4MpTgzwW78NqA==
beacon
www.allure.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allure.com/infinityid/beacon?id=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Via
1.1 varnish
Vary
origin, cn-experiments, Verso
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
35
X-Served-By
cache-yul12824-YUL
Server
nginx/1.15.8
X-Timer
S1663607318.247815,VS0,VE17
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
expires
0
beacon
www.architecturaldigest.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.architecturaldigest.com/infinityid/beacon?id=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Via
1.1 varnish
Server
nginx/1.15.8
Connection
keep-alive
Vary
origin
X-Cache
MISS
Content-Type
image/gif
expires
0
Cache-Control
no-cache
X-Cache-Hits
0
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security
max-age=7776000; preload
accept-ranges
bytes
Content-Length
35
X-Served-By
cache-yul12826-YUL
beacon
www.bonappetit.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bonappetit.com/infinityid/beacon?id=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-src https: data: blob:; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Via
1.1 varnish
Vary
origin, cn-experiments, Verso
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
35
X-Served-By
cache-yul12832-YUL
Server
nginx/1.15.8
X-Timer
S1663607318.239735,VS0,VE16
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-src https: data: blob:; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
expires
0
beacon
www.cntraveler.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cntraveler.com/infinityid/beacon?id=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Via
1.1 varnish
Vary
origin, cn-experiments, Verso
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
35
X-Served-By
cache-yul12827-YUL
Server
nginx/1.15.8
X-Timer
S1663607318.251915,VS0,VE16
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
expires
0
beacon
www.epicurious.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.epicurious.com/infinityid/beacon?id=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Via
1.1 varnish
Vary
origin, cn-experiments, Verso
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
35
X-Served-By
cache-yul12829-YUL
Server
nginx/1.15.8
X-Timer
S1663607318.229023,VS0,VE16
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
expires
0
beacon
www.glamour.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.glamour.com/infinityid/beacon?id=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
via
1.1 varnish, 1.1 varnish
vary
origin, cn-experiments, Verso, accept-encoding
x-cae-version
14
transfer-encoding
chunked
x-cache
MISS, MISS
x-cache-hits
0, 0
Connection
keep-alive
content-encoding
gzip
x-served-by
cache-yul12826-YUL
server
nginx/1.15.8
x-timer
S1663607318.256124,VS0,VE20
date
Mon, 19 Sep 2022 17:08:38 GMT
strict-transport-security
max-age=7776000; preload
content-type
image/gif
cache-control
no-cache
accept-ranges
none
expires
0
beacon
www.gq.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gq.com/infinityid/beacon?id=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Via
1.1 varnish
X-Cache
MISS
X-UA-Device
desktop
X-Cache-Hits
0
Connection
keep-alive
Content-Length
35
X-Served-By
cache-yul12824-YUL
Verso
false
Server
nginx/1.15.8
X-Timer
S1663607318.261629,VS0,VE16
Vary
origin, cn-experiments, Verso
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
expires
0
beacon
www.newyorker.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newyorker.com/infinityid/beacon?id=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Via
1.1 varnish
Connection
keep-alive
Vary
origin
X-Cache
MISS
Content-Type
image/gif
expires
0
Cache-Control
no-cache
X-Cache-Hits
0
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security
max-age=86400; preload
accept-ranges
bytes
Content-Length
35
X-Served-By
cache-yul12823-YUL
beacon
pitchfork.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pitchfork.com/infinityid/beacon?id=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
35
X-Served-By
cache-yul12823-YUL
Verso
false
Server
nginx/1.15.8
X-Timer
S1663607318.250985,VS0,VE19
Vary
Accept-Encoding, X-Format, Verso
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
expires
0
beacon
www.self.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.self.com/infinityid/beacon?id=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Vary
origin, cn-experiments, Verso
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
35
X-Served-By
cache-yul12828-YUL
Server
nginx/1.15.8
X-Timer
S1663607318.301935,VS0,VE18
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
X-FC-Vary-Parameters
acceptencoding
expires
0
beacon
www.teenvogue.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.teenvogue.com/infinityid/beacon?id=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
35
X-Served-By
cache-yul12831-YUL
X-Fastly-Backend
XID_BEACON
Server
nginx/1.15.8
X-Timer
S1663607318.296456,VS0,VE17
Vary
origin, cn-experiments, Verso
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
expires
0
beacon
www.them.us/infinityid/ 		35 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.them.us/infinityid/beacon?id=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Via
1.1 varnish
Server
nginx/1.15.8
Vary
origin, Accept-Encoding, cn-experiments, Verso
X-Cache
MISS
Content-Type
image/gif
expires
0
Cache-Control
no-cache
transfer-encoding
chunked
X-Cache-Hits
0
Connection
keep-alive
accept-ranges
none
content-encoding
gzip
X-Served-By
cache-yul12832-YUL
beacon
www.vanityfair.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vanityfair.com/infinityid/beacon?id=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Via
1.1 varnish
Vary
origin, Accept-Encoding, cn-experiments, Verso
transfer-encoding
chunked
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
content-encoding
gzip
X-Served-By
cache-yul12823-YUL
Server
nginx/1.15.8
X-Timer
S1663607318.312789,VS0,VE17
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
none
apple-news-services-host
infinityid.condenastdigital.com
expires
0
beacon
www.vogue.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vogue.com/infinityid/beacon?id=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Server
nginx/1.15.8
Varnish-X-Cache
MISS
Connection
keep-alive
Vary
origin, cn-experiments, Verso
X-Cache
MISS
Content-Type
image/gif
expires
0
Cache-Control
no-cache
X-Cache-Hits
0
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
Strict-Transport-Security
max-age=7776000; preload
accept-ranges
bytes
Content-Length
35
X-Served-By
cache-yul12822-YUL
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		182 B
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3035&u=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pid=qCGZP7APHOmmF&cb=0&ws=1600x1200&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22hero_0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22hero%2Fdesktop%22%7D%5D&pj=%7B%22si_section%22%3A%22security%22%2C%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.202.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-202-36.phl50.r.cloudfront.net
Software
Server /
Resource Hash
2497f94d8a997612d5da2ad1d85dc3e430771037e23c2d9c9a89379686ceccac
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
via
1.1 e329cb97e195e238d2d961aa95a36a4a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-amz-rid
6D95N6V6PJ4DRHGX59H5
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
182
x-amz-cf-id
9nFyTdwdwW9lVkPdPTImgR5qW4s-RbBxGtWPFvb8b_azeZNIKr0evQ==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		0
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		328 B
651 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=306872&zone_id=1548442&size_id=2&alt_size_ids=57&us_privacy=1---&eid_pubcid.org=af305ee8-c444-45ee-9db6-5c49cd617f43%5E1&rf=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&tg_i.cnt_tags=security%2Chacking%2Cvulnerabilities%2Cuber%2Cnational-security&tk_flint=pbjs_lite_v7.11.0&x_source.tid=9ca17fad-c9b0-42e7-858e-3f3f66a796c5&l_pb_bid_id=3363a0b1a6ee02&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5855498726525283
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f9af8f22898bfc556f103a507cb72fa77ba9e0e13111604c9b08ee407d146fa9

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:38 GMT
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/json
content-length
328
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=376149&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2242cbc6b4be904b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fcnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cnt_tags%22%3A%5B%22security%22%2C%22hacking%22%2C%22vulnerabilities%22%2C%22uber%22%2C%22national-security%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%22%2C%22tmax%22%3A1000%2C%22syncsPerBidder%22%3A5%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22adunitcode%22%3A%22hero_728x90_970x250%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2253575d45fe7728%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22376149%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22376148%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%229ca17fad-c9b0-42e7-858e-3f3f66a796c5%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22af305ee8-c444-45ee-9db6-5c49cd617f43%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c174b7731359ce16773d4f72b076dc2b3512e5cb43edafb59b0353e2fdd994a

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XSfXBKR61ZV6lKz42N%2B1Y4KdvwDcF9I3n0yUoYF7Ye%2By7ALckEPXEzrVTmg1T72IwupT3a96HI9R9tnyr0HE2Kex10%2BmYZLXaGqiqfeSEvBb%2BDr%2FQFn%2FQJFmjAW6Mk0Gv8Gl%2F8du"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.wired.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74d3ecab4ca7a1ff-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969ce00175757040bb70b6b4600016&pos=8a9691380175757044fd70c63cbf008a&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
1552dca5d8f032ff00b19b9d389961cdb2efbfd895f25847bdb1a5fc9b8736e0

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969ce00175757040bb70b6b4600016&pos=8a969ce00175757040bb70c63daf0091&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
7c2b816951633f059a0b33215f1bf37a71b0653f1d94067f1be07f97a684b565

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
content-length
62
arj
condenastus-d.openx.net/w/1.0/ 		190 B
602 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9ca17fad-c9b0-42e7-858e-3f3f66a796c5%2C9ca17fad-c9b0-42e7-858e-3f3f66a796c5&nocache=1663607318223&us_privacy=1---&pubcid=af305ee8-c444-45ee-9db6-5c49cd617f43&aus=728x90%2C970x250%7C728x90%2C970x250&divids=hero_728x90_970x250%2Chero_728x90_970x250&aucs=%2C&auid=541000862%2C541000867&aumfs=50%2C50
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
9d6c798275ce0c1eaff4c943110103ab8cdf4096dd5e9fe23dbcb8ceba2be83f

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.wired.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		14 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3a29ccf9dced5176ca14ebd599de94a00a171dca3d5ac0dc4db9bdf90d0e60c

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
cdb
bidder.criteo.com/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=59685552240&lsavail=1
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:08:37 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
en.json
cdn.cookielaw.org/consent/93ddfe0c-4b21-4ad5-8191-612d2a67aad3/d54ccda1-0379-484b-aa35-899451706118/ 		125 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/93ddfe0c-4b21-4ad5-8191-612d2a67aad3/d54ccda1-0379-484b-aa35-899451706118/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20c078d1c46cc6adb228e8f2d75abac84332c702edccab59242023740c77e191
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
SOSMZk1kMy+QaEgC6xn4VQ==
age
3176
vary
Accept-Encoding
content-length
23491
x-ms-lease-status
unlocked
last-modified
Wed, 24 Aug 2022 15:00:07 GMT
server
cloudflare
etag
0x8DA85E155A780C2
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2f9bffb1-401e-00bf-36ca-b7cc90000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74d3ecab2e527154-YUL
expires
Mon, 19 Sep 2022 21:08:38 GMT
gtm.js
www.googletagmanager.com/ 		160 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PPXGGXD&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HBJC2K&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
43ac53321699de9b855293f00101a35c359ed2a276e1d361644c22c2ba63cecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53363
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 16:15:07 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Sep 2022 17:08:38 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		182 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3035&u=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pid=qCGZP7APHOmmF&cb=1&ws=1600x1200&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22rail_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22rail%2Fdesktop%22%7D%5D&pj=%7B%22si_section%22%3A%22security%22%2C%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.202.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-202-36.phl50.r.cloudfront.net
Software
Server /
Resource Hash
f22c32205a7417f8c00ddadfe7a17931f1d5f1e20a38f61b695c12d4d4e61a8e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
via
1.1 e329cb97e195e238d2d961aa95a36a4a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-amz-rid
6TZVY5H5AFTEZPM3JBFW
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
182
x-amz-cf-id
VwnvYbMc8gwAOBeVlrhv64HAhjvXljHcu1Pw-bsqiX_DzPVmCv6uDQ==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		329 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=306872&zone_id=1548468&size_id=15&alt_size_ids=10&us_privacy=1---&eid_pubcid.org=af305ee8-c444-45ee-9db6-5c49cd617f43%5E1&rf=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&tg_i.cnt_tags=security%2Chacking%2Cvulnerabilities%2Cuber%2Cnational-security&tk_flint=pbjs_lite_v7.11.0&x_source.tid=e701d26f-1fc2-47df-bb25-8ebd10389723&l_pb_bid_id=2293ddd9f38f8f5&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5511095314244443
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a979f920e11758bf37879d3a8e33bbd7d0a6841fab93c07669becd880225386e

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:38 GMT
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/json
content-length
329
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		329 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=306872&zone_id=1548470&size_id=15&alt_size_ids=10&us_privacy=1---&eid_pubcid.org=af305ee8-c444-45ee-9db6-5c49cd617f43%5E1&rf=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&tg_i.cnt_tags=security%2Chacking%2Cvulnerabilities%2Cuber%2Cnational-security&tk_flint=pbjs_lite_v7.11.0&x_source.tid=e701d26f-1fc2-47df-bb25-8ebd10389723&l_pb_bid_id=23376ec940defd1&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8792949723131898
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::42 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1f232c5d80bc1d133ee48f3957bfff5b490c9e56be5e4cf2c7303f4ad391814a

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:38 GMT
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/json
content-length
329
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=376181&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%222435159b234db38%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fcnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cnt_tags%22%3A%5B%22security%22%2C%22hacking%22%2C%22vulnerabilities%22%2C%22uber%22%2C%22national-security%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%22%2C%22tmax%22%3A1000%2C%22syncsPerBidder%22%3A5%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22adunitcode%22%3A%22rail_300x250_300x600%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2225d3d153a35401e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22376181%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22376179%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22e701d26f-1fc2-47df-bb25-8ebd10389723%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22af305ee8-c444-45ee-9db6-5c49cd617f43%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91a2a54925057273b021ab677923f9d2c270deb47621a844719994c6069a20a1

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:38 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2yr0Xxqh04BRkxQpDDjuu0N6WFGJOI%2BXpjX6ViKa446KzjhJJ8Yst0c9r6RyoTmSATjQ9Mgsm1kL0RGYHiJD8BNPC%2BFRyfAWLQaVa9Ue331HSiQvz%2FDRK6%2BXixCzo49jtv%2F2x%2FW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.wired.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74d3ecabebdea217-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969ce00175757040bb70b6b4600016&pos=8a96958101757570497f70c64b5f008e&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
5a07667afbb809399e222a8aec9a7cf310c87ef7ff8b6108ac791e817ecd4c47

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
261 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969ce00175757040bb70b6b4600016&pos=8a9691380175757044fd70c64c5c008f&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
31bbf3dc3fd57434c865ad04bfbcf28f286bad852fa4d5b88fb9fe4bfa2a9125

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
content-length
62
arj
condenastus-d.openx.net/w/1.0/ 		190 B
372 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e701d26f-1fc2-47df-bb25-8ebd10389723%2Ce701d26f-1fc2-47df-bb25-8ebd10389723&nocache=1663607318349&us_privacy=1---&pubcid=af305ee8-c444-45ee-9db6-5c49cd617f43&aus=300x250%2C300x600%7C300x250%2C300x600&divids=rail_300x250_300x600%2Crail_300x250_300x600&aucs=%2C&auid=541000882%2C541000850&aumfs=50%2C50
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f891dd70b84754589cde070b857269e5a5603ec828eff6ba8e0ec7bbdb8a0484

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.wired.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		25 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6fdbcf5a6487b5dcbd6f11e3791b7f01221a47cfd4863ce6b671b29b7f2f2df5

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
cdb
bidder.criteo.com/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=14559427336&lsavail=1
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:08:37 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
/
geo.privacymanager.io/ 		30 B
594 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-30.phl50.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:37:17 GMT
via
1.1 e71ab653feb8332f51edf19089ecf9fc.cloudfront.net (CloudFront), 1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
age
34281
x-amzn-requestid
ccd0dc89-08df-41e4-92c6-a9868b09852d
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-63281c2d-191eba8b43b42fe42533577e;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
IAD55-P4, PHL50-C1
x-amz-apigw-id
YslXGFuljoEFdoQ=
content-length
30
x-amz-cf-id
CsuUsnNU1Iuegxt9wHYp6JcxXbucr666eRUjQKTWLQ0Ig3svyCG6Zw==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
embed-api.json
player.cnevids.com/ 		10 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/embed-api.json?videoId=5f2178a1bcdfff5e2a4786ac&interludeOverride=true&playerType=interlude&embedLocation=wired
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5f2178a1bcdfff5e2a4786ac.js?autoplay=1&muted=1&continuousPlay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=copilotIdOverride&recStrategy=copilotIdOverride&showPlaylistBar=false&isRightRail=true&onIframeReady=onIframeReady16636073181720
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.111 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-111.phl50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
74c0911329aa791933bf7fce4a6260ee7e542a83adb28a09a71454cf38ebb663
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:03:42 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Age
296
X-Cache
Hit from cloudfront
Status
200 OK
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
3486
X-XSS-Protection
1; mode=block
X-Request-Id
90a2a2b7-0108-4d00-aeee-3c83168ac064
X-Runtime
0.012005
X-Backend-Node
10.110.13.115
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
ETag
W/"f135da3759023600e28ce02df2991f37"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Via
1.1 55d59f6fe20d812e375923d2e18ac7fc.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control
max-age=300, public
X-Amz-Cf-Pop
PHL50-C1
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
95mHMnDHOl_L5ZqiB-l0sYY1mUgx-F-uL9hRed8kUdfXwDkXYLl_eg==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 20D5 		377 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5f2178a1bcdfff5e2a4786ac.js?autoplay=1&muted=1&continuousPlay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=copilotIdOverride&recStrategy=copilotIdOverride&showPlaylistBar=false&isRightRail=true&onIframeReady=onIframeReady16636073181720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27e83793f50bb31fc8e9fd687a90b7472f979f925993f597db551450c423487a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128538
x-xss-protection
0
expires
Mon, 19 Sep 2022 17:08:38 GMT
gpt_proxy.js
imasdk.googleapis.com/js/sdkloader/ 		83 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5f2178a1bcdfff5e2a4786ac.js?autoplay=1&muted=1&continuousPlay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=copilotIdOverride&recStrategy=copilotIdOverride&showPlaylistBar=false&isRightRail=true&onIframeReady=onIframeReady16636073181720
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1df3371f650083389e7b8913c038c3d3695cc92776c8a72d4f4bec5673e17046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:56:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
725
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30905
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 16:22:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:11:33 GMT
player-style-ad5233f92eb6f9be19d0.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame 20D5 		90 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/player-style-ad5233f92eb6f9be19d0.css
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5f2178a1bcdfff5e2a4786ac.js?autoplay=1&muted=1&continuousPlay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=copilotIdOverride&recStrategy=copilotIdOverride&showPlaylistBar=false&isRightRail=true&onIframeReady=onIframeReady16636073181720
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-35.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1412791fc3e8ede20785df7b4856ac7452464af2e797beb0859adb07771fdc84

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 18:47:27 GMT
Content-Encoding
gzip
Age
1462872
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
12947
Last-Modified
Fri, 02 Sep 2022 18:44:44 GMT
Server
AmazonS3
ETag
"ea430c2406991ae5498deee90d363e49"
x-amz-version-id
2cg9.WiNIDIrJGZmK_WaO3At3S9.Q45s
Via
1.1 cf426d8f6e10e609055662f292295434.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Content-Type
text/css; charset=utf-8
X-Amz-Cf-Id
wREW4HshQwwxZc2HuN7BbQl1fmIEk43UH9n8WKFCiSwH1sE8le4JQA==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
main-5cc57c23969657d0534a.js
d2c8v52ll5s99u.cloudfront.net/player/ Frame 20D5 		853 KB
232 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5f2178a1bcdfff5e2a4786ac.js?autoplay=1&muted=1&continuousPlay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=copilotIdOverride&recStrategy=copilotIdOverride&showPlaylistBar=false&isRightRail=true&onIframeReady=onIframeReady16636073181720
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-35.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b80a8fc491f973cc7bce5e3e8bf7992c52208c4bc516909d9fd84c6285750c2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 15:48:42 GMT
Content-Encoding
gzip
Age
436797
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
237176
Last-Modified
Tue, 13 Sep 2022 20:44:22 GMT
Server
AmazonS3
ETag
"741d57fce2781edd3ffefb3ea21e900a"
x-amz-version-id
EnvaWNADioVYZ6_aICw93l_85_Bm1hYQ
Via
1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Amz-Cf-Id
tLHIjner2L7UmPPiZopYvOp059mwjiastt6Zd38Xz3txTsmfOy0XHw==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
id
dpm.demdex.net/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F7093025512D2B690A490D44%40AdobeOrg&d_nsid=0&ts=1663607318510
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b1a2deea210bdb9d247c7084553a1db3b3392536e3bd832159ad01b61177ced7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v038-0e22dc084.edge-usw2.demdex.com 9 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
tuBvD0x3Q8I=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.wired.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
2192
Expires
Thu, 01 Jan 1970 00:00:00 UTC
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HBJC2K&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 26 Sep 2022 17:08:38 GMT
pixel.js
www.redditstatic.com/ads/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HBJC2K&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Tue, 19 Jul 2022 22:48:09 GMT
server
snooserv
etag
"95212d33cfff78ad59f5af5b20c48c53"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
accept-ranges
bytes
content-encoding
gzip
content-length
7722
spm.v1.min.js
ak.sail-horizon.com/spm/ 		124 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HBJC2K&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-105.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:00:54 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 23:20:31 GMT
server
AmazonS3
age
465
etag
W/"97dd801dd26ae0172c7875245d92f506"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 64aebd154b6045af00c94ad9d2ff49f2.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
7WObsPHoRfBCjnZ7IW_QlU2YhX_sBSnnapHqNgnawCt6jG9Uo7M2ag==
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
ZshwQ+tsD6Qxr+FrPUEpge27R45sqjBSO0PnBX3J57ls2S+55+NwcKMEooGNueRsBopt+/IAYv1ONvXsDb3zvA==
x-fb-trip-id
1425083115
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 17:08:38 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
i.js
tag.bounceexchange.com/2825/ 		297 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/2825/i.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
45c924dda7d9edbb1289005f0bd2beb71527b7ea9aa1498af0143726b8eb1c0d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:21 GMT
content-encoding
gzip
age
17
x-envoy-upstream-service-time
20
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130489
access-control-allow-origin
*
server
istio-envoy
etag
c2b56670b2bcc
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
via
1.1 google
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect
PageName=national%20security,SiteID=Wired,CampaignID=1802C,Channel=website,CreativeID=security,Placement=undefined
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MjE1L3QvMA/kv/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MjE1L3QvMA/kv/PageName=national%20security,SiteID=Wired,CampaignID=1802C,Channel=website,CreativeID=security,Placement=undefined
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82d1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 20:23:36 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=42100
accept-ranges
bytes
content-length
3063
memo.js
cdn.memo.co/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.memo.co/js/memo.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-63.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d7b91ed4a7804e22b94e4873af273def73469e80b740bd9787e287003058868

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
dIwRVCKiXrZkA8Vq0TRLD0Yyqjiw5iXT
content-encoding
gzip
etag
W/"09a117df3977ec5a869191fcea2ac408"
last-modified
Wed, 04 May 2022 18:49:53 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
cache-control
no-cache
date
Mon, 19 Sep 2022 17:08:39 GMT
x-amz-cf-id
AyJjO7mErUrq2LTO7sP1T6T8UpzsfdrMUpwilI9Cn-NTctbrV3OAbw==
57
a.ad.gt/api/v1/u/matches/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/57
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HBJC2K&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.86.50.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-50-147.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
b824fb86dba0ad706f216f3f13a6e469dbfd52eacca667d306532a235917c7d0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
nginx/1.20.0
content-type
application/javascript
hotjar-1537182.js
static.hotjar.com/c/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1537182.js?sv=6
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-70.phl50.r.cloudfront.net
Software
/
Resource Hash
b3bb96f49e25e37d6a8a7cf4c775b8f25af1b30e71e36426fd937b78b78a34d6
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=604800; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
age
59
x-cache
Hit from cloudfront
date
Mon, 19 Sep 2022 17:07:49 GMT
cross-origin-resource-policy
cross-origin
via
1.1 c1d7effc96a4e7ef2f2297d393d28d04.cloudfront.net (CloudFront)
cache-control
max-age=60
etag
W/ba1aff4bd0a7e43623759aaa9b0d16dd
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
9E5zslnVcOnMFerpGrPj1bDjfEsWb0v26duisVAoNfs36TfXQSLbiw==
events.js
analytics.tiktok.com/i18n/pixel/ 		126 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1IQID9FKFK1PHD4UBH0&lib=ttq
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.25 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-25.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b99178c5da6ff4d7f612c2c76c390f0a6485f16d87214aca7bca276aaebb86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
20220919170838E085F692E81494DA4D13
vary
Accept-Encoding
x-cache
TCP_MISS from a23-40-19-25.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
12,23.40.19.25
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0decbf94330e0e2334ce4c651698d8600afc3d3f86aa9b59c81053956f241af4c8e003a1bc6e1660f59acdf887262e6d5b4aba4eb9a1a3bf6ed6b9597459d51e1127
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=2, origin; dur=11
x-akamai-request-id
c0f2f01
expires
Mon, 19 Sep 2022 17:08:38 GMT
condenast_eujdmc753_wired.js
cdn-magiclinks.trackonomics.net/client/static/v2/ 		96 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/condenast_eujdmc753_wired.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:ba00:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
0cb52e90ef1b6d486d5ae330bf1b1823fb6c32c77b530ed462322582a95003a5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 12:05:50 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 16:02:08 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
age
18168
etag
W/"17fdc-5ddb90c503c8a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
qTTgoCWvHrjI6OzVQ-TCaEEv57s_uZiwy-Nqhc8DNQF7T2Zz8i5oOQ==
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
obtp.js
amplify.outbrain.com/cp/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.104 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-104.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Jun 2022 14:06:31 GMT
Server
AkamaiNetStorage
ETag
"51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3249
Expires
Mon, 19 Sep 2022 17:28:38 GMT
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.35.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/wtHD+oYY7dZRzCx50GZrQ==
age
901
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Mon, 06 Jun 2022 06:21:12 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
9b71877d-601e-0064-088a-796846000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
74d3ecacf9527154-YUL
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035094&ns__t=1663607318529&ns_c=UTF-8&c8=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED&c7=https%3...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1663607318529&ns_c=UTF-8&c8=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED&c7=https%...
0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1663607318529&ns_c=UTF-8&c8=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED&c7=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&c9=
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Server
13.224.214.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-36.phl50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
JMa6jyzQAzgCOIHiRzX-mYJ0GZptGydapsdHQuTYaTo9z7cFM5ZUVQ==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=6035094&ns__t=1663607318529&ns_c=UTF-8&c8=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED&c7=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&c9=
date
Mon, 19 Sep 2022 17:08:38 GMT
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
0
x-amz-cf-id
TAPfHRmXKhEFVACL0a7RIpHmDAQJsQeUyWJOJrLDt_fnVe0BFWtUYw==
x-cache
Miss from cloudfront
458249.gif
idsync.rlcdn.com/
Redirect Chain
  • https://idsync.rlcdn.com/709387.gif?partner_uid=7019f732-25e0-4a38-bce5-b53f5c128960&gtmcb=1276863855
  • https://idsync.rlcdn.com/1000.gif?memo=CIumKxIwCiwIARCFvQkaJDcwMTlmNzMyLTI1ZTAtNGEzOC1iY2U1LWI1M2Y1YzEyODk2MBAAGg0IlsSimQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=e39ff2cbcfdb8209793ecb6fbcf33842f7c1c58bf061f5b02b9e06711841ca4f791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBlMzlmZjJjYmNmZGI4MjA5NzkzZWNiNmZiY2YzMzg0MmY3YzFjNThiZjA2MWY1YjAyYjllMDY3MTE4NDFjYTRmNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBlMzlmZjJjYmNmZGI4MjA5NzkzZWNiNmZiY2YzMzg0MmY3YzFjNThiZjA2MWY1YjAyYjllMDY3MTE4NDFjYTRmNzkxNDI2YjU0MTdkY2UyMRAAGgwIl8SimQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=18a0bc53-da43-4e0d-9c80-53075592361a
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=18a0bc53-da43-4e0d-9c80-53075592361a
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:40 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=18a0bc53-da43-4e0d-9c80-53075592361a
date
Mon, 19 Sep 2022 17:08:40 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=undefined
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_device_id=undefined
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_device_id=undefined
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_device_id=undefined
date
Mon, 19 Sep 2022 17:08:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=648&partner_device_id=7019f732-25e0-4a38-bce5-b53f5c128960
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=648&partner_device_id=7019f732-25e0-4a38-bce5-b53f5c128960
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3aad9dc9-c03e-496d-ab1f-c7599363f9b7%252C&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=3aad9dc9-c03e-496d-ab1f-c7599363f9b7%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&ttd_puid=3aad9dc9-c03e-496d-ab1f-c7599363f9b7%2C
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&ttd_puid=3aad9dc9-c03e-496d-ab1f-c7599363f9b7%2C
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:39 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&ttd_puid=3aad9dc9-c03e-496d-ab1f-c7599363f9b7%2C
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
353
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HBJC2K&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
378
date
Mon, 19 Sep 2022 17:02:20 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 19 Sep 2022 19:02:20 GMT
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.178 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-178.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 13:30:21 GMT
Via
1.1 e329cb97e195e238d2d961aa95a36a4a.cloudfront.net (CloudFront)
Age
13097
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
TPLpm2f5n_p5xJd_7eQcFKMF-HZqC_XtIfvxk9H0vnQBkkGOxft8BA==
Expires
Tue, 20 Sep 2022 13:30:21 GMT
wired.config.js
pixel.condenastdigital.com/config/v2/production/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.condenastdigital.com/config/v2/production/wired.config.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9112b16c0bd02d574944dbfe8200cda4f233856de27ec693da793a78f656ec6d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:38 GMT
Content-Encoding
gzip
Age
376874
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
1315
x-amz-id-2
s+vz0x5p8CMzveNi/jHYI3qDOJLbBaBREJHYnbkbbvGleZBgp3ss1MzrxLMhaRS+6DqLdwq2jXM=
X-Served-By
cache-iad-kcgs7200109-IAD, cache-yul12825-YUL
Access-Control-Allow-Origin
*
Last-Modified
Thu, 15 Sep 2022 08:27:19 GMT
Server
AmazonS3
X-Timer
S1663607319.814370,VS0,VE0
ETag
"e77462bd78fdd12c591b2497ab50560f"
Vary
Accept-Encoding
x-amz-request-id
NR1QM880KCS1Y9WJ
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 15 Sep 2022 14:27:25 GMT
Cache-Control
no-cache, public, max-age=604800
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
1, 144
iu3
s.amazon-adsystem.com/ Frame C665
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
311 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2cd22835802a19a7da38b3d108b18762642f5436e3ff2623637d7cfe568cc273
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
311
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 19 Sep 2022 17:08:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
K5VGE0BKQWVHRSQJSQ3J

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 19 Sep 2022 17:08:38 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
8W08Q4KJNYHA6MGTXHTW
s2s-hb
pbs.getpublica.com/v1/ 		2 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.getpublica.com/v1/s2s-hb?site_id=2564&format=json&app_name=CNEVIDEO&adserver=gam&slot_count=1&site_name=wired&content_episode=5&content_length=684&content_season=Season%201&content_id=5f2178a1bcdfff5e2a4786ac&content_title=Internet%20Expert%20Debunks%20Cybersecurity%20Myths&content_series=Mythbusting&content_language=en&content_category=Security%2CScience%20%26%20Tech--Security&content_keywords=cybersecurity%2Ccybersecurity%20expert%2Ccomputer%20hacker%2Chackers%2Chacker%20security%2Cencryption%2Cgoogle%20read%20gmail%2Chackers%20computer%20camera%2Ccomputer%20camera%20hacker%2Chacker%20camera%2Cwired%20hacker%2Chacking%20expert%2Ccyber%20security%2Ccomputer%20security%2Cnetwork%20security%2Cnetwork%20security%20hacker%2Cwired%20network%20security%2Ccomputer%20hackers%2Chackers%20computer%2Csecurity%20wired%2Cwired%20eva%20galperin%2Ceva%20galperin%2Ceva%20galperin%20cybersecurity&site_page=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&cb=8762074
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5f2178a1bcdfff5e2a4786ac.js?autoplay=1&muted=1&continuousPlay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=copilotIdOverride&recStrategy=copilotIdOverride&showPlaylistBar=false&isRightRail=true&onIframeReady=onIframeReady16636073181720
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.209.73.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-73-62.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:38 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.wired.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Content-Length
26
Expires
0
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1663607318765&id=t2_bn0mvswd&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=4a953f63-3112-4dbe-aafc-38c2adba22e5&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_02c59ad6
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:38 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
main_89ceea329a99e3935afd4105c6694d4b.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		343 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main_89ceea329a99e3935afd4105c6694d4b.br.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/2825/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
42141e3a6ee96e76b31d9d103d3fffab2227c7afe68405010c68541c30ae6e0c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 14:57:00 GMT
content-encoding
br
age
353498
x-guploader-uploadid
ADPycdvpaSeeH8vqVddZe5Nt-Q6IpiAbGBE7v073SE5P0G7ZxgJ3N6Vb1kc55-rYkNunOHdI0bEA9F8_RqUiOE_5KJ2vMw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69243
last-modified
Thu, 15 Sep 2022 14:56:54 GMT
server
UploadServer
etag
"c32f9f14e7f91ee34253c456319d8162"
x-goog-hash
crc32c=bS3Ykw==, md5=wy+fFOf5HuNCU8RWMZ2BYg==
x-goog-generation
1663253814104898
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
69243
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 15 Sep 2023 14:57:00 GMT
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1663607318795&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1663607318795&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D434737%26time%3D1663607318795%26url%3Dhttps%253A%252F%252Fwww.wired.com%252Fstory...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1663607318795&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&cookiesTest=true&liSync=true
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1663607318795&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&cookiesTest=true&liSync=true&e_ipv6=AQLhHquqgTKinAA...
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=26e01f1b-8ffe-434e-a9d8-9cf5bb92dcde
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=26e01f1b-8ffe-434e-a9d8-9cf5bb92dcde&_expected_cookie=918e1a4c396a072ddff2f5ae...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=26e01f1b-8ffe-434e-a9d8-9cf5bb92dcde&_expected_cookie=918e1a4c396a072ddff2f5ae06c6138b
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Server
104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Mon, 19 Sep 2022 17:08:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74d3ecbd2b77f995-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=26e01f1b-8ffe-434e-a9d8-9cf5bb92dcde&_expected_cookie=918e1a4c396a072ddff2f5ae06c6138b
date
Mon, 19 Sep 2022 17:08:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74d3ecbc6ab9f995-YYZ
content-length
0
simple
api.sail-personalize.com/v1/personalize/ 		288 B
497 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
3e54db533043ad1e0d874401f6b842df9d5d18dc838beddad991cf9ecdde73fa

Request headers

x-lib-version
v1.0.1
accept-language
en-CA,en;q=0.9
authorization
Bearer 96cc6d73eeadca5c51a196378f9bf3d1
content-type
application/json
accept
application/json
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
x-referring-url
https://www.wired.com/story/uber-hack-mfa-phishing/

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:39 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
196
allowedmethods
GET,OPTIONS
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.wired.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.wired.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Mon, 19 Sep 2022 17:08:39 GMT
228464857488266
connect.facebook.net/signals/config/ 		485 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/228464857488266?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b94aea5f091eed6b7c2a43510824eee31474336036540843ace6d0221821ef8f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
146212
x-xss-protection
0
pragma
public
x-fb-debug
eujm/NsG5yhAB2IcSOsrXAS27iIWbrr8Ar7jDb5z5rFzreov9hmHKQxxLygi+gWKoQ0l8iTuvEpYlSWJLcRHzw==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 17:08:38 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.wired.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wired.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=545560438447052&vrg=2022091401&nw_id=3379&nslots=9&eid=31068458%2C31068928%2C31069627%2C31069635%2C44761478%2C31062930&pub_url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&sig=0&req=0&req_cnt=5&dm=8
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=545560438447052&correlator=1443693347263306&hxva=1&scor=360786624413603&eid=31068458%2C31068928%2C31069627%2C31069635%2C44761478%2C31062930&output=ldjh&gdfp_req=1&vrg=2022091401&ptt=17&impl=fifs&us_privacy=1---&iu_parts=3379%2Cconde.wired%2Crail%2Csecurity%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600&ifi=5&adks=3607248659&sfv=1-0-38&fsapi=false&prev_scp=pos%3Drail%26ctx_slot_type%3Drail%26ctx_slot_rn%3D0%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Drail_0%26slot_name%3Drail_1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.10%26hb_adid%3D42993667a3cfde8%26hb_bidder%3Dmedianet&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_death_injury%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Dmt_article_two_column%26content_type%3Darticle%26ctx_page_channel%3Dsecurity%26ctx_page_sub_channel%3Dnational-security%26sub_sub_channel%3D%26env_server%3Dproduction%26ctx_cns_version%3D6.62.7%26ctx_page_slug%3Duber-hack-mfa-phishing%26cnt_copilotid%3D632496798990652479ff3877%26cnt_platform%3Dverso%26cnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%26fastly_geo%3Dca%26pageview_id%3D8404177878%26usr_bkt_eva%3D36%26usr_bkt_ses%3D35%26usr_bkt_pv%3D57%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26usr_segments%3Dco.w2238%26cn_metrics%3Dcmr_high%26vnd_prx_segments%3D121100%252C131100%252C131127%252C230004%252C230017%252C230103%252C230133%252C230163%252C230016%252C603525%252C300003%252C210001%252C240000%252C240002%252C240003%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240015%252C240018%252C240019%252Cmiovit%252Czlqtg4%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_entities%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_keywords%3Duber%252Chacker%252Cauthentication%252Cattacker%252Cbreach%252Csystem%252Cnotification%252Caccess%252Czatko%252Ccybersecurity%252Cattack%252Chack_devastation%252Cresearcher%252Csecurity_engineer%252Cservice%252Ctwitter%252Cthursday_evening%252Ccompany%252Cthe_new_york_times%252Ccedric_owens%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D7019f732-25e0-4a38-bce5-b53f5c128960&ppid=7019f73225e04a38bce5b53f5c128960&sc=1&cookie=ID%3D29223b196227471a%3AT%3D1663607318%3AS%3DALNI_Mb-H0CrkXv1zp2kwalB3U9Yg4whDg&abxe=1&dt=1663607318886&lmt=1663607318&dlt=1663607316412&idt=1618&adxs=1067&adys=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&ga_vid=987098063.1663607318&ga_sid=1663607318&ga_hid=1330670363&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4ce6adc57571a65e9a7dfb327b27586a757c7d3ab5ac51f0a3630e6ae51ca412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12559
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-Jjy-Cyr1NZGRz.js
rules.quantcount.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Jjy-Cyr1NZGRz.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0760a0a454d26128b9f9bee6f99df65853ac0d5c14f498ff5b5c012ac9d715cc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:21:02 GMT
content-encoding
gzip
age
2858
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Sat, 27 Aug 2022 20:02:33 GMT
server
AmazonS3
etag
W/"e0deb87adc08650ebda7362e7c6f9508"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 6ef53c06467f47a1223db91b4e03cb22.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
a7a_5FmfcxU-Ao9bmWAnbunrevhOikN7ofkXA0CPJx25TIFfFZDHBg==
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=545560438447052&correlator=1443693347263306&hxva=1&scor=360786624413603&eid=31068458%2C31068928%2C31069627%2C31069635%2C44761478%2C31062930&output=ldjh&gdfp_req=1&vrg=2022091401&ptt=17&impl=fifs&us_privacy=1---&iu_parts=3379%2Cconde.wired%2Chero%2Csecurity%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C970x250%7C970x90%7C9x1%7C10x1&ifi=6&adks=2032318971&sfv=1-0-38&fsapi=false&prev_scp=pos%3Dhero%26ctx_slot_type%3Dhero%26ctx_slot_rn%3D0%26feature-flags%3Dsticky-eligible%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Dhero_0%26slot_name%3Dhero_1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.05%26hb_adid%3D41c61ace815cd41%26hb_bidder%3Dmedianet&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_death_injury%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Dmt_article_two_column%26content_type%3Darticle%26ctx_page_channel%3Dsecurity%26ctx_page_sub_channel%3Dnational-security%26sub_sub_channel%3D%26env_server%3Dproduction%26ctx_cns_version%3D6.62.7%26ctx_page_slug%3Duber-hack-mfa-phishing%26cnt_copilotid%3D632496798990652479ff3877%26cnt_platform%3Dverso%26cnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%26fastly_geo%3Dca%26pageview_id%3D8404177878%26usr_bkt_eva%3D36%26usr_bkt_ses%3D35%26usr_bkt_pv%3D57%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26usr_segments%3Dco.w2238%26cn_metrics%3Dcmr_high%26vnd_prx_segments%3D121100%252C131100%252C131127%252C230004%252C230017%252C230103%252C230133%252C230163%252C230016%252C603525%252C300003%252C210001%252C240000%252C240002%252C240003%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240015%252C240018%252C240019%252Cmiovit%252Czlqtg4%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_entities%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_keywords%3Duber%252Chacker%252Cauthentication%252Cattacker%252Cbreach%252Csystem%252Cnotification%252Caccess%252Czatko%252Ccybersecurity%252Cattack%252Chack_devastation%252Cresearcher%252Csecurity_engineer%252Cservice%252Ctwitter%252Cthursday_evening%252Ccompany%252Cthe_new_york_times%252Ccedric_owens%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D7019f732-25e0-4a38-bce5-b53f5c128960&ppid=7019f73225e04a38bce5b53f5c128960&sc=1&cookie=ID%3D29223b196227471a%3AT%3D1663607318%3AS%3DALNI_Mb-H0CrkXv1zp2kwalB3U9Yg4whDg&abxe=1&dt=1663607318933&lmt=1663607318&dlt=1663607316412&idt=1618&adxs=436&adys=56&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=987098063.1663607318&ga_sid=1663607318&ga_hid=1330670363&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3beb16a21d5a57e22fdabd66cd77b3dcba2b332d86c30f71f5144b5ea2412f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
145163
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14576
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-mediationtag-id
208259
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.d00377d3a043900eb4ef.js
script.hotjar.com/ 		252 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.d00377d3a043900eb4ef.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1537182.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-103.phl50.r.cloudfront.net
Software
/
Resource Hash
f520d200f5d04a2bc40f94c843eb0c2611ffcf103109f6758d81740c8f3b516a
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 13:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
446372
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=604800; includeSubDomains
content-length
65532
access-control-allow-origin
*
last-modified
Wed, 14 Sep 2022 13:08:33 GMT
etag
"74e062f975f5935c93ae5aff80efbd87"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
Arc7_iWJCIgom3F4rRR3sg-BioDlUL8vHIZ5lAOr1eba5QnhtzD5eQ==
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1IQID9FKFK1PHD4UBH0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.25 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-25.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:39 GMT
content-encoding
gzip
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202209191708384C62C402B4B0EBCEE1F5
vary
Accept-Encoding
x-cache
TCP_MISS from a23-40-19-25.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
14,23.40.19.25
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0decbf94330e0e2334ce4c651698d8600afc992ad335e73c0bd5d1caa195b59d0a5ac0885adf530960fd2c217c6aa3df9a194d1768cc6306ee1fd5406f6257b63f3c
server-timing
inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=14
x-akamai-request-id
c0f3054
expires
Mon, 19 Sep 2022 17:08:39 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		881 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C1IQID9FKFK1PHD4UBH0&hostname=www.wired.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1IQID9FKFK1PHD4UBH0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.25 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-25.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
66113d720f4bbd28846d83b6e1696785479dcfe046e57e6187182429a2e19994

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id
3d7651b.c0f308c
date
Mon, 19 Sep 2022 17:08:39 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a184-51-148-141.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-40-19-25.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-parent-response-time
20,23.40.19.25
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=13, inner; dur=3
content-length
358
pragma
no-cache
server
nginx
x-tt-logid
202209191708393C180EEEB4D4FAD96A6B
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
13,184.51.148.141
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0decd072b905f6ec236355e2b1131f1854b85955dd680a6d3e2317eea6f20a9033e2346f5cdc9250d841a781c59acec596da30b15ec271dd9343685a09b4c41cfae6962e577e70bcb106052a5571e1453b05
expires
Mon, 19 Sep 2022 17:08:39 GMT
dest5.html
condenast.demdex.net/ Frame 919A 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://condenast.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.193.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-193-199.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-2-v038-0afd0f575.edge-usw2.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
0u2tYvDoTcs=
content-encoding
gzip
date
Mon, 19 Sep 2022 17:08:39 GMT
last-modified
Mon, 19 Sep 2022 09:56:42 GMT
vary
accept-encoding
ibs:dpid=411&dpuuid=YyiiFwAAAEe96ANP
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=66373113506026136401086284029216043361
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YyiiFwAAAEe96ANP
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YyiiFwAAAEe96ANP
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-03d288e41.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
IZa/76ArSmU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YyiiFwAAAEe96ANP
Date
Mon, 19 Sep 2022 17:08:39 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&app=playerservice&cCh=videos%2Fshow&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pID=&sID=&uId=&xid=7019f732-25e0-4a38-bce5-b53f5c128960&_ts=2022-09-19T17%3A08%3A39.163Z&_c=error&_t=PrebidError&dim1=%7B%22errorData%22%3A%7B%22body%22%3A%5B%5D%7D%7D&dim3=Empty
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:39 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
sf-ui-display-medium-webfont.woff2
d2c8v52ll5s99u.cloudfront.net/assets/fonts/ Frame 20D5 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-ad5233f92eb6f9be19d0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-35.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

Referer
https://d2c8v52ll5s99u.cloudfront.net/player/player-style-ad5233f92eb6f9be19d0.css
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
ETag
"7d18db04f980971f2a9c5026bbc34bed"
X-Amz-Cf-Pop
PHL50-C1
X-Cache
RefreshHit from cloudfront
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
29632
Access-Control-Allow-Origin
*
Last-Modified
Mon, 26 Jun 2017 15:24:42 GMT
Server
AmazonS3
Date
Mon, 19 Sep 2022 17:08:40 GMT
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff2
Via
1.1 4a124e8b579c1eb5bfcb198db51e61fe.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
Accept-Ranges
bytes
X-Amz-Cf-Id
K1YEkxwuz49BKo__ZfVoqG7S7-Beakgjt2nBsFIzNj2rOX1cQ4kb8Q==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
bridge3.531.0_en.html
imasdk.googleapis.com/js/core/ Frame 7EFB 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.531.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88d739f667b9df4d11c027da7b5a61816b796d2d9e217c87100fd48daff232e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
359366
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211701
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 13:19:13 GMT
expires
Fri, 15 Sep 2023 13:19:13 GMT
last-modified
Thu, 15 Sep 2022 13:10:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 20D5 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 17:08:39 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 20D5 		101 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
ZshwQ+tsD6Qxr+FrPUEpge27R45sqjBSO0PnBX3J57ls2S+55+NwcKMEooGNueRsBopt+/IAYv1ONvXsDb3zvA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 17:08:39 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
comscore-min.js
d2c8v52ll5s99u.cloudfront.net/player/ Frame 20D5 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/comscore-min.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-35.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 24 May 2017 18:19:15 GMT
Server
AmazonS3
Age
236
ETag
W/"054acb6fbd2b2a6c1ac561705bffb0cc"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 675b284655681c433b27b85b9911e050.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Mon, 19 Sep 2022 17:04:44 GMT
X-Amz-Cf-Pop
PHL50-C1
X-Amz-Cf-Id
LO3BOUV9qqyAlQJ3rKIqPzceKe6DrVYenZeHGLPmcxCBwxCiu1XmYg==
destination
www.googletagmanager.com/gtag/ 		174 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-P1P55J3LNW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HBJC2K&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d3915cd5b4242079fbda395e38ea52f7ab62d9bf34c1dae243d78117cecc8632
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:39 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65548
x-xss-protection
0
expires
Mon, 19 Sep 2022 17:08:39 GMT
track
capture.condenastdigital.com/ Frame 20D5 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-09-19T17%3A08%3A39.171Z&_c=&_t=Player%20Requested&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:39 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ Frame 20D5 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-09-19T17%3A08%3A39.262Z&_c=initial&_t=gptData&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&dim1=%7B%22adBlocked%22%3Afalse%2C%22adUnits%22%3A%5B%223379%2Fconde.wired%2Finterstitial%2Fsecurity%2Farticle%2F1%22%2C%223379%2Fconde.wired%2Fhero%2Fsecurity%2Farticle%2F1%22%2C%223379%2Fconde.wired%2Frail%2Fsecurity%2Farticle%2F1%22%2C%223379%2Fconde.wired%2Frail%2Fsecurity%2Farticle%2F2%22%2C%223379%2Fconde.wired%2Fmid-content%2Fsecurity%2Farticle%2F1%22%2C%223379%2Fconde.wired%2Ffooter%2Fsecurity%2Farticle%2F1%22%2C%223379%2Fconde.wired.native%2Faside%2Fsecurity%2Farticle%2F1%22%2C%223379%2Fconde.wired.native%2Fin-content%2Fsecurity%2Farticle%2F1%22%2C%223379%2Fconde.wired.native%2Fread-more%2Fsecurity%2Farticle%2F1%22%5D%2C%22embedLocation%22%3A%22wired%22%2C%22error%22%3A%22%22%2C%22lineItems%22%3A%5B%5D%2C%22publicaEnabled%22%3Afalse%2C%22videoId%22%3A%225f2178a1bcdfff5e2a4786ac%22%7D
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:39 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
wired_expert-debunks-cybersecurity-myths.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_wired.png,fl_progressive,g_face,h_450,q_80,w_800/v1596029984/ Frame 20D5 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_wired.png,fl_progressive,g_face,h_450,q_80,w_800/v1596029984/wired_expert-debunks-cybersecurity-myths.jpg
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-192.phl50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
bb0137567a729cf712624be4ad3500fd341216cc1c9b1faaa451c13d0e899d0b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
79
X-Cache
Hit from cloudfront
Date
Mon, 19 Sep 2022 17:08:29 GMT
Connection
keep-alive
Content-Length
80073
Last-Modified
Wed, 29 Jul 2020 16:05:27 GMT
Server
Cloudinary
ETag
"f4354f9f8ea51260019fa3df286e428a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control
public, no-transform, max-age=300
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
FXjWKta8PGfA6R-hI252XEkJHtt4fK90UhXJxUMI4MGhlnOAektWog==
box-69edcc3187336f9b0a3fbb4c73be9fe6.html
vars.hotjar.com/ Frame 6920 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1537182.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-119.phl50.r.cloudfront.net
Software
/
Resource Hash
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1065091
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 07 Sep 2022 09:17:08 GMT
etag
"f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified
Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security
max-age=604800; includeSubDomains
vary
Accept-Encoding
via
1.1 e329cb97e195e238d2d961aa95a36a4a.cloudfront.net (CloudFront)
x-amz-cf-id
A6MtTud3ez7X-ML7qxphi--OM8MoL1iGvWdV0quXy5n-d9SeJp75Ng==
x-amz-cf-pop
PHL50-C1
x-cache
Hit from cloudfront
x-robots-tag
none
ecc8cbfe-2919-417e-8401-471ae030e8bf
https://www.wired.com/ Frame 20D5 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.wired.com/ecc8cbfe-2919-417e-8401-471ae030e8bf
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00c1076881eb5352ee07e7589585aa30bb
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:39 GMT
content-encoding
gzip
X-TraceId
d15f223b736b9b13f93490c2d282c193
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00c1076881eb5352ee07e7589585aa30bb&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&optOut=false&bust=0752736512340423&referrer=
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:39 GMT
Cache-Control
no-cache
X-TraceId
b43ed180fb7d7d8c3f0a8cb8b92a602d
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
sparrow.min.js
pixel.condenastdigital.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.condenastdigital.com/sparrow.min.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cff3ff7513a42187f914df965c0006c8756f549dc13ffb64540767042902a748

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:39 GMT
Content-Encoding
gzip
Age
390569
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
13370
x-amz-id-2
SENHVCtuomdm2Mm3mqd2d5TaZvXtN7y+tX3NqyQzcJZGMI1w5AhAFIHf5woKpMNeAi2X6kBHmcY=
X-Served-By
cache-bwi5179-BWI, cache-yul12825-YUL
Access-Control-Allow-Origin
*
Last-Modified
Mon, 18 Oct 2021 11:33:31 GMT
Server
AmazonS3
X-Timer
S1663607319.398971,VS0,VE0
ETag
"e6b88c6f7c41eb887a206c62c62867a9"
Vary
Accept-Encoding
x-amz-request-id
17RDPM5XDG8GCCK8
Via
1.1 varnish, 1.1 varnish
Expires
Wed, 20 Oct 2021 22:46:55 GMT
Cache-Control
no-cache, public, max-age=604800
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
2, 48926
p.js
cdn.parsely.com/keys/wired.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/wired.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.201.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-201-38.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
e4312f2f537cbd6e153d8426ab167e1537c2aa53c8be4f62f05de9e666155d13

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
public
date
Mon, 19 Sep 2022 08:31:03 GMT
content-encoding
gzip
last-modified
Mon, 17 Jan 2022 22:10:23 GMT
server
nginx
age
31056
etag
W/"61e5e94f-e009"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
zh2UTbKNSaOqOyGlMgGQbW3yn8UKvZrZh6Tur6PpUnC_4RkCzcIR2w==
expires
Tue, 20 Sep 2022 08:31:03 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:20:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2861
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 19 Sep 2022 17:20:58 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.wired.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
n
elsa.memoinsights.com/ 		308 B
912 B 		Script
General
Check archive.org
Download Go to
Full URL
https://elsa.memoinsights.com/n?pid=5c058a6070cdcc676efa61c4&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&date=2022-09-16T21%3A35%3A11.388Z&title=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&channels=tags&authors=Lily%20Hay%20Newman&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&cb=MEMO.API.callbacks.cbfzexiwuf&v=v3.0.6
Requested by
Host: cdn.memo.co
URL: https://cdn.memo.co/js/memo.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.234.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-234-45.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
eb2ba0979cfa6f63dd913f3dd0fdc60a7d27ebc06d1a726d6a8db2de01392b09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:39 GMT
content-encoding
gzip
server
istio-envoy
content-type
application/javascript
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
214
x-request-id
87e449d918538c069b0a5f390616eee9
container.html
8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 857A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:08:38 GMT
expires
Tue, 19 Sep 2023 17:08:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CONDENAST_PREBID_HEADER1&hp=1&zMoatAdUnit1=conde.wired&zMoatAdUnit2=rail&zMoatAdUnit3=security&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1663607316787&de=457303900673&rx=430755292090&m=0&ar=5aeef158bee-clean&iw=f9dac89&q=1&cb=0&cu=1663607316787&ll=2&lm=0&ln=0&em=0&en=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=4&bo=conde.wired&bd=1&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=condenastprebidheader987326845656&fd=1&it=500&pe=1%3A158%3A158%3A0%3A279&fs=200157&na=276666022&cs=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:39 GMT
p-Jjy-Cyr1NZGRz.gif
pixel.quantserve.com/pixel/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Jjy-Cyr1NZGRz.gif?labels=_campaign.media.Advertiser%20ID.4660981638.Campaign%20ID.2443012271.Line%20Item%20ID.programmatic
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
17bff89c-bd5e-4418-9a8f-4f512254c851thumbs.mp4
dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/ Frame 20D5 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/17bff89c-bd5e-4418-9a8f-4f512254c851thumbs.mp4
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-53.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 19 Sep 2022 08:58:03 GMT
Via
1.1 f44c8fed96046735d6f7ada758945c4e.cloudfront.net (CloudFront)
Last-Modified
Thu, 20 Aug 2020 21:28:00 GMT
Server
AmazonS3
Age
29437
ETag
"1820a1bf25676b1808aaaf9bd9f09bfa"
X-Cache
Hit from cloudfront
Content-Type
video/mp4
Content-Range
bytes 0-1892644/1892645
Connection
keep-alive
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Content-Length
1892645
X-Amz-Cf-Id
wx_WlF5V489VedGmP9lc99hyB-YrgWgxZY1l2PruwGwiEVAxGSSajw==
17bff89c-bd5e-4418-9a8f-4f512254c851thumbs.mp4
dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/ Frame 20D5 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/17bff89c-bd5e-4418-9a8f-4f512254c851thumbs.mp4
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-53.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 19 Sep 2022 08:58:03 GMT
Via
1.1 613a9db04d23967014b7c42269dc1c12.cloudfront.net (CloudFront)
Last-Modified
Thu, 20 Aug 2020 21:28:00 GMT
Server
AmazonS3
Age
29437
ETag
"1820a1bf25676b1808aaaf9bd9f09bfa"
X-Cache
Hit from cloudfront
Content-Type
video/mp4
Content-Range
bytes 0-1892644/1892645
Connection
keep-alive
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Content-Length
1892645
X-Amz-Cf-Id
kGv17tWI61SpoXbzPF079caVdWHE_6NXFeqZX9cXXa1YtdHfiAl_-w==
track
capture.condenastdigital.com/ Frame 20D5 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-09-19T17%3A08%3A39.450Z&_c=Player%20Event&_t=Player%20Loaded&app=playerservice&cBr=wired&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.wired.com%2Fvideo%2Fwatch%2Fexpert-debunks-cybersecurity-myths&cId=5f2178a1bcdfff5e2a4786ac&cKe=cybersecurity%2Ccybersecurity%20expert%2Ccomputer%20hacker%2Chackers%2Chacker%20security%2Cencryption%2Cgoogle%20read%20gmail%2Chackers%20computer%20camera%2Ccomputer%20camera%20hacker%2Chacker%20camera%2Cwired%20hacker%2Chacking%20expert%2Ccyber%20security%2Ccomputer%20security%2Cnetwork%20security%2Cnetwork%20security%20hacker%2Cwired%20network%20security%2Ccomputer%20hackers%2Chackers%20computer%2Csecurity%20wired%2Cwired%20eva%20galperin%2Ceva%20galperin%2Ceva%20galperin%20cybersecurity&cPd=2020-07-29T16%3A00%3A00%2B00%3A00&cTi=Internet%20Expert%20Debunks%20Cybersecurity%20Myths&mDu=684&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=370&pWh=208.125&xid=7019f732-25e0-4a38-bce5-b53f5c128960&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2265a12bc%22%2C%22guid%22%3A%221042c45-286e-f878-5349-594426a6bda%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Atrue%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A1221.53125%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22copilotIdOverride%22%2C%22recStrategy%22%3A%22copilotIdOverride%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22disableVastPrefetch%22%3Afalse%2C%22disableVideoPrebid%22%3Afalse%2C%22isRightRail%22%3Atrue%2C%22tabStatus%22%3A%22active%22%2C%22muted%22%3Atrue%2C%22versoContentType%22%3A%22article%22%2C%22videoEmbedPosition%22%3A%22%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3Anull%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=a61a3c7a-01d9-4175-8ab8-7171949de605&contentType=article
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:39 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:39 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 17:08:39 GMT
17bff89c-bd5e-4418-9a8f-4f512254c851manifest-ios.m3u8
dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/ Frame 20D5 		918 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/17bff89c-bd5e-4418-9a8f-4f512254c851manifest-ios.m3u8?videoIndex=0&requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-53.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c87318fef7fcccd15255393146bbaa4ee04652789f1fe500e66367e63eb5f84e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 08:58:03 GMT
Via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
Vary
Accept-Encoding,Origin
Age
29437
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
918
Last-Modified
Thu, 20 Aug 2020 21:25:40 GMT
Server
AmazonS3
ETag
"5829596d56ca8bf69dffc4686d9bc98b"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
JGskMmHIaKdrp76MU2BVHIa7_LYPdqYKhhmk7h5x5hL0ldKXGiELRA==
hadron.js
cdn.hadronid.net/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?partner_id=57&sync=1&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:b19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c409ce9996191eed195e4864d7f28d25ab2b09331b26a86a364fe6c39652a0e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5897
cf-polished
origSize=67673
x-amz-request-id
J55K5FCSV4BEXT54
x-amz-id-2
8Sa/i/3omyET693ZaPcJerg9AtRH04cTBypFr3NXjBtiF+Eu0qzNRHpBKJ+1l76nMHrWJp8Z8CA=
last-modified
Wed, 14 Sep 2022 11:28:37 GMT
server
cloudflare
etag
W/"c1e02d20b59c5e6be99052938e83c4db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5n5zaYliiN5Aam8EFnR7fbFAQtrQ7GvTzcoBiNTHKF7dLWr6M8EwOU%2B4oYUBtEctRXekK8X%2BERNTMitnQvhvy4XSnET65y3h2AI%2B1%2FGDM3cuqqnVGnhC8%2BKKFUk9bMy%2F8nsyZmdvUXYGXk%2BnScs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600
cf-ray
74d3ecb3ad7cecfa-YUL
cf-bgj
minify
57
p.ad.gt/api/v1/p/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/57
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.10.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-10-58.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
db17b76020ac9ac2f859b55338c32255277124c9c3dae380c1bebda7242d4ff9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:39 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 16:29:44 GMT
server
nginx/1.20.0
etag
W/"1663604984.0-43373-2545748540"
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
expires
Tue, 20 Sep 2022 05:08:39 GMT
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001663607319-29KI610D-PHIA&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001663607319-29KI610D-PHIA%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001663607319-29KI610D-PHIA&adnxs_id=8264677328858952876&gdpr=0
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001663607319-29KI610D-PHIA&adnxs_id=8264677328858952876&gdpr=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:40 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 05:08:40 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:40 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
9a41e085-359f-4f15-ba99-4d32721e2547
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001663607319-29KI610D-PHIA&adnxs_id=8264677328858952876&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001663607319-29KI610D-PHIA&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&id=AU1D-0100-001663607319-29KI610D-PHIA
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&id=AU1D-0100-001663607319-29KI610D-PHIA
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:40 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 05:08:40 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:39 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&id=AU1D-0100-001663607319-29KI610D-PHIA
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001663607319-29KI610D-PHIA
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001663607319-29KI610D-PHIA
  • https://ids.ad.gt/api/v1/pbm_match?pbm=B109023D-C51B-4BDD-A2D3-0FCE792BE5B7&id=AU1D-0100-001663607319-29KI610D-PHIA
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=B109023D-C51B-4BDD-A2D3-0FCE792BE5B7&id=AU1D-0100-001663607319-29KI610D-PHIA
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:40 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 05:08:40 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=B109023D-C51B-4BDD-A2D3-0FCE792BE5B7&id=AU1D-0100-001663607319-29KI610D-PHIA
date
Mon, 19 Sep 2022 17:08:38 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001663607319-29KI610D-PHIA
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001663607319-29KI610D-PHIA&google_gid=CAESEK3tfNwu7NWKHOhLMvCqGLI&google_cver=1&google_ula=450542624,0
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001663607319-29KI610D-PHIA&google_gid=CAESEK3tfNwu7NWKHOhLMvCqGLI&google_cver=1&google_ula=450542624,0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:40 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 05:08:40 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001663607319-29KI610D-PHIA&google_gid=CAESEK3tfNwu7NWKHOhLMvCqGLI&google_cver=1&google_ula=450542624,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001663607319-29KI610D-PHIA
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2MzYwNzMxOS0yOUtJNjEwRC1QSElB
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2MzYwNzMxOS0yOUtJNjEwRC1QSElB
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2MzYwNzMxOS0yOUtJNjEwRC1QSElB
Date
Mon, 19 Sep 2022 17:08:40 GMT
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Length
473
Content-Type
text/html; charset=utf-8
adb_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001663607319-29KI610D-PHIA&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001663607319-29KI61...
  • https://ids.ad.gt/api/v1/adb_match?adb=66373113506026136401086284029216043361&id=AU1D-0100-001663607319-29KI610D-PHIA
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/adb_match?adb=66373113506026136401086284029216043361&id=AU1D-0100-001663607319-29KI610D-PHIA
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:40 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 05:08:40 GMT

Redirect headers

DCS
dcs-prod-usw2-1-v038-079fd6476.edge-usw2.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
fr6RGngJT38=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://ids.ad.gt/api/v1/adb_match?adb=66373113506026136401086284029216043361&id=AU1D-0100-001663607319-29KI610D-PHIA
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
beeswax_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001663607319-29KI610D-PHIA
  • https://match.prod.bidr.io/cookie-sync/audigent?buyer_user_id=AU1D-0100-001663607319-29KI610D-PHIA&_bee_ppp=1
  • https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AADn0U7GUUQAAA_UoQQBHw&id=AU1D-0100-001663607319-29KI610D-PHIA
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AADn0U7GUUQAAA_UoQQBHw&id=AU1D-0100-001663607319-29KI610D-PHIA
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:40 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 05:08:40 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/beeswax_match?beeswax_id=AADn0U7GUUQAAA_UoQQBHw&id=AU1D-0100-001663607319-29KI610D-PHIA
Date
Mon, 19 Sep 2022 17:08:40 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
impr_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001663607319-29KI610D-PHIA%26impr_uid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3DAU1D-0100-001663607319-29KI610D-PHIA%26impr_uid%3D%7BPUB_USER_ID%7D
  • https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001663607319-29KI610D-PHIA&impr_uid=156f4374-5314-4efa-b48b-bb3f41dda401
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001663607319-29KI610D-PHIA&impr_uid=156f4374-5314-4efa-b48b-bb3f41dda401
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:40 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 05:08:40 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/impr_match?id=AU1D-0100-001663607319-29KI610D-PHIA&impr_uid=156f4374-5314-4efa-b48b-bb3f41dda401
date
Mon, 19 Sep 2022 17:08:40 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
son_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.go.sonobi.com/us?https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001663607319-29KI610D-PHIA&uid=[UID]&gdpr=0
  • https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001663607319-29KI610D-PHIA&uid=c7f8bd10-634b-45d5-8363-86dc55b45c70&gdpr=0
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001663607319-29KI610D-PHIA&uid=c7f8bd10-634b-45d5-8363-86dc55b45c70&gdpr=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:40 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 05:08:40 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:40 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-114
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ids.ad.gt/api/v1/son_match?id=AU1D-0100-001663607319-29KI610D-PHIA&uid=c7f8bd10-634b-45d5-8363-86dc55b45c70&gdpr=0
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
rub_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001663607319-29KI610D-PHIA&gdpr=0
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001663607319-29KI610D-PHIA&rub=L890UEAB-I-J01J&gdpr=0
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001663607319-29KI610D-PHIA&rub=L890UEAB-I-J01J&gdpr=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:40 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 05:08:40 GMT

Redirect headers

Location
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001663607319-29KI610D-PHIA&rub=L890UEAB-I-J01J&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pr
s.amazon-adsystem.com/v3/ Frame 4C26 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
3af73629b27e0479db0ecf28bfb38c25f4fde995b48a0aef46993a404e456e63
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2158
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 19 Sep 2022 17:08:39 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
DERQ2F2C8V76AE0NSPSF
onsite_7818f2bd337df9f3f46e497bb695400f.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		158 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite_7818f2bd337df9f3f46e497bb695400f.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_89ceea329a99e3935afd4105c6694d4b.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6e4de4e2365a4b8d592875694220f3a355404793ded47e557e320f2165abaaf0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 14:57:11 GMT
content-encoding
br
age
353488
x-guploader-uploadid
ADPycdt3PTtfvdMDQLPVj8R0EtXfGSnoWUg7VNolWLZvnrN12QwODV_1eLWo7PJq3zCjDNGtAtBwov0PXxb45x5hobL6zw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34463
last-modified
Thu, 15 Sep 2022 14:56:58 GMT
server
UploadServer
etag
"eb031a841de8ca5a3f9fc6d7449b3b57"
x-goog-hash
crc32c=Y4XqIw==, md5=6wMahB3oylo/n8bXRJs7Vw==
x-goog-generation
1663253818627524
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
34463
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 15 Sep 2023 14:57:11 GMT
5de76d44-2aed-4acd-9890-c058fc78142b
https://www.wired.com/ Frame 20D5 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.wired.com/5de76d44-2aed-4acd-9890-c058fc78142b
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20e74b9a708a64d7a66a3e3a0aa57ce43513e1e19d0b2cde757260d5a1da2457

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
4973
Content-Type
application/javascript
db38bb56-7c7e-43fe-b90c-6eb8c2443017
https://www.wired.com/ Frame 20D5 		68 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.wired.com/db38bb56-7c7e-43fe-b90c-6eb8c2443017
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
246f4254dc2c80b2aa63d488a6aca92b3d7e29c4bc60efbd0f3e8397a63c9fd2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
70012
Content-Type
application/javascript
8cbfde8c-2625-4f0b-8699-a2a1b2d613d3
https://www.wired.com/ Frame 20D5 		68 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.wired.com/8cbfde8c-2625-4f0b-8699-a2a1b2d613d3
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
246f4254dc2c80b2aa63d488a6aca92b3d7e29c4bc60efbd0f3e8397a63c9fd2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
70012
Content-Type
application/javascript
pixel
pxl.qccerttest.com/ 		35 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=955662088;fpan=1;fpa=P0-1663932039-1663607319533;pbc=af305ee8-c444-45ee-9db6-5c49cd617f43;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;us_privacy=1---;d=wired.com;dst=0;et=1663607319532;tzo=0;url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F;ogl=description.An%20alleged%20teen%20hacker%20claims%20to%20have%20gained%20deep%20access%20to%20the%20company%E2%80%99s%20system%2Cimage.https%3A%2F%2Fmedia%252Ewired%252Ecom%2Fphotos%2F6324bd9ac4d3ebc9237bc60e%2F191%3A100%2Fw_1280%252Cc_limit%2FU%2Csite_name.WIRED%2Ctitle.The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%2Ctype.article%2Curl.https%3A%2F%2Fwww%252Ewired%252Ecom%2Fstory%2Fuber-hack-mfa-phishing%2F
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:fc00:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 06:12:54 GMT
via
1.1 191d4b07c4ff3e2c7cfeea67e1eb00f0.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
39347
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
x-amz-cf-id
l2yqF26yebK-LSYjyBd9N09pWhYScND2NGkt2cL_WOqIVBRbzFILcA==
pixel;r=1164960061;labels=Culture.Wired.security.national%20security;source=gtm;rf=0;a=p-Jjy-Cyr1NZGRz;url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F;uht=2;fpan=0;fpa=P0-166393...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1164960061;labels=Culture.Wired.security.national%20security;source=gtm;rf=0;a=p-Jjy-Cyr1NZGRz;url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F;uht=2;fpan=0;fpa=P0-1663932039-1663607319533;pbc=af305ee8-c444-45ee-9db6-5c49cd617f43;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;us_privacy=1---;ref=;d=wired.com;dst=0;et=1663607319538;tzo=0;ogl=description.An%20alleged%20teen%20hacker%20claims%20to%20have%20gained%20deep%20access%20to%20the%20company%E2%80%99s%20system%2Cimage.https%3A%2F%2Fmedia%252Ewired%252Ecom%2Fphotos%2F6324bd9ac4d3ebc9237bc60e%2F191%3A100%2Fw_1280%252Cc_limit%2FU%2Csite_name.WIRED%2Ctitle.The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%2Ctype.article%2Curl.https%3A%2F%2Fwww%252Ewired%252Ecom%2Fstory%2Fuber-hack-mfa-phishing%2F;ses=affd74b1-391f-4aa4-816b-c5edfb1ff898
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=228464857488266&ev=PageView&dl=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&rl=&if=false&ts=1663607319683&cd[SiteSection]=security&cd[SubSection]=national%20security&cd[PageTags]=security%7Cnational%20security%7Chacking%7Cvulnerabilities%7Cuber%7Ctextaboveleftsmall&cd[Brand]=Wired&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663607319664.1123849076&ic=fbpixel&it=1663607318841&coo=false&dpo=&rqm=GET
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:40 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 17:08:40 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 20D5 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x360|480x70&iu=/3379/conde.wired/rail-player/security/article&ciu_szs=300x60&gdfp_req=1&env=vp&output=vmap&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_death_injury%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Dmt_article_two_column%26content_type%3Darticle%26ctx_page_channel%3Dsecurity%26ctx_page_sub_channel%3Dnational-security%26sub_sub_channel%3D%26env_server%3Dproduction%26ctx_cns_version%3D6.62.7%26ctx_page_slug%3Duber-hack-mfa-phishing%26cnt_copilotid%3D632496798990652479ff3877%26cnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%26fastly_geo%3Dca%26pageview_id%3D8404177878%26usr_bkt_eva%3D36%26usr_bkt_ses%3D35%26usr_bkt_pv%3D57%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26usr_segments%3Dco.w2238%26cn_metrics%3Dcmr_high%26vnd_prx_segments%3D121100%252C131100%252C131127%252C230004%252C230017%252C230103%252C230133%252C230163%252C230016%252C603525%252C300003%252C210001%252C240000%252C240002%252C240003%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240015%252C240018%252C240019%252Cmiovit%252Czlqtg4%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_entities%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_keywords%3Duber%252Chacker%252Cauthentication%252Cattacker%252Cbreach%252Csystem%252Cnotification%252Caccess%252Czatko%252Ccybersecurity%252Cattack%252Chack_devastation%252Cresearcher%252Csecurity_engineer%252Cservice%252Ctwitter%252Cthursday_evening%252Ccompany%252Cthe_new_york_times%252Ccedric_owens%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D7019f732-25e0-4a38-bce5-b53f5c128960%26ctx_line_items%3D%26timeout%3D500%26height%3D208%26muted%3D1%26right_rail%3D1%26sensitive%3D0%26series%3D5fb2bd3b38d0691c16e0f5de%26width%3D370%26feature_flags%3Dsticky-player-rail&correlator=1443693347263306&description_url=https%3A%2F%2Fwww.wired.com%2Fvideo%2Fwatch%2Fexpert-debunks-cybersecurity-myths&vid=5f2178a1bcdfff5e2a4786ac&cmsid=1495&ppid=7019f73225e04a38bce5b53f5c128960
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e010e0692c3bb0c343d4ce57c17cca7328054c7fc2b6776d483450f6cc4ad0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1605
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CFB0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:08:38 GMT
expires
Tue, 19 Sep 2023 17:08:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CONDENAST_PREBID_HEADER1&hp=1&zMoatAdUnit1=conde.wired&zMoatAdUnit2=hero&zMoatAdUnit3=security&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1663607316787&de=470420900414&rx=430755292090&m=0&ar=5aeef158bee-clean&iw=f9dac89&q=2&cb=0&cu=1663607316787&ll=2&lm=0&ln=0&em=0&en=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=4&bo=conde.wired&bd=1&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=condenastprebidheader987326845656&fd=1&it=500&pe=1%3A158%3A158%3A0%3A279&fs=200157&na=2086931159&cs=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:40 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:40 GMT
p-Jjy-Cyr1NZGRz.gif
pixel.quantserve.com/pixel/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Jjy-Cyr1NZGRz.gif?labels=_campaign.media.Advertiser%20ID.4660981638.Campaign%20ID.2443012271.Line%20Item%20ID.programmatic
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:b08a:1dc5:659b:4055 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
wired_expert-debunks-cybersecurity-myths.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_wired.png,fl_progressive,g_face,h_450,q_80,w_800/v1596029984/ Frame 20D5 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_wired.png,fl_progressive,g_face,h_450,q_80,w_800/v1596029984/wired_expert-debunks-cybersecurity-myths.jpg
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-192.phl50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
bb0137567a729cf712624be4ad3500fd341216cc1c9b1faaa451c13d0e899d0b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
80
X-Cache
Hit from cloudfront
Date
Mon, 19 Sep 2022 17:08:29 GMT
Connection
keep-alive
Content-Length
80073
Last-Modified
Wed, 29 Jul 2020 16:05:27 GMT
Server
Cloudinary
ETag
"f4354f9f8ea51260019fa3df286e428a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control
public, no-transform, max-age=300
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
U93JZpA-2arjtZycUG_Lxl45XdDXZLCga32vDricHvb0c3W5dPbrVQ==
wired_expert-debunks-cybersecurity-myths.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_wired.png,fl_progressive,g_face,h_450,q_80,w_800/v1596029984/ Frame 20D5 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_wired.png,fl_progressive,g_face,h_450,q_80,w_800/v1596029984/wired_expert-debunks-cybersecurity-myths.jpg
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-192.phl50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
bb0137567a729cf712624be4ad3500fd341216cc1c9b1faaa451c13d0e899d0b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 59447a5aa4c2bb0a7302a6eaa4778afc.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
79
X-Cache
Hit from cloudfront
Date
Mon, 19 Sep 2022 17:08:29 GMT
Connection
keep-alive
Content-Length
80073
Last-Modified
Wed, 29 Jul 2020 16:05:27 GMT
Server
Cloudinary
ETag
"f4354f9f8ea51260019fa3df286e428a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control
public, no-transform, max-age=300
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
ArIcoX2YhOucJjAt-iqRXPlSc1IKcoaKNTw5KrxizNhTehBjFB12cw==
17bff89c-bd5e-4418-9a8f-4f512254c851file-1422k-128-48000-768.m3u8
dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/ Frame 20D5 		9 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/17bff89c-bd5e-4418-9a8f-4f512254c851file-1422k-128-48000-768.m3u8
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-53.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c603917a1f98cbd38c3fd21ed961ebdf78b2bf8a7c783794da68b325769ed437

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 10:23:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding,Origin
Age
24340
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Thu, 20 Aug 2020 21:29:45 GMT
Server
AmazonS3
ETag
W/"a09f47aa78d4ad2b18f0b547beb9a9e1"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL50-C1
X-Amz-Cf-Id
02GXAbAD2n8lmXqvufVBNGb0MptU-vcweMPHYLlYRjrZ8dL9RLnyjA==
pixel
analytics.tiktok.com/api/v2/ 		0
542 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1IQID9FKFK1PHD4UBH0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.25 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-25.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:39 GMT
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
202209191708399F9E484F68A59CB658AB
x-cache
TCP_MISS from a23-40-19-25.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
26,23.40.19.25
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0decbf94330e0e2334ce4c651698d8600afc8bd21287bea26f0494c1a713f813bba60fec2e636e4e264441b80e2e7ff56e855c29ba03c831b3ea5ad81f5241f56f26
server-timing
inner; dur=9, cdn-cache; desc=MISS, edge; dur=1, origin; dur=26
x-akamai-request-id
c0f33e8
content-length
0
expires
Mon, 19 Sep 2022 17:08:39 GMT
user
4d.condenastdigital.com/ 		67 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4d.condenastdigital.com/user?xid=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.113.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-113-43.compute-1.amazonaws.com
Software
/
Resource Hash
aa92d06c8169879c441900a70cc12735e0458766f2163be72fe031e107898d48

Request headers

Accept
text/plain
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:40 GMT
content-encoding
gzip
transfer-encoding
chunked
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://www.wired.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
Connection
keep-alive
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A39.860Z&_t=assigned-experiments&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&uNw=1&uUq=1&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=general&dim1=%7B%22assignments%22%3A%5B%5D%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A39.871Z&_t=in-view&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=verso-pattern-tracking&dim5=%5B%7B%22pattern%22%3A%22ConnectedNavigation%22%7D%5D&dim6=%5B%5D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A39.901Z&_t=in-view&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=verso-pattern-tracking&dim5=%5B%7B%22pattern%22%3A%22ConnectedNavigation%22%7D%2C%7B%22pattern%22%3A%22StandardNavigation%22%7D%5D&dim6=%5B%5D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A39.912Z&_t=in-view&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=verso-pattern-tracking&dim5=%5B%7B%22pattern%22%3A%22ConnectedNavigation%22%7D%2C%7B%22pattern%22%3A%22StandardNavigation%22%7D%2C%7B%22pattern%22%3A%22ConnectedBookmarkAlert%22%7D%5D&dim6=%5B%5D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A39.922Z&_t=in-view&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=verso-pattern-tracking&dim5=%5B%7B%22pattern%22%3A%22ConnectedNavigation%22%7D%2C%7B%22pattern%22%3A%22StandardNavigation%22%7D%2C%7B%22pattern%22%3A%22ConnectedBookmarkAlert%22%7D%2C%7B%22pattern%22%3A%22StickyHeroAd%22%7D%5D&dim6=%5B%5D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A39.933Z&_t=in-view&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=verso-pattern-tracking&dim5=%5B%7B%22pattern%22%3A%22ConnectedNavigation%22%7D%2C%7B%22pattern%22%3A%22StandardNavigation%22%7D%2C%7B%22pattern%22%3A%22ConnectedBookmarkAlert%22%7D%2C%7B%22pattern%22%3A%22StickyHeroAd%22%7D%2C%7B%22pattern%22%3A%22ContentHeader%22%7D%5D&dim6=%5B%5D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A39.943Z&_t=in-view&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=verso-pattern-tracking&dim5=%5B%7B%22pattern%22%3A%22ConnectedNavigation%22%7D%2C%7B%22pattern%22%3A%22StandardNavigation%22%7D%2C%7B%22pattern%22%3A%22ConnectedBookmarkAlert%22%7D%2C%7B%22pattern%22%3A%22StickyHeroAd%22%7D%2C%7B%22pattern%22%3A%22ContentHeader%22%7D%2C%7B%22pattern%22%3A%22TitleBlock%22%7D%5D&dim6=%5B%5D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A39.953Z&_t=in-view&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=verso-pattern-tracking&dim5=%5B%7B%22pattern%22%3A%22ConnectedNavigation%22%7D%2C%7B%22pattern%22%3A%22StandardNavigation%22%7D%2C%7B%22pattern%22%3A%22ConnectedBookmarkAlert%22%7D%2C%7B%22pattern%22%3A%22StickyHeroAd%22%7D%2C%7B%22pattern%22%3A%22ContentHeader%22%7D%2C%7B%22pattern%22%3A%22TitleBlock%22%7D%2C%7B%22pattern%22%3A%22Caption%22%7D%5D&dim6=%5B%5D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A39.963Z&_t=in-view&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=verso-pattern-tracking&dim5=%5B%7B%22pattern%22%3A%22ConnectedNavigation%22%7D%2C%7B%22pattern%22%3A%22StandardNavigation%22%7D%2C%7B%22pattern%22%3A%22ConnectedBookmarkAlert%22%7D%2C%7B%22pattern%22%3A%22StickyHeroAd%22%7D%2C%7B%22pattern%22%3A%22ContentHeader%22%7D%2C%7B%22pattern%22%3A%22TitleBlock%22%7D%2C%7B%22pattern%22%3A%22Caption%22%7D%2C%7B%22pattern%22%3A%22CNEInterludeEmbed%22%7D%5D&dim6=%5B%5D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A39.973Z&_t=pubadsReady&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=ad_metrics&dim1=%7B%22channel%22%3A%22security%22%2C%22platform%22%3A%22verso%22%2C%22template%22%3A%22mt_article_two_column%22%2C%22viewport%22%3A%22desktop%22%2C%22pageContext%22%3A%7B%22channel%22%3A%22security%22%2C%22content%22%3A%7B%22copyCount%22%3A932%2C%22imageCount%22%3A0%2C%22embedCount%22%3A1%2C%22ratio%22%3A932%7D%2C%22contentType%22%3A%22article%22%2C%22experiments%22%3A%7B%7D%2C%22keywords%22%3A%7B%22copilotid%22%3A%5B%22632496798990652479ff3877%22%5D%2C%22platform%22%3A%5B%22verso%22%5D%2C%22tags%22%3A%5B%22security%22%2C%22hacking%22%2C%22vulnerabilities%22%2C%22uber%22%2C%22national-security%22%2C%22Uber%22%5D%7D%2C%22server%22%3A%22production%22%2C%22slug%22%3A%22uber-hack-mfa-phishing%22%2C%22subChannel%22%3A%22national-security%22%2C%22subSubChannel%22%3A%22%22%2C%22templateType%22%3A%22mt_article_two_column%22%7D%2C%22version%22%3A%226.62.7%22%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A39.986Z&_t=renderEnded&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=ad_metrics&dim1=%7B%22channel%22%3A%22security%22%2C%22platform%22%3A%22verso%22%2C%22template%22%3A%22mt_article_two_column%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Atrue%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22aside%22%2C%22size%22%3A%22%22%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A39.991Z&_t=renderEnded&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=ad_metrics&dim1=%7B%22channel%22%3A%22security%22%2C%22platform%22%3A%22verso%22%2C%22template%22%3A%22mt_article_two_column%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Atrue%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22interstitial%22%2C%22size%22%3A%22%22%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A39.996Z&_t=renderEnded&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=ad_metrics&dim1=%7B%22channel%22%3A%22security%22%2C%22platform%22%3A%22verso%22%2C%22template%22%3A%22mt_article_two_column%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Atrue%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22in-content%22%2C%22size%22%3A%22%22%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A40.044Z&_t=renderEnded&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=ad_metrics&dim1=%7B%22channel%22%3A%22security%22%2C%22platform%22%3A%22verso%22%2C%22template%22%3A%22mt_article_two_column%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Atrue%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22read-more%22%2C%22size%22%3A%22%22%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A40.061Z&_t=renderEnded&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=ad_metrics&dim1=%7B%22channel%22%3A%22security%22%2C%22platform%22%3A%22verso%22%2C%22template%22%3A%22mt_article_two_column%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Afalse%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22rail%22%2C%22size%22%3A%22300x600%22%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A40.085Z&_t=renderEnded&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=ad_metrics&dim1=%7B%22channel%22%3A%22security%22%2C%22platform%22%3A%22verso%22%2C%22template%22%3A%22mt_article_two_column%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Afalse%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22hero%22%2C%22size%22%3A%22728x90%22%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
publisher:getClientId
ampcid.google.ca/v1/ 		3 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.wired.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
collect
analytics.google.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-P1P55J3LNW&gtm=2oe9e0&_p=1330670363&_gaz=1&cid=987098063.1663607318&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&dl=%2Fstory%2Fuber-hack-mfa-phishing%2F&dr=%2F&sid=1663607320&sct=1&seg=0&dt=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-P1P55J3LNW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P1P55J3LNW&cid=987098063.1663607318&gtm=2oe9e0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-P1P55J3LNW&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P1P55J3LNW&cid=987098063.1663607318&gtm=2oe9e0&aip=1&z=1856466850
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FBD2 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxC0w8rDAhiKgJK_ATAB&v=APEucNXM9gOEcQUgcENctxkxJYw08a762PpFNEd3SK1Bwcx1Jdc_Jr8QaqH6dz9TY1SgmrbOWHyggzUgfoijyjVgifh1L50Znw
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:08:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 857A 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DqBXsJD0rsgz7oa3INtUc3eNnDka1qDX7aue42fpzYonpIUzH3RF_7qEQAwgWcc_xI4VcwEgiNRc9dNcev25dMEhujku7p-SqJGZTK7v1FZjleJdCL2HOGkXadr933XbbvadraXmyHqwRalnUirfEb9mR04g&cry=1&dbm_d=AKAmf-AXecR38qpViNGSPM-Am9l4900rp9HqsqB6TeXxmRLqFt9BR6PgywQZLPVu_iyQ0RrGSe70NPnnq4HpngtmW1XaSmDVaNMpaZHam1G9fgK3U-SDmpxJVr0F3ORM38r1_hWx_1pJSKQtfQNEjKKL55T9szgJYylhqtaDcTITZApcVCZsKYuCxKaWOnH1bdHigqw5GrgFlGtxPdiIORG6jUdReggevzr5lZKdVB2NIVeM5zSLQc5wKra-WjZdapFJQW0c6c5ZzQ5Xcxayrq3EGTjqTRb4hpML-ptBjGx-YjWosVw74GK3hpXJ79w6l8xUyx2U16rBHPBbrol7DKs3Ksfv3WKImAkNBXzjdFvdsWoJdXDDkgll9cSYcFfylh0f_Yci4T4dUoZVolwjf58DnNRQ2kSVu_EvSkXcbtcZISC1VVmoVrBT_YnlorRo9lmZD0QZ8O7LkzgvVBZlY3XkJAhPCEzQU7u_kqnszPPbre9ohvvogIo1ACPAZY339flKSD2y8FAqGwsyQ6WzwCwAXqeQVtUv5nazxJyT59HCW_8YxiU6ENBjQOks9WoZgvudUda8iO3n0XePE8uBnYzjHJjAkktySekTCOTrzTRUgX2bsYvTSBHoufzQquhqunFN0ZiMrSO3KDIpBzwLhdyiKjHa4XOvQViMrc6f9aguAwGiaWqb_CEFwD48tuCM5CaAbDoNdNmTIZVLQo-ilyWH0U8DnuozXVBTE4kybgbUODUF-olhuulZYQOZqjcdUw6dW_Ze22ujydfDjljkeRnq6JgOf3FX35NwNAe9su_C4CtoXH3zLXUziVrMi_e3xjqRxOOT-notrOHJl6dUvbt6efC4IOeqIP9kyf9F0KW57oeBvqQCCnZiD9ixQVb6Pda6Ii3CMDfVAXGxifw2gZvMhjo55sSjbJb7vPUPu482SsCETmNU6b96zNAgMxppgkEppu5E7H79s-jLIfOIt8s1Pkfuzfh4XrBjhRmkkPL300mO2TP1P-hezPn7RkqX6lMPjqoYh2EzlsNzED5ifbfa6AfXoQP4Od-hDfaST20gzHRK0gv26p9Ru-HaoeoX_mIGEYF5Kkkp1-SuuZEB0hTu5NyfokYBhBI0GrPn3YO5G7Kmw6ILRKm6alsenHRr6wxMl0Ai23rbSNqZwp4eJBx-FJpcWgThS1tq6SYmSksOGwlJFvOH_RAb0r5ZEhgmOz4Z1CKZfK-1deX1JGMC2IYT5wo9erbqW9MMPkr3It7_N2twzEhPR9oGqPtRNeECJMLG2iDh-uaH5ZZn2k61FIUjn-BUr-vsvR6O9XYyFCOB1dpa7XPxZNii-ST4CLPzGQy8R8l9S-s43gaiFbEcg2cys18nsMUFgR-o2_W8W97fmlu-ZMcJEaCOAT17MfIAuCF4zd1NA3svUbunIJ_NlgmATvuKAa81IrczdIS9ptczFtb7ZGaYXflzXn6rCeFET96bjvwlE_XTtNSArF8hbPSvcqHuNgre57SuV1qz-EGvUZM86K4iDrwzMzokN3m4JCVFt8Lc0cLtEaAxF5GeF3rDkAu0qDGFZBRSyfKRyaq3lC3U8MhE6DAkftDyuiwkpf7ogQ5ooyVg3D1uZ1mLFuELocYwWM98dE5jFKzJ-ABucYW7q6IqP7-7ne4oyVNXSNGMjXG0z9PjvH4MzwwYXeNvOwYvzjp-mHQyb_if8yI9Jlr4TUOdRIPJv_d217g2BgS_ThaT2zIezq8MBiXhC_UAozG2SErgUgtL3FPUH6nOBTMjbDt3sJYDT0Sgz_BiSKS5Tlh0YGSpcr-Tc1KtObLeidq9enXc6I0l7OrTeHOlUu_8TRKC5a7NLD4WQrbqn6NZZHkKV3RxYsRTkgHtk6W5wVWO6XtChDcVReKI3xy1JNfXuibzqOG6_tTpHvmWLxQHW1CNWfIkbMrtXXNVn6UXfaZMpSX2FZ-ENURb5eKrXkaHmaLjnl22eYbtgYuarwVeKQK1dLvNTNVDl-RFBhcoIhV9jZZNybY2hbDxE2FgunRy_vuQ9uNdVJ96mtNWReSFvpGxBO2jhVgUMtNuBgDmoZo-CLlc4Tt68jG_Sompf3khczVBfM7MQtbYjdhypYJpEef6veuu14o5amwpjg4RxJ5TAwkavBQVaY2CdFcQa2Di7sG5xlmuGWewAbcHr3fA9rs4MOnTGSl71HFVINUpbdCiGKlJvNzOHIyR90G_alzAGr5oahAAexEFkpatM4UKDOjGroCf5NMp4Eb8-lNcUhwDrshlVlLVXPddc4hFov8mlNW43Gme6WA8nAe3YZxGIJ-EspmqtQexQn4qbe5vifHSPRD-UBld7Xe4bfMhCR47M4LgxsmF5p22d8mBl-RQHKkxuQ9gLb4ADUfX3kJt-3N5fr04aYHfGkCWF0SY9VnHiCyS2D7l148ZZDx-W7ZKOpexzXLs1t3ekNurxxTVnBRrS46lpC0_Nmk1pJ0ANdb3zPB8vZdSrkfIoJdO_RwP6rR8NVOOdWLzBLQiLI-ZT2esf6OFDb79La9NRjy9QQjDaDaIJjVdp9F9HnAnl_Va8RHiUZjV6h3PkO44HYxKAHSlnram3Mj2VRFQYqnc3Qill36kQWaVKoXi8Oc-gLKFCFGsqO8K7eS46yoIEpqyFIeYI__-MI9k1QW4HzVNw8kA5udKDjAUznNfA2aAJlDeD9z-bQkc_En7y-J4zUgVCeLD-XQdOQWHGjGPZZJQvMmfjkw6fLysl1GJEeqSN8LjrMMcLekgbG14PAbOWdQmDUBx9u99pnDBJ01JRfKISJxL9NAQk2EnuZb4Vm-BZ8jk6celBXQfMcixVCk1bm3iDnDy0fCyDkrfWkTSVi8nvx_LGimzOKB1oJDtOf6oBrVVObZ9moHejXlnRywGztOv1tK5FkjFlzYYVHIFLEGQjjVqNvU2oMr7qNmia9ZOZ_JgU3GNIAxl7jpyjSywvF-hisGNhn-Duw&cid=CAQSTQCsnQUxoOHwY-3p6ih4CFUmQoXNz3PUtPXCVAYh6US5aCy7BwIJzIeIF_8_o97VuoCYDTu6wMhdvYhuSP6LMFyZ_wRg5kvD2zlWGKju&rfl=1%2Chttps%253A%252F%252Fwww.wired.com%252Fstory%252Fuber-hack-mfa-phishing%252F%240
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d2f18cbf74456d2df6bc33974409f51f80b74bb7751ec4b22b7a32f628e983ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 857A 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BiOJgi69JnAaZoUxMjFABwY__1oTOz7ar_7nV4tD0n_Esvwc4t_rmx7scEmG_zmwS96rL58L02r4cYMpM0dObG2Lv-lGntAmPvmGFSDBis3RcuqLs
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame 857A 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVNm1f_1YpntKxuZ7kbl4Q996LvD5f0Ctk2h6OOawnl9Rj2wS8&d=CokBAKAmf-DDK1uApacNfezHyTKl8Hx-ynv3aLClj2Zq99InI0ztz2kirwMBuAfCTGq0SmXnnNxB_6vNw3fFfFSG3USxaeX11JUQy94vpDzuoSC6pdCIx6tyltNjSYNnXhREDQ_gwhbyav_oneYpGJW8rthf8ZjJvrTC35bO60Pid3qD0U54IxYHz-AS6RMAoCZ_4M7eIux9byaO2UjROKDLtyZJkQanAdzzR1l5QMY9r4FZCC2na1L-gKT0-a7m9NO-bwaYv6nMJtJiOx2avg_TVtRydaFMYoqJvaWYmwB7IIUL94c1lwVyjeqloG_8cA3Yi2bdz2PN0XuK3OZyXwaEi4q4YDSqyrphxqO0KaGN0Tv018Seyi6uoVNab1mt5eP0wucp68NMuwhPu9QZndTXExcll_5wfYb29Wzrb1d38ilecTygm-sSi-GZcJ5C8wAz2cyLQ7SeTxo2Q0n8VKlNzLFVnwG6jUQeDfZg_w609TLEEdD31XFpXI65wJo7ZC0d3Bb4X2XByEPPnyI_WlatzxVTKe9pzOdy0H-B0DrfmuT7eTQbmznUnr3aPJvga6yrVsLRZ63MH67VP6rtxcKNhuNbl8JA8GkLxPtfMq-68cjkif-uuCwZwl1rczRNmoNWCdTolTpmH1T3_wQWpW4Swso14vOW1ux2vK_jovSlWWKa_13TTVuLBB6Kbp2ruWB3es4lWADduQqTi8C5LhxbjEg-2LSlURvWii48B-4yJEg1MXyTNgIsqK-iNBNYnGldk6shp43mm3ReVGvyHW5StCvP_6hmYmlG9k8EVFEWvYjDUU7uc7E3gcbQAoYAJJ3_n2QL_jqodANzntnp4eCxHaPIoHaJ5xoU4JHVpC50wbXISaGrvSLdDbyJlp-RKcki3agc9LG6O_3ve-rMuSP0sULLl20U2H3yFibHBbGKHkeMtnslp0coUojN79FIoAZnNFvTQ73magqDDO6WskavUF0qgJtb_tKm5bJPbjBdbe2U8WY7eoh1KjJI2SccrLLsLdXwJ7h0h7Hgy89kh3hHDrJym_HwYvIy20V3sa7OkTxoLj0fp1HLGrgd9yMqeAkYQFWOoXDD_vz2xTc6M4t6gvNSqBlB-SKB0r5wv4l-uGXywn6dMk4J4FzOtQmIdeMSFuNH0SIXSl482ygZi0sbSh0BWlqUYJlJ0apgRRV7BrEIZffLvTHNmXb-gJ5f9vFO2aQ7frwG-g9NvnuYdnztsfANaFYQRXYs38WqWfj1Zq5NAgPs6MASyUldv5c_I5EMBPk89aCjg67gWSafFceG-Ocjy4YfVYLGp3VxEC-iA74nO2LGRqZ-bFO1O6Rg5azxhWeiAU7VN9AsPvC6C6RK_y2YEmKY7IIJo2kaFsBGNgkcHgr_Zti0nc7eAcwU4mZuBD79mHkU2-Gl5RJkIJTMgPz1lKRCvx-qyrXldrFedgs243s9cQbU2rgOSd8SiOdcj5yuEjtdvLqhGJ0Q5-7IJlDqddqkDDGC95TszrznfKCzeMZBiW-FUlv9YlEIkwNrbnTD5Dly7nEbgqkmlHAoPIYXljLGZd5hbYHDGz40QstGNoN21pRIJP_GEGesG5h_OZZ7UZuTXnP5sXE0VErUW7v74V4mju288Z5RnZO6cqHmL9i84ast6ISepBP9OBx_dsQjupb3NV89svSYu4c2o_XF_e-61VQwbBHlhoSILgJQTryqkP1PkRSMvB54j4E7fBAJ4pynm97aFHNvb_05Ysjnk0T9ktBq6llbtffoQJAJT4dFNeicNxtxPr0ZjOfEMfthacDxaJsCUc6mmG4SkrePkEh-PBiyFrfdtCO0gpdcLsqB3nQBMzBcLdsxoinih6bJwBtGR4Bjho_fZsOc1_DagwNqfuS29CXPd-okbQfzvBNQf3qdxWok9oQydljltc1HdgvA5BhLPclbtcARUu1d3t_plcDUSS6_jaU0P4hANcvTzxCEMf4WQqFSkXaZVKx8wXdJ_yLzwNvS1lJGOCVHXivTsEi_0ejVUcYCZ6WokoFRQRaMuwzJjxAVsKhPTGqvmBYU25YDf_P5ResFU7qgj57YZd0CF-EfF2nqoYW_vMXvCFe6RXGhDl68qvt2WN_VMJEuhRZYqKWKyqpzZ8aGpoZHk085kaE3QvPnIhUPzgPZ4t4NXJP787cVC-k2iGVW8ZgV5DxsrTGayOMyPl1qpaEAYw8h7WchrL5NUeL5sTKG8fcc-DnNvQHjX-QdUXxgYkuCOdAsM3eEf8UmmEiuEDmiuBlSn9kLY_sjCpP0u_pbhrlOwDRmbM4k_b8MaLUmFsDEFcjUz8v4lBl5hCy3Fw8whI6_6BUQISSIF-Dxmf-qX6_TQbF-5TDhZZ0vqyOEOqi2f3ekM-y7G8rq3n1KuUg8q-hnmYLBy6DZ_1MHdhor6gmIGoodxLk81eTzURxeR6faerNFCDaXNx_XoZeo-Cn2vwPmuMwpT1ilGX6ZGg1MLzQBvI9CuIdfF0VmKs_Hp_DKl14QU5KQ227pnDex8y2e5D5Qc8-e9d9jVlOfa7uxsIir-lC6Kb_2TK-eF-Q3bkRv3XXIP-BfX98diQu6Jd_yLahua1wvsUqNk9_0Rvor1JEC1p2Sqd53vXyVa65nKn-DK_Uxrz5fhDCzIwg7f2kYRpxLJN9n1NiJPAtpL8igrxook5nxoCaBdjALYOfvgPtHODgv0I9sWkjBkzNMeCeDJjp6UCVR49d4P_YSQ4qpXHdRZLy860he9f26eIocD6xP2wns_tRngvlpsWj6_uCakS0Z9rKVbOLSts_CO73_Pj2AjqSe2UHJ-pM1lUwuxkH36zf059qMxbD9iDTbkM7m-N3N3RI5Dnz1DPromCsgCiRQEhQbzZJDLlCdrdLPHHqRZqc-cbapo_-4ZwNIPEH_DKYZOtscdMjz3TJeB0JUMrUcjuYHlMu1_iKh-qh4m3PRDK0WkPYyT_OB7hJtOqvL2bry58jYjeruNxzdNhvBaiNDKVJBjEqU9hJ9avOGE2cQsKKxxnR05LfWpU36BTPo2zfMwqEhs25q2l2mLqrgbz4OZ9dLINRv7xJWcibQbk89JmsBZ3D0jMMuxYyFkKJIJTo577wKqr1qFj2ZjYi_Y8WJHz8-HKo7YS52yer7pInkndshiDk1IpyfrzkKz2IEgk9kgtwg6DizW_e3cJW2ufXtBrttrvbFXF3FRSZJAtFr91KHen5RF8QTPASBaQ3N3iNv0wguAVUjlxIyOksohFONX30TyCHZka3RW1fdE9UiS6vah2jLGKp1uZp0ms9AWg4ZrYlcRjhz7JeHT_j9kBi8kwYA_bJPEgysCjwRtIKR_SuMth37vujiKrJaxr79FxoFIHDYESR7Gpdl3mVv4eoVfyOKlVrnok5bG-AQrCEK5DgIOaP2hLW1UVqAxP2gVqb5CB2Vyg8Ws-LT7pE8kGu73SULWM9530SZt-A05XiTer93iwtveec9Y7ervrhy8CsjcZbHzu8cbxboYH92ohaGztHnPQsB5ICKVXgN5yxFE98zT5e2UkN71QapCZyHZmnzlC6MacuQbdFjexPxcxpRCAQSTQCsnQUxoOHwY-3p6ih4CFUmQoXNz3PUtPXCVAYh6US5aCy7BwIJzIeIF_8_o97VuoCYDTu6wMhdvYhuSP6LMFyZ_wRg5kvD2zlWGKjuYAE&cry=1
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f154.1e100.net
Software
cafe /
Resource Hash
2d5187e8108a020d9f8dce480944e3b5c9d2b531c932d9526e05f1e840dcc94d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22570
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ca
choices.truste.com/ Frame 857A 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont5&w=300&h=600
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-109.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
518dc2c424ab8141de1fdc2126bdd3d7c7e1ff50b62e12674c6a52398a45a632
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
PHL50-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 e329cb97e195e238d2d961aa95a36a4a.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id
yqHlf_TNBG2hd3nuKj_DQd2i2gQ_6p4h89c1mbqAwPjqZV2aHkAceA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 857A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 17:07:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame 857A 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:04:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 17:04:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 857A 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:08:40 GMT
moatvideo.js
z.moatads.com/condenastjsvideocontent160527792519/ Frame 20D5 		321 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastjsvideocontent160527792519/moatvideo.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2980b54624eb2ecc649343a4eafc6ede027112c1f012cbe6277f9d541048e19

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:40 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 19:15:13 GMT
server
AmazonS3
x-amz-request-id
AGGQW3GKPR40SX9X
etag
"734c5a0c47dee5cfd7c03b627a0eecaa"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=55985
accept-ranges
bytes
content-length
110339
x-amz-id-2
QiDR2fRmscsuqotSLD17eraIDo5OlrH9IJOxC6w1dmEpBu30sBE2sdDtfpXHi5lcSYkz6hrsLDM=
track
capture.condenastdigital.com/ Frame 20D5 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-09-19T17%3A08%3A40.292Z&_c=Video%20Ad&_t=Ad%20Call%20Made&app=playerservice&cBr=wired&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.wired.com%2Fvideo%2Fwatch%2Fexpert-debunks-cybersecurity-myths&cId=5f2178a1bcdfff5e2a4786ac&cKe=cybersecurity%2Ccybersecurity%20expert%2Ccomputer%20hacker%2Chackers%2Chacker%20security%2Cencryption%2Cgoogle%20read%20gmail%2Chackers%20computer%20camera%2Ccomputer%20camera%20hacker%2Chacker%20camera%2Cwired%20hacker%2Chacking%20expert%2Ccyber%20security%2Ccomputer%20security%2Cnetwork%20security%2Cnetwork%20security%20hacker%2Cwired%20network%20security%2Ccomputer%20hackers%2Chackers%20computer%2Csecurity%20wired%2Cwired%20eva%20galperin%2Ceva%20galperin%2Ceva%20galperin%20cybersecurity&cPd=2020-07-29T16%3A00%3A00%2B00%3A00&cTi=Internet%20Expert%20Debunks%20Cybersecurity%20Myths&cTy=%2F3379%2Fconde.wired%2Frail-player%2Fsecurity%2Farticle&mDu=684&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=370&pWh=208.125&xid=7019f732-25e0-4a38-bce5-b53f5c128960&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2265a12bc%22%2C%22guid%22%3A%221042c45-286e-f878-5349-594426a6bda%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Atrue%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A1221.53125%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22copilotIdOverride%22%2C%22recStrategy%22%3A%22copilotIdOverride%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22disableVastPrefetch%22%3Afalse%2C%22disableVideoPrebid%22%3Afalse%2C%22isRightRail%22%3Atrue%2C%22tabStatus%22%3A%22active%22%2C%22muted%22%3Atrue%2C%22versoContentType%22%3A%22article%22%2C%22videoEmbedPosition%22%3A%22%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22OUT_OF_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=a61a3c7a-01d9-4175-8ab8-7171949de605&contentType=article
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A40.325Z&_t=pageview&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=general&xID=7019f732-25e0-4a38-bce5-b53f5c128960&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach&dim6=%5B%5D
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:40 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1663607320520&plid=71157295&idsite=wired.com&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22plan%22%3A%22Not+Active%22%7D&sid=1&surl=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&sref=&sts=1663607320511&slts=0&title=The+Uber+Hack%E2%80%99s+Devastation+Is+Just+Starting+to+Reveal+Itself+%7C+WIRED&date=Mon+Sep+19+2022+17%3A08%3A40+GMT%2B0000+(GMT)&action=pageview&pvid=54760963&u=pid%3Deb21888fb76d39e0a3e755200c9a4ffb
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.194.161.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-161-83.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:40 GMT
Cache-Control
no-cache
Last-Modified
Monday, 19-Sep-2022 17:08:40 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
1663130473914833
connect.facebook.net/signals/config/ Frame 20D5 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1663130473914833?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c306e770b80446e8099af5c8372a240a0d5efa20441cc8d80305a06fc6711f0a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86249
x-xss-protection
0
pragma
public
x-fb-debug
bG3gWPNSMB5Pg0mBxQ0o/pbAAAwhj0v5o1K5Fv4e6DvGY8Kiap3z8576rnTv18bnuJKLr6GjI9NFSb6Vhom1FA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 17:08:40 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame EAD0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
295bed7c7d72c04a487c76dbc75a7d9ceba16f553bc3ff5e40d1e39b90338536

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74d3ecbaad51f999-YYZ
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 17:08:40 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GcRbg3wMnsXOxaGiLINZuz0PaLKd8X20vNmu7E%2BQbB1hl5axEkc4ngZoDaqLxpT72mWHGlniHWoqXArXGzhscnfpzAjqdtwpNhIJbe116DRTzDjT0adrMiIrmMFqAWys1doPAeKxSj71wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74d3ecb9cceb3fde-YYZ
content-length
0
date
Mon, 19 Sep 2022 17:08:40 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wy92iG6fyG5qLtwmhiL%2FrYCDJlgaOPWNz5Lu9SL8C1vsde6L6AEW%2BE32T6J5HNn%2BfGAfCIOo0c%2FTF9SOJnJtJ4qfKRLa8Z%2BmAIVJoTHdW6XMOkUm9ktL54FE1ZjyXD105xs0VOo3IhpOwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 346B 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 17:08:40 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame E7FE
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
828 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
599a300e48ade01b815ff0c6c41cef73d2c046530b8bf2a8aa26d53a7548e603
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
828
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-75d8c985f8-zgqcz
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-75d8c985f8-zgqcz
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 780F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1YblRXMjE1RTJ1S3gyQkNxQ1hRTEFqQ3BzMnZlVUcyN35B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1YblRXMjE1RTJ1S3gyQkNxQ1hRTEFqQ3BzMnZlVUcyN35B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 17:08:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
2F1GQYKCK6NN2ZB68CP6

Redirect headers

age
0
content-length
0
date
Mon, 19 Sep 2022 17:08:40 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1YblRXMjE1RTJ1S3gyQkNxQ1hRTEFqQ3BzMnZlVUcyN35B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
cm
u.openx.net/w/1.0/ Frame 7A48 		722 B
772 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
706e88adde1f3be4facb695aa38d99f2678898ae7bd3333a3f69714f08f7bafe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
461
content-type
text/html
date
Mon, 19 Sep 2022 17:08:40 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame E604
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7826486786654209056&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7826486786654209056&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 17:08:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
0XJT0JNAKCSSSH8EXMQN

Redirect headers

content-length
0
date
Mon, 19 Sep 2022 17:08:39 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=7826486786654209056&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame F79F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=8264677328858952876&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=8264677328858952876&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 17:08:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
RTQD96E7AY5HPA79Q2NF

Redirect headers

AN-X-Request-Uuid
d73a5cec-c405-47ea-bece-b0e18276d8f7
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Sep 2022 17:08:40 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=8264677328858952876&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame E75C
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=614278318266112921207
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=614278318266112921207
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 17:08:40 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
VTV3X42TWXEZFXWTWGJY

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 19 Sep 2022 17:08:40 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=614278318266112921207
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8293713-27&cid=987098063.1663607318&jid=1978628257&gjid=993135692&_gid=1648165934.1663607321&_u=aCDAiUAjBAQCAE~&z=821519868
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 19 Sep 2022 17:08:40 GMT
content-type
text/plain
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1330670363&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&dr=%2F&dp=%2Fstory%2Fuber-hack-mfa-phishing%2F&ul=en-us&de=UTF-8&dt=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAiUAjBAQC~&jid=1978628257&gjid=993135692&cid=987098063.1663607318&tid=UA-8293713-27&_gid=1648165934.1663607321&gtm=2wg9e05HBJC2K&cg1=article&cg3=security&cg4=national%20security&cd1=GTM-5HBJC2K&cd2=612&cd4=&cd5=&cd6=Mon%20Sep%2019%202022%2017%3A08%3A38%20GMT%2B0000%20(GMT)&cd7=1663607318578.wrhwx77&cd8=0&cd9=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&cd10=en-US&cd11=17&cd12=0&cd13=Tag%20Name%3A%20GA%20-%20Pageview%20-%20Core%20Pageview%20-%20All%20Pages&cd14=36&cd15=Brian%20Dustrud&cd18=&cd19=&cd20=not%20active&cd21=7019f732-25e0-4a38-bce5-b53f5c128960&cd24=1&cd25=Lily%20Hay%20Newman&cd26=632496798990652479ff3877&cd27=2&cd28=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cd29=web&cd30=592645a27034dc5f91beae93&cd31=1&cd32=2022-09-16T21%3A35%3A11.388Z&cd33=3&cd34=2022-09-16T21%3A35%3A11.388Z&cd35=security%7Cnational%20security%7Chacking%7Cvulnerabilities%7Cuber%7Ctextaboveleftsmall&cd36=web&cd38=all&cd43=Wired&cd45=Adblock%20Enabled%20-%20false&cd61=&cd63=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&cd64=&cd65=&cd72=multi-tenant&cd74=msmp&cd92=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&cd93=security&cd94=national%20security&cd95=%2CC0001%2CC0003%2CC0004%2CC0002%2C&cd97=-408604571&cd98=article&cd102=21&cd103=&cd111=932&cd113=gtm.triggerGroup&cd114=false&cd115=&cd116=36&cd121=&cd123=mt_article_two_column&cd127=Friday&cd128=TextAboveLeftSmall&cd129=Etc%2FUnknown&cd131=8&cd134=0&cd135=0&cd172=msmp&cm13=0&cm23=1&cd3=987098063.1663607318&z=276794810
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 01:03:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57932
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1330670363&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&dr=%2F&dp=%2Fstory%2Fuber-hack-mfa-phishing%2F&ul=en-us&de=UTF-8&dt=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=proxy%20pageviews&ea=pageload&_u=aCDAiUAjBAQCAE~&jid=&gjid=&cid=987098063.1663607318&tid=UA-8293713-27&_gid=1648165934.1663607321&gtm=2wg9e05HBJC2K&cg1=article&cg3=security&cg4=national%20security&cd1=GTM-5HBJC2K&cd2=612&cd4=&cd5=&cd6=Mon%20Sep%2019%202022%2017%3A08%3A38%20GMT%2B0000%20(GMT)&cd7=1663607318591.cdqah1om&cd8=0&cd9=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&cd10=en-US&cd11=17&cd12=0&cd13=Tag%20Name%3A%20GA%20Events%20-%20Proxy%20Pageviews%20-%20Pageload&cd14=36&cd15=Brian%20Dustrud&cd18=&cd19=&cd20=not%20active&cd21=7019f732-25e0-4a38-bce5-b53f5c128960&cd24=1&cd25=Lily%20Hay%20Newman&cd26=632496798990652479ff3877&cd27=2&cd28=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cd29=web&cd30=592645a27034dc5f91beae93&cd31=1&cd32=2022-09-16T21%3A35%3A11.388Z&cd33=3&cd34=2022-09-16T21%3A35%3A11.388Z&cd35=security%7Cnational%20security%7Chacking%7Cvulnerabilities%7Cuber%7Ctextaboveleftsmall&cd36=web&cd38=all&cd43=Wired&cd45=Adblock%20Enabled%20-%20false&cd61=&cd63=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&cd64=&cd65=&cd72=multi-tenant&cd74=msmp&cd92=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&cd93=security&cd94=national%20security&cd95=%2CC0001%2CC0003%2CC0004%2CC0002%2C&cd97=-408604571&cd98=article&cd102=21&cd103=&cd111=932&cd113=gtm.triggerGroup&cd114=false&cd115=&cd116=36&cd121=&cd123=mt_article_two_column&cd127=Friday&cd128=TextAboveLeftSmall&cd129=Etc%2FUnknown&cd131=8&cd134=0&cd135=0&cd172=msmp&cd3=987098063.1663607318&cm21=1&z=1844501575
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 01:03:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
57932
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:40 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 17:08:40 GMT
hadron.json
id.hadron.ad.gt/v1/ 		75 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?partner_id=57&sync=1&domain=www.wired.com
Requested by
Host:
URL: webpack:///./hadron_id_submodule/src/js/utils.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.177.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-177-43.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
013694a42f9917dbf4ebba3cd8c1924c763856eefa56e5deaa140bb8688ee6c0

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.wired.com
date
Mon, 19 Sep 2022 17:08:40 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin
content-type
application/json
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?partner_id=57&sync=1&domain=www.wired.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.24.177.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-24-177-43.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin
Access-Control-Request-Method
GET
Origin
https://www.wired.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://www.wired.com
content-encoding
gzip
content-type
application/json
date
Mon, 19 Sep 2022 17:08:40 GMT
server
nginx/1.20.0
vary
Origin
/
www.facebook.com/tr/ Frame F9F7 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.wired.com
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.wired.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:08:40 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
ibs:dpid=21&dpuuid=213420604279323267950
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=66373113506026136401086284029216043361
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=213420604279323267950
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=21&dpuuid=213420604279323267950
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-0fad7b986.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
Crmn+WSuQWg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
via
1.1 29cb8c298da4d2ced72495e99456ecc8.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
PHL50-C1
location
https://dpm.demdex.net/ibs:dpid=21&dpuuid=213420604279323267950
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
Gnp84z-TwyfEyKhchK8WULKDVOGykgswRUfM4ZyskoS84L-Fq0lflg==
expires
0
adview
securepubads.g.doubleclick.net/pagead/ Frame CFB0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CXEwKF6IoY7neDeXzhAa2haT4D_7T969czs-92OoCwI23ARABIABg_eiigfADggEXY2EtcHViLTM4NDQ4Nzc4NjMzMDM3MzmgAeqMwbYDyAEJ4AIAqAMBqgShAk_Q6JJPxwRjt2tMzJduq1JNZl81Z4YnOeIAfmrundSZuWCCYIM_OgjtFpWoCgmRlXOPi00oc3uzFgK_71HDfrvDHWvlGiLwUu7d8yBUL5ipoy6-0RLAOrCeqx6Ig_OD6L-bEuFhvRgSkiZC6mdxBwJwyXu9yCfMvZ0BeCyRExZCmDEvM2cd7-D5dMkoN72tOSGrYczdwBgQVs8_H4NwCSjKklMi2gxnk2onJMdsUYfE0AiH8TkoTL0BxlMEUAocoAWqMoRnRymZDhZkzNrC9uPr1qs4cFNwjpme7ldc7wu016rZP6GW2KfG3nLReMxUWFo7N-gmgpvNp9YjKD90fgFIwD1t_woryG0uwq1V9kIAA5cveoHTcYaRrT9JCUdVZOfgBAGABomY06CD9sX_YKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4NDQ4Nzc4NjMzMDM3MzkY36AQ&sigh=UiWSBG9W4gs&uach_m=[UACH]&cid=CAQSTQCsnQUxaD_unf8qWZQYrN5f50cXSamIol8t9SYS2w4KyfEKH3Zo6tZ84ebo0gomWqpYjPuUJK5wWWRtQwp9_PyfwXQLSBArWY2aLO-wGAE&tpd=AGWhJmuM_zwbajGPxTyPchyNAMsJjiiYXJyHIm1GGZCqSckIv_0kyyTf9e1Axw3spQIGL_9V7tR1t-ET9d-xtVElsLc_eUXBujRrHRGi1Uvy5Nu4mqGUi-ya__tD--ZhbPcVy2lMIrhGho4XVoQMFD_zNeXxsbmwFriovwkcZlmYQFWD3ji2vvTO0T4YcPDGH-8UHJ8zCRURTlDVEH6TQYPrTFgczZPKLjRYHiQ3YyVwoizOV3WLUOfr4GT9TGX_0Ue6C5GdUZfNnbNf5W4X8c3MwXf4Q1ycJSU7Bp9xtsViamE_G0qbgO0EARtXoJE0tkQG1PD105kp80e-NOeSW2VVjEwwBOvoW6_HbZTXmqxtjTp6nSeA3Zjva2UXWM_lBGBiKoA5slvRcYfHgRw98mfONFR0G_aqDdAy9SbC1UgzlNHfHRLFDBe4nw8TTWdqdqOHeIFGcC7kkZV__FT8xcMqF_36npexCcpzjo7eWXMJ5YSJIcSwT1q2RcgF_dvUF8EwcV7Le9gTJexPDMc1sS08LJvXZdUENhvKoFI0Dty4Xd4lxJXBPw3hzqiI5ZwLyKvgsi2wbdanMPLfLaF7OTyTLqidFhb71w6-2OPAuSOpSxX_99pmGvuwq2v7Vc1oQZNXMx3jvnpOFrOJNgBB8Mn-tk4FRkGm8M799TQAhIznA7J0_p84Rd1WmNlC7YYQnPz1YGvWVfIvvpO7TKq6Vn0Gv8VQXsFVr1HfEo7R
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80a::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
dcmads.js
www.googletagservices.com/dcm/ Frame CFB0 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35dc0e7741c0b7b7860544338b1b5378f4027ed6801cc88bf831ffa2a768da00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:14:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3224
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10850
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:32:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:14:56 GMT
rubicon
va6-bid.adsrvr.org/bid/feedback/ Frame CFB0 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://va6-bid.adsrvr.org/bid/feedback/rubicon?t=1&iid=409c46f6-37dc-4d23-ad55-54266494c593&crid=q25m52xq&wp=AE954E1F176BE2E0&aid=1&wpc=USD&sfe=15602217&puid=&tdid=&pid=3i8jb8j&ag=9qnntyn&adv=if4afpp&sig=1F_u26LfzO6P2C84z3CLFhdElTMdohrTQvSCVbLrNAJU.&bp=0.43167048641475864235&cf=3834341&fq=0&td_s=www.wired.com&rcats=7sp&mste=&mfld=4&mssi=&mfsi=&uhow=37&agsa=&rgz=H3A&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=en&mlang=en&svpid=17814&did=&rcxt=Other&lat=45.520000&lon=-73.599998&tmpc=10.629999999999995&daid=&vp=0&osi=&osv=&mk=Google&mdl=Chrome%20-%20Windows&c=CgZDYW5hZGESBlF1ZWJlYxoAIghNb250cmVhbDgBUAuAAQCIAQGQAQGwAQC6AQYI7roHGAzAAfb0BtAB9vQG&dur=CjYKHWNoYXJnZS1hbGxJbnRlZ3JhbEJyYW5kU2FmZXR5IhUI-f__________ARIIaW50ZWdyYWwKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkQKKWNoYXJnZS1hbGxEaXNwbGF5Vmlld2FiaWxpdHlCaWRBZGp1c3RtZW50IhcImv__________ARIKcS1hbGxpYW5jZQpICiFjaGFyZ2UtYWxsTW9hdFZpZXdhYmlsaXR5VHJhY2tpbmciIwil__________8BEg5tb2F0LXJlcG9ydGluZyoGCMCEPRgM&durs=V35sWu&crrelr=&ipl=/3379/conde.wired/hero/security/article/1&pcm=1&vc=3&said=e01438c899c4e185ab48afba271d3516c7b4fea5&ict=Unknown&auct=1&cxlvs=0&im=1&mc=70c50034-dd5b-47ff-86ff-c4d657a4009a&tail=1
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.250.162.129 , United States, ASN26459 (TTD-ASN-01, US),
Reverse DNS
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:39 GMT
cache-control
must-revalidate, no-cache
server
Kestrel
content-type
image/gif
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dvbs_src.js
cdn.doubleverify.com/ Frame CFB0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=20944142&cmp=28483467&plc=345814581&sid=6612625&dvregion=0&unit=728x90
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 13:19:47 GMT
Server
Microsoft-IIS/10.0
ETag
"f128ce2aabbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
ca
choices.truste.com/ Frame CFB0 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=x4etwe1_9qnntyn_q25m52xq&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-109.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
733a9406c80665c4d69a3f36a0ec9d416aed4d859fa95a3183f894c14b9c5532
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
PHL50-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 e329cb97e195e238d2d961aa95a36a4a.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id
0XlMUsd52Fo1sIlMLguDsg3G97fBWOmliN4hoOMjGzl-vru1KM7Mnw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
moatad.js
z.moatads.com/thetradedeskv275874568748/ Frame CFB0 		334 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/thetradedeskv275874568748/moatad.js
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b1d33a490da124213ec8c47d880260190deb1f112b2507b512ba2f547f5a65a1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:40 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 19:27:25 GMT
server
AmazonS3
x-amz-request-id
MJ88YV2N5GVRT4HR
etag
"6f1a2c19a69ce4e0376045985dfdd29f"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=55766
accept-ranges
bytes
content-length
115916
x-amz-id-2
aij2HECy98l0cgshUsojPx6edX78lGFy3qAzUquWjO1SCyXHSTVg9TaYe5ujaZoQVTlVNus2Th4=
register
token.rubiconproject.com/ Frame CFB0 		0
472 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=L890UEY0-3-JU3L
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame CFB0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 17:07:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame CFB0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:56:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
717
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7552
x-xss-protection
0
server
cafe
etag
1588701280721430806
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 16:56:43 GMT
l
www.google.com/ads/measurement/ Frame CFB0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTGmLA3C99oMvz5VXOhdb8I6WobALZthnqQ1qaLM8gpPATpZ8NQZm1NWlvDrBY1aaZv2yXp6pLY15Hi0dtRwELgDpjLIw
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame CFB0 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 14:26:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Sep 2023 14:26:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CFB0 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:08:40 GMT
integrator.js
adservice.google.com/adsid/ Frame 20D5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wired.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
conde_nast_xid
ids.ad.gt/api/v1/put/ 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/put/conde_nast_xid?conde_nast_xid=7019f732-25e0-4a38-bce5-b53f5c128960
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:40 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 05:08:40 GMT
rum
dsum-sec.casalemedia.com/ Frame FBD2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8iKXiPUhteJ9dxzFB1Xj4&google_cver=1
43 B
879 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8iKXiPUhteJ9dxzFB1Xj4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxC0w8rDAhiKgJK_ATAB&v=APEucNXM9gOEcQUgcENctxkxJYw08a762PpFNEd3SK1Bwcx1Jdc_Jr8QaqH6dz9TY1SgmrbOWHyggzUgfoijyjVgifh1L50Znw
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecbc8c76a1e0-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzhQUICeJkRadg14BX8hgSl9YBEjQw1GDRXmgRjR5vTJmG7JXqvgxc5u9TGFJ%2Fm8u222R7akcWzpkzqaGYM4PB6hzCZERq63HP%2BWRjDYkNoztkHbdAG7bhrxhtcL0Apnx8XmJC%2BJGjuDdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8iKXiPUhteJ9dxzFB1Xj4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FBD2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyiiGGLSm-lWytm.iJ357gAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8iKXiPUhteJ9dxzFB1Xj4&google_cver=1&google_hm=2
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8iKXiPUhteJ9dxzFB1Xj4&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxC0w8rDAhiKgJK_ATAB&v=APEucNXM9gOEcQUgcENctxkxJYw08a762PpFNEd3SK1Bwcx1Jdc_Jr8QaqH6dz9TY1SgmrbOWHyggzUgfoijyjVgifh1L50Znw
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecbd1de9a1e0-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mQUvD5lCSvY81itar0pJeev%2F%2BmmalJJA916iVWm5NM907iic7ygXSwoc%2Bn2lJr846lvqKyEZVuoSHpCxHUGLFTeVzEdJg941W3QptDFFv0o9A1UOCju32P%2FVhK837KX45TuiT2MgxWXPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED8iKXiPUhteJ9dxzFB1Xj4&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FBD2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPu_lnP5377qEbOxYqXNsSw&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPu_lnP5377qEbOxYqXNsSw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxC0w8rDAhiKgJK_ATAB&v=APEucNXM9gOEcQUgcENctxkxJYw08a762PpFNEd3SK1Bwcx1Jdc_Jr8QaqH6dz9TY1SgmrbOWHyggzUgfoijyjVgifh1L50Znw
Protocol
HTTP/1.1
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:41 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
bd146efe-93e7-4e68-9be8-db8545006d66
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPu_lnP5377qEbOxYqXNsSw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FBD2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI2NDY3NzMyODg1ODk1Mjg3Ng%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI2NDY3NzMyODg1ODk1Mjg3Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJW2SxC0w8rDAhiKgJK_ATAB&v=APEucNXM9gOEcQUgcENctxkxJYw08a762PpFNEd3SK1Bwcx1Jdc_Jr8QaqH6dz9TY1SgmrbOWHyggzUgfoijyjVgifh1L50Znw
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:40 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
3b7ffe30-bfe0-43a9-a50f-1546b5d633d7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODI2NDY3NzMyODg1ODk1Mjg3Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 857A 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DqBXsJD0rsgz7oa3INtUc3eNnDka1qDX7aue42fpzYonpIUzH3RF_7qEQAwgWcc_xI4VcwEgiNRc9dNcev25dMEhujku7p-SqJGZTK7v1FZjleJdCL2HOGkXadr933XbbvadraXmyHqwRalnUirfEb9mR04g&cry=1&dbm_d=AKAmf-AXecR38qpViNGSPM-Am9l4900rp9HqsqB6TeXxmRLqFt9BR6PgywQZLPVu_iyQ0RrGSe70NPnnq4HpngtmW1XaSmDVaNMpaZHam1G9fgK3U-SDmpxJVr0F3ORM38r1_hWx_1pJSKQtfQNEjKKL55T9szgJYylhqtaDcTITZApcVCZsKYuCxKaWOnH1bdHigqw5GrgFlGtxPdiIORG6jUdReggevzr5lZKdVB2NIVeM5zSLQc5wKra-WjZdapFJQW0c6c5ZzQ5Xcxayrq3EGTjqTRb4hpML-ptBjGx-YjWosVw74GK3hpXJ79w6l8xUyx2U16rBHPBbrol7DKs3Ksfv3WKImAkNBXzjdFvdsWoJdXDDkgll9cSYcFfylh0f_Yci4T4dUoZVolwjf58DnNRQ2kSVu_EvSkXcbtcZISC1VVmoVrBT_YnlorRo9lmZD0QZ8O7LkzgvVBZlY3XkJAhPCEzQU7u_kqnszPPbre9ohvvogIo1ACPAZY339flKSD2y8FAqGwsyQ6WzwCwAXqeQVtUv5nazxJyT59HCW_8YxiU6ENBjQOks9WoZgvudUda8iO3n0XePE8uBnYzjHJjAkktySekTCOTrzTRUgX2bsYvTSBHoufzQquhqunFN0ZiMrSO3KDIpBzwLhdyiKjHa4XOvQViMrc6f9aguAwGiaWqb_CEFwD48tuCM5CaAbDoNdNmTIZVLQo-ilyWH0U8DnuozXVBTE4kybgbUODUF-olhuulZYQOZqjcdUw6dW_Ze22ujydfDjljkeRnq6JgOf3FX35NwNAe9su_C4CtoXH3zLXUziVrMi_e3xjqRxOOT-notrOHJl6dUvbt6efC4IOeqIP9kyf9F0KW57oeBvqQCCnZiD9ixQVb6Pda6Ii3CMDfVAXGxifw2gZvMhjo55sSjbJb7vPUPu482SsCETmNU6b96zNAgMxppgkEppu5E7H79s-jLIfOIt8s1Pkfuzfh4XrBjhRmkkPL300mO2TP1P-hezPn7RkqX6lMPjqoYh2EzlsNzED5ifbfa6AfXoQP4Od-hDfaST20gzHRK0gv26p9Ru-HaoeoX_mIGEYF5Kkkp1-SuuZEB0hTu5NyfokYBhBI0GrPn3YO5G7Kmw6ILRKm6alsenHRr6wxMl0Ai23rbSNqZwp4eJBx-FJpcWgThS1tq6SYmSksOGwlJFvOH_RAb0r5ZEhgmOz4Z1CKZfK-1deX1JGMC2IYT5wo9erbqW9MMPkr3It7_N2twzEhPR9oGqPtRNeECJMLG2iDh-uaH5ZZn2k61FIUjn-BUr-vsvR6O9XYyFCOB1dpa7XPxZNii-ST4CLPzGQy8R8l9S-s43gaiFbEcg2cys18nsMUFgR-o2_W8W97fmlu-ZMcJEaCOAT17MfIAuCF4zd1NA3svUbunIJ_NlgmATvuKAa81IrczdIS9ptczFtb7ZGaYXflzXn6rCeFET96bjvwlE_XTtNSArF8hbPSvcqHuNgre57SuV1qz-EGvUZM86K4iDrwzMzokN3m4JCVFt8Lc0cLtEaAxF5GeF3rDkAu0qDGFZBRSyfKRyaq3lC3U8MhE6DAkftDyuiwkpf7ogQ5ooyVg3D1uZ1mLFuELocYwWM98dE5jFKzJ-ABucYW7q6IqP7-7ne4oyVNXSNGMjXG0z9PjvH4MzwwYXeNvOwYvzjp-mHQyb_if8yI9Jlr4TUOdRIPJv_d217g2BgS_ThaT2zIezq8MBiXhC_UAozG2SErgUgtL3FPUH6nOBTMjbDt3sJYDT0Sgz_BiSKS5Tlh0YGSpcr-Tc1KtObLeidq9enXc6I0l7OrTeHOlUu_8TRKC5a7NLD4WQrbqn6NZZHkKV3RxYsRTkgHtk6W5wVWO6XtChDcVReKI3xy1JNfXuibzqOG6_tTpHvmWLxQHW1CNWfIkbMrtXXNVn6UXfaZMpSX2FZ-ENURb5eKrXkaHmaLjnl22eYbtgYuarwVeKQK1dLvNTNVDl-RFBhcoIhV9jZZNybY2hbDxE2FgunRy_vuQ9uNdVJ96mtNWReSFvpGxBO2jhVgUMtNuBgDmoZo-CLlc4Tt68jG_Sompf3khczVBfM7MQtbYjdhypYJpEef6veuu14o5amwpjg4RxJ5TAwkavBQVaY2CdFcQa2Di7sG5xlmuGWewAbcHr3fA9rs4MOnTGSl71HFVINUpbdCiGKlJvNzOHIyR90G_alzAGr5oahAAexEFkpatM4UKDOjGroCf5NMp4Eb8-lNcUhwDrshlVlLVXPddc4hFov8mlNW43Gme6WA8nAe3YZxGIJ-EspmqtQexQn4qbe5vifHSPRD-UBld7Xe4bfMhCR47M4LgxsmF5p22d8mBl-RQHKkxuQ9gLb4ADUfX3kJt-3N5fr04aYHfGkCWF0SY9VnHiCyS2D7l148ZZDx-W7ZKOpexzXLs1t3ekNurxxTVnBRrS46lpC0_Nmk1pJ0ANdb3zPB8vZdSrkfIoJdO_RwP6rR8NVOOdWLzBLQiLI-ZT2esf6OFDb79La9NRjy9QQjDaDaIJjVdp9F9HnAnl_Va8RHiUZjV6h3PkO44HYxKAHSlnram3Mj2VRFQYqnc3Qill36kQWaVKoXi8Oc-gLKFCFGsqO8K7eS46yoIEpqyFIeYI__-MI9k1QW4HzVNw8kA5udKDjAUznNfA2aAJlDeD9z-bQkc_En7y-J4zUgVCeLD-XQdOQWHGjGPZZJQvMmfjkw6fLysl1GJEeqSN8LjrMMcLekgbG14PAbOWdQmDUBx9u99pnDBJ01JRfKISJxL9NAQk2EnuZb4Vm-BZ8jk6celBXQfMcixVCk1bm3iDnDy0fCyDkrfWkTSVi8nvx_LGimzOKB1oJDtOf6oBrVVObZ9moHejXlnRywGztOv1tK5FkjFlzYYVHIFLEGQjjVqNvU2oMr7qNmia9ZOZ_JgU3GNIAxl7jpyjSywvF-hisGNhn-Duw&cid=CAQSTQCsnQUxoOHwY-3p6ih4CFUmQoXNz3PUtPXCVAYh6US5aCy7BwIJzIeIF_8_o97VuoCYDTu6wMhdvYhuSP6LMFyZ_wRg5kvD2zlWGKju&rfl=1%2Chttps%253A%252F%252Fwww.wired.com%252Fstory%252Fuber-hack-mfa-phishing%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25419
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 10:05:01 GMT
nyAcVyH7Om8H9iGx6CoDmA3rEGLtDUg2FXbpAzHMNBK5HQX7IvM83YCg
www.wired.com/ 		0
117 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/nyAcVyH7Om8H9iGx6CoDmA3rEGLtDUg2FXbpAzHMNBK5HQX7IvM83YCg
Requested by
Host: journey.wired.com
URL: https://journey.wired.com/build-81a8a2d4b6012a28cee66c2306ead313.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 17:08:40 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-yul12825-YUL
vary
Origin
x-cache
HIT
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
apple-news-services-host
www.wired.com
content-length
0
retry-after
0
x-cache-hits
0
17bff89c-bd5e-4418-9a8f-4f512254c851file-1422k-128-48000-768-00001.ts
dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/ Frame 20D5 		631 KB
631 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/17bff89c-bd5e-4418-9a8f-4f512254c851file-1422k-128-48000-768-00001.ts
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-53.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a7dab87e27ba551d648c6bbfc6c0411659b50763c1f116558e294f3a8439444

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:31 GMT
Via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
Vary
Accept-Encoding,Origin
Age
1030
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
645968
Last-Modified
Thu, 20 Aug 2020 21:29:35 GMT
Server
AmazonS3
ETag
"3576ccbb1940c61db99c69ed333479d8"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
2hh9nmVx3xEvz0seAzTkidlgR63KyK8kZIalJvskDe30JpX6jyx7uw==
heatmap-dynamic-view.090f7af857c058ab40b4.js
script.hotjar.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/heatmap-dynamic-view.090f7af857c058ab40b4.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d00377d3a043900eb4ef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-103.phl50.r.cloudfront.net
Software
/
Resource Hash
75c6cc7e4d68b8dec8bb65307a86cea2c0412fdb5d03e77dcf7eb173b78b2209
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 09:17:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
1065092
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=604800; includeSubDomains
content-length
2827
access-control-allow-origin
*
last-modified
Wed, 07 Sep 2022 09:16:56 GMT
etag
"16c693059e6964759ae9d5fdfd5623b0"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
sr8DcEGvR0jf6dsKsUkMAqnLAk-mmNVBHdAGdFp4I7CV4IEJu06OUw==
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8293713-27&cid=987098063.1663607318&jid=1978628257&_u=aCDAiUAjBAQCAE~&z=2004084472
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8293713-27&cid=987098063.1663607318&jid=1978628257&_u=aCDAiUAjBAQCAE~&z=2004084472
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery-3.5.1.min.js
assets.bounceexchange.com/assets/bounce/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_89ceea329a99e3935afd4105c6694d4b.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 15:09:46 GMT
content-encoding
gzip
age
1475934
x-guploader-uploadid
ADPycdtdbhdEkesJWhcIWzybMjIbmGv5qGKdAEyKgOTmGHw2nITuq7F-6YfWInFJSAqLEYFX11NAs9EcHANVDxjO10Vo_Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30848
last-modified
Fri, 26 Aug 2022 17:41:56 GMT
server
UploadServer
etag
"4c2d1f5bd80d2b1f5f95d0bad817950b"
vary
Accept-Encoding
x-goog-hash
crc32c=wSFokQ==, md5=TC0fW9gNKx9fldC62BeVCw==
x-goog-generation
1661535716341186
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
30848
accept-ranges
bytes
content-type
text/javascript; charset=UTF-8
expires
Sat, 02 Sep 2023 15:09:46 GMT
local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame DBC2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_89ceea329a99e3935afd4105c6694d4b.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
1099398
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
gzip
content-length
1055
content-type
text/html; charset=UTF-8
date
Tue, 06 Sep 2022 23:45:22 GMT
etag
"c8e98801795abda075fdb01f17afdf8d"
expires
Wed, 06 Sep 2023 23:45:22 GMT
last-modified
Fri, 26 Aug 2022 17:41:53 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1661535713715036
x-goog-hash
crc32c=8mzcRw== md5=yOmIAXlavaB1/bAfF6/fjQ==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1055
x-guploader-uploadid
ADPycdtdnldMQGIHPD51_hEpmdASPjOSRwqVFQcCo6P_NKou-zz0YLnmlho9gksPioeGP8l4clANDSVr1NouLa6ts9RSlw
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=conde.wired&zMoatAdUnit2=rail&zMoatAdUnit3=security&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oeOd4UyJc8Q0YElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-QQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1066.65625&gp=1512.453125&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=4&f=0&j=&t=1663607316787&de=457303900673&rx=430755292090&cu=1663607316787&m=3710&ar=5aeef158bee-clean&iw=f9dac89&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1512.453125&lb=5988&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A158%3A158%3A0%3A279&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=350&cd=0&ah=350&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.wired&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=200157&na=503355608&cs=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:40 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:40 GMT
ecm3
s.amazon-adsystem.com/ Frame 7A48 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=244a1dcc-7169-c1e3-076e-1636c175875e
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:40 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
0NR77PCPNN5HCZCJKZ3G
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7A48
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YyiiFwAAAEe96ANP
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YyiiFwAAAEe96ANP
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663607321.958944,VS0,VE0
x-served-by
cache-yul12830-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YyiiFwAAAEe96ANP
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
e85b07f5-fd6f-e850-f6b7-8254561181f7
pr-bh.ybp.yahoo.com/sync/openx/ Frame 7A48 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/e85b07f5-fd6f-e850-f6b7-8254561181f7?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:de18:75cd:f3b9:7bd3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 7A48
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=7c9c61b1-6dc3-7a19-c760-94a1a9464cbe&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&ttd_puid=7c9c61b1-6dc3-7a19-c760-94a1a9464cbe&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&ttd_puid=7c9c61b1-6dc3-7a19-c760-94a1a9464cbe&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&ttd_puid=7c9c61b1-6dc3-7a19-c760-94a1a9464cbe&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame 7A48 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTBmM2IyN2ItYTRiNC0yNGJkLWQyODAtY2UxODYzYTQ4MmRl
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7A48
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECw_uSqPNB8uFrNOlPd_1No&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECw_uSqPNB8uFrNOlPd_1No&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECw_uSqPNB8uFrNOlPd_1No&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame E7FE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=VXNSUlNlRDJEZFFFZUZoZDdRRXpfZw&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEB3HunQrisGGqWbLku114Tw&google_cver=1
49 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEB3HunQrisGGqWbLku114Tw&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-75d8c985f8-zgqcz
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEB3HunQrisGGqWbLku114Tw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
current
pulsepoint-match.dotomi.com/match/bounce/ Frame E7FE 		1 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2606:ae80:1451:19::1400 , United States, ASN26762 (CNVR-US-EAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:41 GMT
server
nginx
content-length
1
content-type
application/octet-stream, text/html
ecm3
s.amazon-adsystem.com/ Frame E7FE 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=jtiWPfNSdxnN&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:41 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
S5Z0HRC94AW3GD4RBMP2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
a.ad.gt/api/v1/ 		0
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.86.50.147 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-86-50-147.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://www.wired.com
date
Mon, 19 Sep 2022 17:08:41 GMT
server
nginx/1.20.0
vary
Origin
getpixels
pixels.ad.gt/api/v1/ 		0
52 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=dd5b710802a24765cb9b27fa45eac5c5&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.124.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-124-182.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:41 GMT
server
nginx/1.20.0
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:37:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1898
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 19 Sep 2022 17:37:02 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:47:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
1261
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 19 Sep 2022 17:47:39 GMT
ibs:dpid=269&dpuuid=57306328-a219-4200-a76f-0b221154f721&ddsuuid=66373113506026136401086284029216043361
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=66373113506026136401086284029216043361&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d66373113506026...
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=57306328-a219-4200-a76f-0b221154f721&ddsuuid=66373113506026136401086284029216043361
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=269&dpuuid=57306328-a219-4200-a76f-0b221154f721&ddsuuid=66373113506026136401086284029216043361
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0361a21b6.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
dfWchLHRQZU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Mon, 19 Sep 2022 17:08:41 GMT
Server
MT3 4505 5b23575 master iad-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=269&dpuuid=57306328-a219-4200-a76f-0b221154f721&ddsuuid=66373113506026136401086284029216043361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 17:08:40 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 857A 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
Origin
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 02:03:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
54304
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Sep 2022 02:03:37 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame 857A 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVNm1f_1YpntKxuZ7kbl4Q996LvD5f0Ctk2h6OOawnl9Rj2wS8&d=CokBAKAmf-DDK1uApacNfezHyTKl8Hx-ynv3aLClj2Zq99InI0ztz2kirwMBuAfCTGq0SmXnnNxB_6vNw3fFfFSG3USxaeX11JUQy94vpDzuoSC6pdCIx6tyltNjSYNnXhREDQ_gwhbyav_oneYpGJW8rthf8ZjJvrTC35bO60Pid3qD0U54IxYHz-AS6RMAoCZ_4M7eIux9byaO2UjROKDLtyZJkQanAdzzR1l5QMY9r4FZCC2na1L-gKT0-a7m9NO-bwaYv6nMJtJiOx2avg_TVtRydaFMYoqJvaWYmwB7IIUL94c1lwVyjeqloG_8cA3Yi2bdz2PN0XuK3OZyXwaEi4q4YDSqyrphxqO0KaGN0Tv018Seyi6uoVNab1mt5eP0wucp68NMuwhPu9QZndTXExcll_5wfYb29Wzrb1d38ilecTygm-sSi-GZcJ5C8wAz2cyLQ7SeTxo2Q0n8VKlNzLFVnwG6jUQeDfZg_w609TLEEdD31XFpXI65wJo7ZC0d3Bb4X2XByEPPnyI_WlatzxVTKe9pzOdy0H-B0DrfmuT7eTQbmznUnr3aPJvga6yrVsLRZ63MH67VP6rtxcKNhuNbl8JA8GkLxPtfMq-68cjkif-uuCwZwl1rczRNmoNWCdTolTpmH1T3_wQWpW4Swso14vOW1ux2vK_jovSlWWKa_13TTVuLBB6Kbp2ruWB3es4lWADduQqTi8C5LhxbjEg-2LSlURvWii48B-4yJEg1MXyTNgIsqK-iNBNYnGldk6shp43mm3ReVGvyHW5StCvP_6hmYmlG9k8EVFEWvYjDUU7uc7E3gcbQAoYAJJ3_n2QL_jqodANzntnp4eCxHaPIoHaJ5xoU4JHVpC50wbXISaGrvSLdDbyJlp-RKcki3agc9LG6O_3ve-rMuSP0sULLl20U2H3yFibHBbGKHkeMtnslp0coUojN79FIoAZnNFvTQ73magqDDO6WskavUF0qgJtb_tKm5bJPbjBdbe2U8WY7eoh1KjJI2SccrLLsLdXwJ7h0h7Hgy89kh3hHDrJym_HwYvIy20V3sa7OkTxoLj0fp1HLGrgd9yMqeAkYQFWOoXDD_vz2xTc6M4t6gvNSqBlB-SKB0r5wv4l-uGXywn6dMk4J4FzOtQmIdeMSFuNH0SIXSl482ygZi0sbSh0BWlqUYJlJ0apgRRV7BrEIZffLvTHNmXb-gJ5f9vFO2aQ7frwG-g9NvnuYdnztsfANaFYQRXYs38WqWfj1Zq5NAgPs6MASyUldv5c_I5EMBPk89aCjg67gWSafFceG-Ocjy4YfVYLGp3VxEC-iA74nO2LGRqZ-bFO1O6Rg5azxhWeiAU7VN9AsPvC6C6RK_y2YEmKY7IIJo2kaFsBGNgkcHgr_Zti0nc7eAcwU4mZuBD79mHkU2-Gl5RJkIJTMgPz1lKRCvx-qyrXldrFedgs243s9cQbU2rgOSd8SiOdcj5yuEjtdvLqhGJ0Q5-7IJlDqddqkDDGC95TszrznfKCzeMZBiW-FUlv9YlEIkwNrbnTD5Dly7nEbgqkmlHAoPIYXljLGZd5hbYHDGz40QstGNoN21pRIJP_GEGesG5h_OZZ7UZuTXnP5sXE0VErUW7v74V4mju288Z5RnZO6cqHmL9i84ast6ISepBP9OBx_dsQjupb3NV89svSYu4c2o_XF_e-61VQwbBHlhoSILgJQTryqkP1PkRSMvB54j4E7fBAJ4pynm97aFHNvb_05Ysjnk0T9ktBq6llbtffoQJAJT4dFNeicNxtxPr0ZjOfEMfthacDxaJsCUc6mmG4SkrePkEh-PBiyFrfdtCO0gpdcLsqB3nQBMzBcLdsxoinih6bJwBtGR4Bjho_fZsOc1_DagwNqfuS29CXPd-okbQfzvBNQf3qdxWok9oQydljltc1HdgvA5BhLPclbtcARUu1d3t_plcDUSS6_jaU0P4hANcvTzxCEMf4WQqFSkXaZVKx8wXdJ_yLzwNvS1lJGOCVHXivTsEi_0ejVUcYCZ6WokoFRQRaMuwzJjxAVsKhPTGqvmBYU25YDf_P5ResFU7qgj57YZd0CF-EfF2nqoYW_vMXvCFe6RXGhDl68qvt2WN_VMJEuhRZYqKWKyqpzZ8aGpoZHk085kaE3QvPnIhUPzgPZ4t4NXJP787cVC-k2iGVW8ZgV5DxsrTGayOMyPl1qpaEAYw8h7WchrL5NUeL5sTKG8fcc-DnNvQHjX-QdUXxgYkuCOdAsM3eEf8UmmEiuEDmiuBlSn9kLY_sjCpP0u_pbhrlOwDRmbM4k_b8MaLUmFsDEFcjUz8v4lBl5hCy3Fw8whI6_6BUQISSIF-Dxmf-qX6_TQbF-5TDhZZ0vqyOEOqi2f3ekM-y7G8rq3n1KuUg8q-hnmYLBy6DZ_1MHdhor6gmIGoodxLk81eTzURxeR6faerNFCDaXNx_XoZeo-Cn2vwPmuMwpT1ilGX6ZGg1MLzQBvI9CuIdfF0VmKs_Hp_DKl14QU5KQ227pnDex8y2e5D5Qc8-e9d9jVlOfa7uxsIir-lC6Kb_2TK-eF-Q3bkRv3XXIP-BfX98diQu6Jd_yLahua1wvsUqNk9_0Rvor1JEC1p2Sqd53vXyVa65nKn-DK_Uxrz5fhDCzIwg7f2kYRpxLJN9n1NiJPAtpL8igrxook5nxoCaBdjALYOfvgPtHODgv0I9sWkjBkzNMeCeDJjp6UCVR49d4P_YSQ4qpXHdRZLy860he9f26eIocD6xP2wns_tRngvlpsWj6_uCakS0Z9rKVbOLSts_CO73_Pj2AjqSe2UHJ-pM1lUwuxkH36zf059qMxbD9iDTbkM7m-N3N3RI5Dnz1DPromCsgCiRQEhQbzZJDLlCdrdLPHHqRZqc-cbapo_-4ZwNIPEH_DKYZOtscdMjz3TJeB0JUMrUcjuYHlMu1_iKh-qh4m3PRDK0WkPYyT_OB7hJtOqvL2bry58jYjeruNxzdNhvBaiNDKVJBjEqU9hJ9avOGE2cQsKKxxnR05LfWpU36BTPo2zfMwqEhs25q2l2mLqrgbz4OZ9dLINRv7xJWcibQbk89JmsBZ3D0jMMuxYyFkKJIJTo577wKqr1qFj2ZjYi_Y8WJHz8-HKo7YS52yer7pInkndshiDk1IpyfrzkKz2IEgk9kgtwg6DizW_e3cJW2ufXtBrttrvbFXF3FRSZJAtFr91KHen5RF8QTPASBaQ3N3iNv0wguAVUjlxIyOksohFONX30TyCHZka3RW1fdE9UiS6vah2jLGKp1uZp0ms9AWg4ZrYlcRjhz7JeHT_j9kBi8kwYA_bJPEgysCjwRtIKR_SuMth37vujiKrJaxr79FxoFIHDYESR7Gpdl3mVv4eoVfyOKlVrnok5bG-AQrCEK5DgIOaP2hLW1UVqAxP2gVqb5CB2Vyg8Ws-LT7pE8kGu73SULWM9530SZt-A05XiTer93iwtveec9Y7ervrhy8CsjcZbHzu8cbxboYH92ohaGztHnPQsB5ICKVXgN5yxFE98zT5e2UkN71QapCZyHZmnzlC6MacuQbdFjexPxcxpRCAQSTQCsnQUxoOHwY-3p6ih4CFUmQoXNz3PUtPXCVAYh6US5aCy7BwIJzIeIF_8_o97VuoCYDTu6wMhdvYhuSP6LMFyZ_wRg5kvD2zlWGKjuYAE&cry=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 17:06:57 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame 857A 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite.js
Requested by
Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNVNm1f_1YpntKxuZ7kbl4Q996LvD5f0Ctk2h6OOawnl9Rj2wS8&d=CokBAKAmf-DDK1uApacNfezHyTKl8Hx-ynv3aLClj2Zq99InI0ztz2kirwMBuAfCTGq0SmXnnNxB_6vNw3fFfFSG3USxaeX11JUQy94vpDzuoSC6pdCIx6tyltNjSYNnXhREDQ_gwhbyav_oneYpGJW8rthf8ZjJvrTC35bO60Pid3qD0U54IxYHz-AS6RMAoCZ_4M7eIux9byaO2UjROKDLtyZJkQanAdzzR1l5QMY9r4FZCC2na1L-gKT0-a7m9NO-bwaYv6nMJtJiOx2avg_TVtRydaFMYoqJvaWYmwB7IIUL94c1lwVyjeqloG_8cA3Yi2bdz2PN0XuK3OZyXwaEi4q4YDSqyrphxqO0KaGN0Tv018Seyi6uoVNab1mt5eP0wucp68NMuwhPu9QZndTXExcll_5wfYb29Wzrb1d38ilecTygm-sSi-GZcJ5C8wAz2cyLQ7SeTxo2Q0n8VKlNzLFVnwG6jUQeDfZg_w609TLEEdD31XFpXI65wJo7ZC0d3Bb4X2XByEPPnyI_WlatzxVTKe9pzOdy0H-B0DrfmuT7eTQbmznUnr3aPJvga6yrVsLRZ63MH67VP6rtxcKNhuNbl8JA8GkLxPtfMq-68cjkif-uuCwZwl1rczRNmoNWCdTolTpmH1T3_wQWpW4Swso14vOW1ux2vK_jovSlWWKa_13TTVuLBB6Kbp2ruWB3es4lWADduQqTi8C5LhxbjEg-2LSlURvWii48B-4yJEg1MXyTNgIsqK-iNBNYnGldk6shp43mm3ReVGvyHW5StCvP_6hmYmlG9k8EVFEWvYjDUU7uc7E3gcbQAoYAJJ3_n2QL_jqodANzntnp4eCxHaPIoHaJ5xoU4JHVpC50wbXISaGrvSLdDbyJlp-RKcki3agc9LG6O_3ve-rMuSP0sULLl20U2H3yFibHBbGKHkeMtnslp0coUojN79FIoAZnNFvTQ73magqDDO6WskavUF0qgJtb_tKm5bJPbjBdbe2U8WY7eoh1KjJI2SccrLLsLdXwJ7h0h7Hgy89kh3hHDrJym_HwYvIy20V3sa7OkTxoLj0fp1HLGrgd9yMqeAkYQFWOoXDD_vz2xTc6M4t6gvNSqBlB-SKB0r5wv4l-uGXywn6dMk4J4FzOtQmIdeMSFuNH0SIXSl482ygZi0sbSh0BWlqUYJlJ0apgRRV7BrEIZffLvTHNmXb-gJ5f9vFO2aQ7frwG-g9NvnuYdnztsfANaFYQRXYs38WqWfj1Zq5NAgPs6MASyUldv5c_I5EMBPk89aCjg67gWSafFceG-Ocjy4YfVYLGp3VxEC-iA74nO2LGRqZ-bFO1O6Rg5azxhWeiAU7VN9AsPvC6C6RK_y2YEmKY7IIJo2kaFsBGNgkcHgr_Zti0nc7eAcwU4mZuBD79mHkU2-Gl5RJkIJTMgPz1lKRCvx-qyrXldrFedgs243s9cQbU2rgOSd8SiOdcj5yuEjtdvLqhGJ0Q5-7IJlDqddqkDDGC95TszrznfKCzeMZBiW-FUlv9YlEIkwNrbnTD5Dly7nEbgqkmlHAoPIYXljLGZd5hbYHDGz40QstGNoN21pRIJP_GEGesG5h_OZZ7UZuTXnP5sXE0VErUW7v74V4mju288Z5RnZO6cqHmL9i84ast6ISepBP9OBx_dsQjupb3NV89svSYu4c2o_XF_e-61VQwbBHlhoSILgJQTryqkP1PkRSMvB54j4E7fBAJ4pynm97aFHNvb_05Ysjnk0T9ktBq6llbtffoQJAJT4dFNeicNxtxPr0ZjOfEMfthacDxaJsCUc6mmG4SkrePkEh-PBiyFrfdtCO0gpdcLsqB3nQBMzBcLdsxoinih6bJwBtGR4Bjho_fZsOc1_DagwNqfuS29CXPd-okbQfzvBNQf3qdxWok9oQydljltc1HdgvA5BhLPclbtcARUu1d3t_plcDUSS6_jaU0P4hANcvTzxCEMf4WQqFSkXaZVKx8wXdJ_yLzwNvS1lJGOCVHXivTsEi_0ejVUcYCZ6WokoFRQRaMuwzJjxAVsKhPTGqvmBYU25YDf_P5ResFU7qgj57YZd0CF-EfF2nqoYW_vMXvCFe6RXGhDl68qvt2WN_VMJEuhRZYqKWKyqpzZ8aGpoZHk085kaE3QvPnIhUPzgPZ4t4NXJP787cVC-k2iGVW8ZgV5DxsrTGayOMyPl1qpaEAYw8h7WchrL5NUeL5sTKG8fcc-DnNvQHjX-QdUXxgYkuCOdAsM3eEf8UmmEiuEDmiuBlSn9kLY_sjCpP0u_pbhrlOwDRmbM4k_b8MaLUmFsDEFcjUz8v4lBl5hCy3Fw8whI6_6BUQISSIF-Dxmf-qX6_TQbF-5TDhZZ0vqyOEOqi2f3ekM-y7G8rq3n1KuUg8q-hnmYLBy6DZ_1MHdhor6gmIGoodxLk81eTzURxeR6faerNFCDaXNx_XoZeo-Cn2vwPmuMwpT1ilGX6ZGg1MLzQBvI9CuIdfF0VmKs_Hp_DKl14QU5KQ227pnDex8y2e5D5Qc8-e9d9jVlOfa7uxsIir-lC6Kb_2TK-eF-Q3bkRv3XXIP-BfX98diQu6Jd_yLahua1wvsUqNk9_0Rvor1JEC1p2Sqd53vXyVa65nKn-DK_Uxrz5fhDCzIwg7f2kYRpxLJN9n1NiJPAtpL8igrxook5nxoCaBdjALYOfvgPtHODgv0I9sWkjBkzNMeCeDJjp6UCVR49d4P_YSQ4qpXHdRZLy860he9f26eIocD6xP2wns_tRngvlpsWj6_uCakS0Z9rKVbOLSts_CO73_Pj2AjqSe2UHJ-pM1lUwuxkH36zf059qMxbD9iDTbkM7m-N3N3RI5Dnz1DPromCsgCiRQEhQbzZJDLlCdrdLPHHqRZqc-cbapo_-4ZwNIPEH_DKYZOtscdMjz3TJeB0JUMrUcjuYHlMu1_iKh-qh4m3PRDK0WkPYyT_OB7hJtOqvL2bry58jYjeruNxzdNhvBaiNDKVJBjEqU9hJ9avOGE2cQsKKxxnR05LfWpU36BTPo2zfMwqEhs25q2l2mLqrgbz4OZ9dLINRv7xJWcibQbk89JmsBZ3D0jMMuxYyFkKJIJTo577wKqr1qFj2ZjYi_Y8WJHz8-HKo7YS52yer7pInkndshiDk1IpyfrzkKz2IEgk9kgtwg6DizW_e3cJW2ufXtBrttrvbFXF3FRSZJAtFr91KHen5RF8QTPASBaQ3N3iNv0wguAVUjlxIyOksohFONX30TyCHZka3RW1fdE9UiS6vah2jLGKp1uZp0ms9AWg4ZrYlcRjhz7JeHT_j9kBi8kwYA_bJPEgysCjwRtIKR_SuMth37vujiKrJaxr79FxoFIHDYESR7Gpdl3mVv4eoVfyOKlVrnok5bG-AQrCEK5DgIOaP2hLW1UVqAxP2gVqb5CB2Vyg8Ws-LT7pE8kGu73SULWM9530SZt-A05XiTer93iwtveec9Y7ervrhy8CsjcZbHzu8cbxboYH92ohaGztHnPQsB5ICKVXgN5yxFE98zT5e2UkN71QapCZyHZmnzlC6MacuQbdFjexPxcxpRCAQSTQCsnQUxoOHwY-3p6ih4CFUmQoXNz3PUtPXCVAYh6US5aCy7BwIJzIeIF_8_o97VuoCYDTu6wMhdvYhuSP6LMFyZ_wRg5kvD2zlWGKjuYAE&cry=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:06:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
160
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11717
x-xss-protection
0
server
cafe
etag
8998177921611256807
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 17:06:01 GMT
1422
check.analytics.rlcdn.com/check/ 		25 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1422
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-35.phl50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:08:41 GMT
via
1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
e89d3355-6857-42fd-9c4d-b90041d375ea
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6328a219-0a134fdf0a1ad99606c0ff4b
x-amz-apigw-id
Yt5D9GPAjoEFrwA=
content-length
25
x-amz-cf-id
zuoPC6xCHJYpl2C7wgxPWseEYatHLdnuMN3RVWlCR2HCFiw1xycfug==
usync.js
eus.rubiconproject.com/ Frame 346B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0c7511f3b050b0c377e16f2f52a3b8282c74e60ff1112a015d34e7088c00783e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74627
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9419
Expires
Tue, 20 Sep 2022 13:52:28 GMT
1422
check.analytics.rlcdn.com/check/ 		25 B
386 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1422
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-35.phl50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:08:41 GMT
via
1.1 e5ff4a3d69612691bbce9d66888e6aa4.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amzn-requestid
29162aba-02bb-4469-b80f-4bdba3e07acd
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6328a219-573fe61d55461430419ce87d
x-amz-apigw-id
Yt5D9FOQjoEF4Nw=
content-length
25
x-amz-cf-id
iArPcZXib3l2jZpGIFdKssewNQRIMPNEHjz8pLD-FTEDFm61-S7CdQ==
impl_v90.js
www.googletagservices.com/dcm/ Frame CFB0 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v90.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 00:07:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
579643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21331
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 13:07:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 13 Sep 2023 00:07:58 GMT
dcm
s.amazon-adsystem.com/ Frame EAD0 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyiiGGLSm_lWytm-iJ357gAAAd0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:41 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
8YN2C7D8PJ41VTNRA4DM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame EAD0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyiiGGLSm_lWytm-iJ357gAAAd0AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENxkKKv4VWQdY6PFC8d0Wrw&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENxkKKv4VWQdY6PFC8d0Wrw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecbd682ff999-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gqGkiS3y5dnpTjugKtu9h%2F%2B1rMK6trvmg%2BdWaEoe%2BJPjQyhcPDmoTbDWoRwDTFpzN8oZ52FDohvtZE7WJP5R7YgoJYbAsmd2NQBXHmb7D07Mxv2vFZ1zADeniDItNw8P%2F8uhQyprWiVwKA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESENxkKKv4VWQdY6PFC8d0Wrw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame EAD0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&expiration=1666199321&gdpr=0&gdpr_consent=
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&expiration=1666199321&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecbd8ed2a1e0-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gZVI2LMgwd8Ld0XdfzJxAA6BIw%2FcNQhr%2BPNDbLjre%2FIerKL3ZWDJpb2FN%2BVnLlbzQfDLT5eAoYLEPxBculIUrNULCAfWsT%2BaHg4zjqNDv7cJYei44X%2FuOE78OW6G%2BwwSwZzY51EYGQDIlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&expiration=1666199321&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame EAD0
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyiiGGLSm-lWytm.iJ357gAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED8iKXiPUhteJ9dxzFB1Xj4&google_cver=1&google_hm=2
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED8iKXiPUhteJ9dxzFB1Xj4&google_cver=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecbf6ab4a1e0-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4q8l4DPxUowJO5MgS1KwVcAcUgtMsD1Zv7Ba2N2yIwTc66XOUN8aOakktgXLuYV45fVxglAUz2pWsAKXjHMvQhTxD56QBo7AASu7YHnWAhFtLJHbWV6551%2Fp4qHrzcC7xHYKkmOApjW2A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESED8iKXiPUhteJ9dxzFB1Xj4&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
r.casalemedia.com/ Frame EAD0
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=90bdf3b3-ba17-4bca-a94a-de573e2a8405-6328a219-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=90bdf3b3-ba17-4bca-a94a-de573e2a8405-6328a219-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=90bdf3b3-ba17-4bca-a94a-de573e2a8405-6328a219-4341&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=90bdf3b3-ba17-4bca-a94a-de573e2a8405-6328a219-4341&gdpr=0&gdpr_consent=
43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=90bdf3b3-ba17-4bca-a94a-de573e2a8405-6328a219-4341&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecc12a22a1e6-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lpnKN4G7Pvf%2BkGTNSDsAAqSU3MUQtF%2BeuSj%2FVXTAtZjcoyQhS3LwimyowOs9DODfWwWRd6fR5NUSsGu7UJ3fT%2BjsYww1Nov%2F00WkV3vGGFHvyWLRqT0As1jmN4OQq0%2FEeqrS"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=90bdf3b3-ba17-4bca-a94a-de573e2a8405-6328a219-4341&gdpr=0&gdpr_consent=
date
Mon, 19 Sep 2022 17:08:41 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
rum
dsum-sec.casalemedia.com/ Frame EAD0
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=8210b848-c2fc-40a7-b79f-217b73523159&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=8210b848-c2fc-40a7-b79f-217b73523159&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecbf09ffa1e0-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBM8aIzQYmL0sP%2BPGsoGjKOVgByuqr4X%2BkvSe93%2BEMMzNUw71cyoExHKmzA23LnOZFca1c%2BO27dpxl93xNiL1yqqssYNGGpKssGG0hJQr%2F9bbwx%2FWzpo0UGag3992KChD%2FoaDni2NDPmXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=8210b848-c2fc-40a7-b79f-217b73523159&us_privacy=null&gdpr_consent=null&gdpr=null
date
Mon, 19 Sep 2022 17:08:41 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74d3ecbd6ce8ca6f-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
indexexchange
sync.adotmob.com/cookie/ Frame EAD0 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.129.159.219 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-159-219.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
crum
dsum.casalemedia.com/ Frame EAD0
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8264677328858952876
43 B
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8264677328858952876
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecbe3f3b4003-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKh%2BrBVJnF%2BHC0iT3BpJ5DawX0ZbC7Enwt8FLU5VXHrrmCDXkUzqrEFSGBL%2FcB3t3y88dEEvsQ4EC3EOJ3oYEjQyxdNgZ9VfbDn9ORJ0mFO%2F4B7u2KbeCICud8MM%2BYzy6Cup%2B%2FTn"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:41 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5f903740-709f-4325-a09d-86ce18344509
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=8264677328858952876
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame EAD0 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YyiiGGLSm_lWytm-iJ357gAAAd0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:41 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
F72JQS010DTTW6ZK90W6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
halo_match
ids.ad.gt/api/v1/ 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001663607319-29KI610D-PHIA&halo_id=060fg7fcdlebbd8a8h8fi68bi6fafj9hkdloq2ojk0mggk4e4s4ou04gu0oeow6sy
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:41 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 05:08:41 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=conde.wired&zMoatAdUnit2=hero&zMoatAdUnit3=security&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oeOd4UyJc8Q0YElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-QQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=436&gp=-176&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=4&f=0&j=&t=1663607316787&de=470420900414&rx=430755292090&cu=1663607316787&m=3867&ar=5aeef158bee-clean&iw=f9dac89&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=-176&lb=5988&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A158%3A158%3A0%3A279&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=0&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=163&cd=0&ah=163&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.wired&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=200157&na=423880897&cs=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:41 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:41 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3EBD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
3208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 16:15:13 GMT
expires
Tue, 19 Sep 2023 16:15:13 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
load77.exelator.com/ Frame 919A
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=66373113506026136401086284029216043361
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=66373113506026136401086284029216043361&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Mon, 19 Sep 2022 17:08:41 GMT
x-age-lb
19
x-77-nzt-ray
oiAOhwt+fGk
x-77-cache
HIT
content-length
43
x-cache
HIT
x-age
1026573
x-77-nzt
Alm7sQ/WGtf/DaoPAJySO+jLG7X/EwAAAA
x-lb-ip
156.146.59.232
x-cache-lb
HIT
x-accel-expires
@1663617548
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
etag
"59f0c3fc-2b"
x-lb-pop
newyorkUSNY
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
expires
Fri, 15 Jan 2021 19:58:16 GMT

Redirect headers

date
Mon, 19 Sep 2022 17:08:41 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
B28483467.345814581;dc_ver=90.266;sz=728x90;u_sd=1;gdpr=0;dc_adk=3366117014;ord=x2q7k7;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D409c46f6-37dc-4d23-ad55-54266494c593%26ag%3D9qnnty...
ad.doubleclick.net/ddm/adj/N1409823.2185900AMNETCANADA/ Frame CFB0 		61 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1409823.2185900AMNETCANADA/B28483467.345814581;dc_ver=90.266;sz=728x90;u_sd=1;gdpr=0;dc_adk=3366117014;ord=x2q7k7;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D409c46f6-37dc-4d23-ad55-54266494c593%26ag%3D9qnntyn%26sfe%3D15602217%26sig%3DmmItmTVXtXElnRNIPf4_io-vNhEUajKxzYR-6wq56qY.%26crid%3Dq25m52xq%26cf%3D3834341%26fq%3D0%26t%3D1%26td_s%3Dwww.wired.com%26rcats%3D7sp%26mste%3D%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D37%26agsa%3D%26wp%3DAE954E1F176BE2E0%26rgz%3DH3A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D17814%26rlangs%3Den%26mlang%3Den%26did%3D%26rcxt%3DOther%26tmpc%3D10.629999999999995%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESBlF1ZWJlYxoAIghNb250cmVhbDgBUAuAAQCIAQGQAQGwAQC6AQYI7roHGAzAAfb0BtAB9vQG%26dur%3DCjYKHWNoYXJnZS1hbGxJbnRlZ3JhbEJyYW5kU2FmZXR5IhUI-f__________ARIIaW50ZWdyYWwKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkQKKWNoYXJnZS1hbGxEaXNwbGF5Vmlld2FiaWxpdHlCaWRBZGp1c3RtZW50IhcImv__________ARIKcS1hbGxpYW5jZQpICiFjaGFyZ2UtYWxsTW9hdFZpZXdhYmlsaXR5VHJhY2tpbmciIwil__________8BEg5tb2F0LXJlcG9ydGluZyoGCMCEPRgM%26durs%3DV35sWu%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F3379%2Fconde.wired%2Fhero%2Fsecurity%2Farticle%2F1%26pcm%3D1%26ict%3DUnknown%26said%3De01438c899c4e185ab48afba271d3516c7b4fea5%26auct%3D1%26cxlvs%3D0%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F$0;xdt=1;crlt=DjtbY)mk0X;gcsr=m;stc=1;chaa=1;sttr=134;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f6.1e100.net
Software
cafe /
Resource Hash
0c0d06a3263585957eed5ce7ced05f0d8f5c60418544fa74cd4c9619172eb918
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28241
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/15895870535127717286/ Frame 735C 		34 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15895870535127717286/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85864f071a9ad44581c779d4b39c7c1e080292689c668d3ac34d020cd9cc9cc0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
26279
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5127
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 09:50:42 GMT
expires
Tue, 19 Sep 2023 09:50:42 GMT
last-modified
Fri, 18 Feb 2022 18:09:06 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 857A 		0
575 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOJZHf5bvFCemJMtCA5rlYqUk28r6w1rYg6ODmQnGuLzMfxlUctO2dzr98gGH-cS_FAsE7yOBtvCODzMhrbzC2a5NJZyb5ekCK5o2RwUC_jCu2z0y-eKVhgkhNY9ylNixRryAzYWLzRmq085oG7LYLTizj9aGf&sai=AMfl-YQpKSUQ1drkqkpjlXfPHXsxdr3Mc_Vk5n6IzniBNH09Ce7uXmhs9ssuLSy3Cat5oImWxWJk8HWPGTQE5-9K0Vka0r5XnKwwdEOZdSNbtzr-i9-movqhLlvWn39yg6gmjtO6fS2xpDVUPijHlac&sig=Cg0ArKJSzDhNP4xIHbV3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=225&cbvp=1&cstd=222&cisv=r20220914.99249&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CONDEVIDEOCONTENT1&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1663607321048&de=199781840699&m=0&ar=5aeef158bee-clean&iw=cf980cc&q=5&cb=0&ym=0&cu=1663607321048&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=Internet%20Expert%20Debunks%20Cybersecurity%20Myths%3A%2F3379%2Fconde.wired%2Frail-player%2Fsecurity%2Farticle%3Aundefined%3Aundefined&zMoatVideoId=5f2178a1bcdfff5e2a4786ac&zMoatAP=true&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=4&zMoatOrigSlicer1=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&zMoatOrigSlicer2=N%2FA&zMoatDomain=wired.com&zMoatSubdomain=wired.com&gw=condenastjsvideocontent160527792519&fd=1&it=500&ti=0&ih=2&pe=1%3A158%3A158%3A0%3A279&fs=200157&na=352932111&cs=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:41 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:41 GMT
ecm3
s.amazon-adsystem.com/ Frame 346B
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=L890UEAB-I-J01J
  • https://s.amazon-adsystem.com/ecm3?id=L890UEAB-I-J01J&ex=d-rubiconproject.com&status=ok&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=L890UEAB-I-J01J&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:41 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
4048HJDQG9207B90A88D
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=L890UEAB-I-J01J&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
Expires
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame E4F7 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3195
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 16:15:26 GMT
etag
48472445140208031
expires
Tue, 20 Sep 2022 16:15:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 857A 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
232c4a0172c44381d68b1097f313840805eea86f6c5c9efa46b7eed1b25e333f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
init1.js
api.bounceexchange.com/bounce/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=1431&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDZCBmQgBgHYSAmfEgThs2AC8QpzMB3AUwCMcqYLwD6qACZQaADhoBWTACdeOEABs4aDAQrkAHvhrkuKmLyUqlUbAEN161AgDmouEvVQAFsGAAHHABSEgBBQJoAMXCI7liAOm5UFQk4pBAAW2icUCUAT2i4fgsAWi9bJABrYvSYW2K-L1QcRpdozAA3JuFRNJAK1F4oQMoAIXCadT9x4LCaGh9-IIVQ8PlI1cjY7gSk3hS0zIVI7JA8jYjCkrLK6tr6xuanZ3PpmgBhcaVplbnpygARbAgPoDIajcbtb5hcFzHCFdLCEQSUQYIQiKG1dQ4XjhD5zXjtCyidQgZzOPbiBAY+zY3HjOH8BG+Cm8dK2VDqUT8coVJBlBAIXjqalYnHvenwxEstkc0TOWwScnAdS2QQi2ni2GS5nI1nszny9KqdVivE0BlMpGiPWy4BKWwIHB+U7AE10rWMqW6mWckR8pzAbggN2a83aq02zk4JADZBimgzTEas0Wr3Wn2iCS8GkhlPh6X6zP6-K-UJJ03jJBIPy2Hr2VBQu1wCtzFSueUiUSpnW5z68du2TvuYWlkLl91hz069OF50SJC2bJLBNlmk4gHDQHtWxKHAAbRr5NEwFyfl4AF0oDu0Eh1LwOjv9wrRJ0hPw75fyw-d3vr6hb2ICC2Eal4ACpeGK5AAKpFF8xgABI8oEcDGPgDBLOQ-wEouwCDugVLGAAkhhABScDZOE5AAMq4UoaCtMYoCUQASgS2YjuQhHANi6gwN+T50f+d51iIzinLkl5UbwSDuMIuT8XuZS8TWuTcPYnKvqg74XrAa4KfwIC+Bk3JKC+XTaZ+enbj+KlqQ4lmigp8AOLZ6lmW+H66Y51n7k6tZsQgwDplKSgOdiCndlaqLCDpX4+XuJJkhSThhfe8VsaZiXksiKVeeF8USDAfiiEo74gJUl4IIZJXZhI8nxZFBaytylR8g6grqKlEX5t6hbyoqvDKqqOBdQ1PUzrKhqqKNj57o1vW2vajrOnRM0-vNE2+tJLSBiAa2+eNkZdjGvBxvtc2HRmWY0udG1HRIxbnX4SioNuIhlZU7laZ5cWzbhrhCqyp3AE9L3bkguSiM6fhwMVmkWXlaWzUgCCbV2hTRi9sHnSjXYxejghIFjFg49WtYLo4l5NkjP6gH4JlfQjv0-qcWamTApzpOdbZyoOYjzeddVAQiSDHrYAN3kagWSQAom8UHMYRoEAJqUQAcjLADqVEKW2TR2nhGCiHZnWI7r-a80OHjcxbHb87Dz2qEIGC3Zds4gPOOEjWb8VlEoyI8ybUMqNi0s+1mMB7lWNZ1pTUDUx0Ed7jzdtuNbZu9P0YigCAxI7uSZv8H4nCYINxd7uemB+NxNgHH4jgOkgYgwCqzg2O0ZRQEAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_89ceea329a99e3935afd4105c6694d4b.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
b2e968d2e76e3cc0c7ce3c54f63ac9d9e345539b0591041b153357f36284315b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 17:08:41 GMT
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
26
content-type
text/javascript;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
0
ibs:dpid=420&dpuuid=6328a219248f7a83
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://su.addthis.com/red/usync?pid=16&puid=66373113506026136401086284029216043361&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D420%26dpuuid%3D%7B%7Buid%7D%7D
  • https://dpm.demdex.net/ibs:dpid=420&dpuuid=6328a219248f7a83
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=420&dpuuid=6328a219248f7a83
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0bfe8d411.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
5JVf5nrXQYQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=420&dpuuid=6328a219248f7a83
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
ads
pubads.g.doubleclick.net/gampad/ Frame 7EFB 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x360%7C480x70&iu=%2F3379%2Fconde.wired%2Frail-player%2Fsecurity%2Farticle&ciu_szs=1x1&gdfp_req=1&env=vp&output=xml_vmap1&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_death_injury%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Dmt_article_two_column%26content_type%3Darticle%26ctx_page_channel%3Dsecurity%26ctx_page_sub_channel%3Dnational-security%26sub_sub_channel%3D%26env_server%3Dproduction%26ctx_cns_version%3D6.62.7%26ctx_page_slug%3Duber-hack-mfa-phishing%26cnt_copilotid%3D632496798990652479ff3877%26cnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%26fastly_geo%3Dca%26pageview_id%3D8404177878%26usr_bkt_eva%3D36%26usr_bkt_ses%3D35%26usr_bkt_pv%3D57%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26usr_segments%3Dco.w2238%26cn_metrics%3Dcmr_high%26vnd_prx_segments%3D121100%252C131100%252C131127%252C230004%252C230017%252C230103%252C230133%252C230163%252C230016%252C603525%252C300003%252C210001%252C240000%252C240002%252C240003%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240015%252C240018%252C240019%252Cmiovit%252Czlqtg4%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_entities%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_keywords%3Duber%252Chacker%252Cauthentication%252Cattacker%252Cbreach%252Csystem%252Cnotification%252Caccess%252Czatko%252Ccybersecurity%252Cattack%252Chack_devastation%252Cresearcher%252Csecurity_engineer%252Cservice%252Ctwitter%252Cthursday_evening%252Ccompany%252Cthe_new_york_times%252Ccedric_owens%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D7019f732-25e0-4a38-bce5-b53f5c128960%26ctx_line_items%3D%26timeout%3D500%26height%3D208%26muted%3D1%26right_rail%3D1%26sensitive%3D0%26series%3D5fb2bd3b38d0691c16e0f5de%26width%3D370%26feature_flags%3Dsticky-player-rail&correlator=1443693347263306&description_url=https%3A%2F%2Fwww.wired.com%2Fvideo%2Fwatch%2Fexpert-debunks-cybersecurity-myths&vid=5f2178a1bcdfff5e2a4786ac&cmsid=1495&ppid=7019f73225e04a38bce5b53f5c128960&sdkv=h.3.531.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2193636566&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.531.0&sid=72A8FA56-4868-4B21-AA84-1DAA61BA9854&nel=0&eid=44748969%2C44754420%2C44760950%2C44765701%2C44770824&ref=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&dlt=1663607318413&idt=1746&dt=1663607321422&cookie=ID%3D29223b196227471a%3AT%3D1663607318%3AS%3DALNI_Mb-H0CrkXv1zp2kwalB3U9Yg4whDg&cookie_enabled=1&scor=360786624413603&ged=ve4_td3_tt1_pd3_la3000_er1430.1067.1583.1367_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.531.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
440ed7dcab5bbb83186176e96fef8405973affd427cb867bde3868a23e0493ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1910
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame 346B 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:41 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
J6ZXBWRKXTPC7FAQNMF1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 346B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&gdpr=0&gdpr_consent=&expires=30
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=83a7adcd-79ab-42ed-8a9b-605fed9b02b2&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 346B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/IQuvQXc5wGaVZW7MRLrC6A?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3928989494876636508
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3928989494876636508
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Content-Type
image/gif

Redirect headers

date
Mon, 19 Sep 2022 17:08:41 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3928989494876636508
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
setuid
px.ads.linkedin.com/ Frame 346B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L890UEAB-I-J01J&us_privacy=1---
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L890UEAB-I-J01J&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:40 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: B796C9D1CC024933B12D20CFFEE3ACCA Ref B: YTO01EDGE0714 Ref C: 2022-09-19T17:08:41Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXpCsN0CXuV0G+ASRcHmg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L890UEAB-I-J01J&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 346B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5MFVFQUItSS1KMDFK&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5MFVFQUItSS1KMDFK&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5MFVFQUItSS1KMDFK&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 346B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGhB1onajtgy-l7I_d1VHg8&google_cver=1
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGhB1onajtgy-l7I_d1VHg8&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
636a4452fa95aad32992c06634d4089f
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGhB1onajtgy-l7I_d1VHg8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 346B
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=Xv0OUbAxRti3HEIZPika4w&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Xv0OUbAxRti3HEIZPika4w
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Xv0OUbAxRti3HEIZPika4w
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:41 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
B987T1ZWR51XFBRF6W1H
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=Xv0OUbAxRti3HEIZPika4w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 346B
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWMyOGEyNjVjMTcxMzkzN2YzM2U4ZTcwMzRkMjIyMDQzNDliZmQwNQ&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWMyOGEyNjVjMTcxMzkzN2YzM2U4ZTcwMzRkMjIyMDQzNDliZmQwNQ&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWMyOGEyNjVjMTcxMzkzN2YzM2U4ZTcwMzRkMjIyMDQzNDliZmQwNQ&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
4fcda2cf3122d8d52bcad9e162171a6b.js
s0.2mdn.net/sadbundle/15895870535127717286/ Frame 735C 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15895870535127717286/4fcda2cf3122d8d52bcad9e162171a6b.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15895870535127717286/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46d18dad9b9bc26a5edbb508136e75230c9b470f68fc0f751f190ac88728dea7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15895870535127717286/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:50:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26279
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19246
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 18:09:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Sep 2023 09:50:42 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/ Frame CFB0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220914/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1409823.2185900AMNETCANADA/B28483467.345814581;dc_ver=90.266;sz=728x90;u_sd=1;gdpr=0;dc_adk=3366117014;ord=x2q7k7;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D409c46f6-37dc-4d23-ad55-54266494c593%26ag%3D9qnntyn%26sfe%3D15602217%26sig%3DmmItmTVXtXElnRNIPf4_io-vNhEUajKxzYR-6wq56qY.%26crid%3Dq25m52xq%26cf%3D3834341%26fq%3D0%26t%3D1%26td_s%3Dwww.wired.com%26rcats%3D7sp%26mste%3D%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D37%26agsa%3D%26wp%3DAE954E1F176BE2E0%26rgz%3DH3A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D17814%26rlangs%3Den%26mlang%3Den%26did%3D%26rcxt%3DOther%26tmpc%3D10.629999999999995%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESBlF1ZWJlYxoAIghNb250cmVhbDgBUAuAAQCIAQGQAQGwAQC6AQYI7roHGAzAAfb0BtAB9vQG%26dur%3DCjYKHWNoYXJnZS1hbGxJbnRlZ3JhbEJyYW5kU2FmZXR5IhUI-f__________ARIIaW50ZWdyYWwKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkQKKWNoYXJnZS1hbGxEaXNwbGF5Vmlld2FiaWxpdHlCaWRBZGp1c3RtZW50IhcImv__________ARIKcS1hbGxpYW5jZQpICiFjaGFyZ2UtYWxsTW9hdFZpZXdhYmlsaXR5VHJhY2tpbmciIwil__________8BEg5tb2F0LXJlcG9ydGluZyoGCMCEPRgM%26durs%3DV35sWu%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F3379%2Fconde.wired%2Fhero%2Fsecurity%2Farticle%2F1%26pcm%3D1%26ict%3DUnknown%26said%3De01438c899c4e185ab48afba271d3516c7b4fea5%26auct%3D1%26cxlvs%3D0%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F$0;xdt=1;crlt=DjtbY)mk0X;gcsr=m;stc=1;chaa=1;sttr=134;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:06:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 17:06:57 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CFB0 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcQskWWJ7YxIFSqvDGHXsADJi1Vz05ucddBE5BGP6xN80kVBAXl-up0RFLhH_HkryiAcvhG4dwyvurkONJQ_iaK74UlrGf6la2kRmRATn13CmN31iKcWMX7wv15Wd53GEl0p96-dgdiWpeoDzH4Xs8mOTkZw&sig=Cg0ArKJSzCul0a9rzixhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=1&cisv=r20220914.96661&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1409823.2185900AMNETCANADA/B28483467.345814581;dc_ver=90.266;sz=728x90;u_sd=1;gdpr=0;dc_adk=3366117014;ord=x2q7k7;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D409c46f6-37dc-4d23-ad55-54266494c593%26ag%3D9qnntyn%26sfe%3D15602217%26sig%3DmmItmTVXtXElnRNIPf4_io-vNhEUajKxzYR-6wq56qY.%26crid%3Dq25m52xq%26cf%3D3834341%26fq%3D0%26t%3D1%26td_s%3Dwww.wired.com%26rcats%3D7sp%26mste%3D%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D37%26agsa%3D%26wp%3DAE954E1F176BE2E0%26rgz%3DH3A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D17814%26rlangs%3Den%26mlang%3Den%26did%3D%26rcxt%3DOther%26tmpc%3D10.629999999999995%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESBlF1ZWJlYxoAIghNb250cmVhbDgBUAuAAQCIAQGQAQGwAQC6AQYI7roHGAzAAfb0BtAB9vQG%26dur%3DCjYKHWNoYXJnZS1hbGxJbnRlZ3JhbEJyYW5kU2FmZXR5IhUI-f__________ARIIaW50ZWdyYWwKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkQKKWNoYXJnZS1hbGxEaXNwbGF5Vmlld2FiaWxpdHlCaWRBZGp1c3RtZW50IhcImv__________ARIKcS1hbGxpYW5jZQpICiFjaGFyZ2UtYWxsTW9hdFZpZXdhYmlsaXR5VHJhY2tpbmciIwil__________8BEg5tb2F0LXJlcG9ydGluZyoGCMCEPRgM%26durs%3DV35sWu%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F3379%2Fconde.wired%2Fhero%2Fsecurity%2Farticle%2F1%26pcm%3D1%26ict%3DUnknown%26said%3De01438c899c4e185ab48afba271d3516c7b4fea5%26auct%3D1%26cxlvs%3D0%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F$0;xdt=1;crlt=DjtbY)mk0X;gcsr=m;stc=1;chaa=1;sttr=134;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dvtp_src.js
cdn.doubleverify.com/ Frame CFB0 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=20944142&cmp=28483467&sid=6612625&plc=345814581&num=&adid=&advid=10576222&adsrv=1&btreg=537313065&btadsrv=doubleclick&crt=178302933&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1409823.2185900AMNETCANADA/B28483467.345814581;dc_ver=90.266;sz=728x90;u_sd=1;gdpr=0;dc_adk=3366117014;ord=x2q7k7;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D409c46f6-37dc-4d23-ad55-54266494c593%26ag%3D9qnntyn%26sfe%3D15602217%26sig%3DmmItmTVXtXElnRNIPf4_io-vNhEUajKxzYR-6wq56qY.%26crid%3Dq25m52xq%26cf%3D3834341%26fq%3D0%26t%3D1%26td_s%3Dwww.wired.com%26rcats%3D7sp%26mste%3D%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D37%26agsa%3D%26wp%3DAE954E1F176BE2E0%26rgz%3DH3A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D17814%26rlangs%3Den%26mlang%3Den%26did%3D%26rcxt%3DOther%26tmpc%3D10.629999999999995%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESBlF1ZWJlYxoAIghNb250cmVhbDgBUAuAAQCIAQGQAQGwAQC6AQYI7roHGAzAAfb0BtAB9vQG%26dur%3DCjYKHWNoYXJnZS1hbGxJbnRlZ3JhbEJyYW5kU2FmZXR5IhUI-f__________ARIIaW50ZWdyYWwKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkQKKWNoYXJnZS1hbGxEaXNwbGF5Vmlld2FiaWxpdHlCaWRBZGp1c3RtZW50IhcImv__________ARIKcS1hbGxpYW5jZQpICiFjaGFyZ2UtYWxsTW9hdFZpZXdhYmlsaXR5VHJhY2tpbmciIwil__________8BEg5tb2F0LXJlcG9ydGluZyoGCMCEPRgM%26durs%3DV35sWu%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F3379%2Fconde.wired%2Fhero%2Fsecurity%2Farticle%2F1%26pcm%3D1%26ict%3DUnknown%26said%3De01438c899c4e185ab48afba271d3516c7b4fea5%26auct%3D1%26cxlvs%3D0%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F$0;xdt=1;crlt=DjtbY)mk0X;gcsr=m;stc=1;chaa=1;sttr=134;prcl=s
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 15:59:20 GMT
Server
Microsoft-IIS/10.0
ETag
"0fc3bc740ccd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3314
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CFB0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1409823.2185900AMNETCANADA/B28483467.345814581;dc_ver=90.266;sz=728x90;u_sd=1;gdpr=0;dc_adk=3366117014;ord=x2q7k7;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D409c46f6-37dc-4d23-ad55-54266494c593%26ag%3D9qnntyn%26sfe%3D15602217%26sig%3DmmItmTVXtXElnRNIPf4_io-vNhEUajKxzYR-6wq56qY.%26crid%3Dq25m52xq%26cf%3D3834341%26fq%3D0%26t%3D1%26td_s%3Dwww.wired.com%26rcats%3D7sp%26mste%3D%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D37%26agsa%3D%26wp%3DAE954E1F176BE2E0%26rgz%3DH3A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D17814%26rlangs%3Den%26mlang%3Den%26did%3D%26rcxt%3DOther%26tmpc%3D10.629999999999995%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESBlF1ZWJlYxoAIghNb250cmVhbDgBUAuAAQCIAQGQAQGwAQC6AQYI7roHGAzAAfb0BtAB9vQG%26dur%3DCjYKHWNoYXJnZS1hbGxJbnRlZ3JhbEJyYW5kU2FmZXR5IhUI-f__________ARIIaW50ZWdyYWwKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkQKKWNoYXJnZS1hbGxEaXNwbGF5Vmlld2FiaWxpdHlCaWRBZGp1c3RtZW50IhcImv__________ARIKcS1hbGxpYW5jZQpICiFjaGFyZ2UtYWxsTW9hdFZpZXdhYmlsaXR5VHJhY2tpbmciIwil__________8BEg5tb2F0LXJlcG9ydGluZyoGCMCEPRgM%26durs%3DV35sWu%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F3379%2Fconde.wired%2Fhero%2Fsecurity%2Farticle%2F1%26pcm%3D1%26ict%3DUnknown%26said%3De01438c899c4e185ab48afba271d3516c7b4fea5%26auct%3D1%26cxlvs%3D0%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F$0;xdt=1;crlt=DjtbY)mk0X;gcsr=m;stc=1;chaa=1;sttr=134;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25420
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Sep 2023 10:05:01 GMT
15026752304348498527
s0.2mdn.net/simgad/ Frame CFB0 		87 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15026752304348498527
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ace6bf492560c2e8bf9a3b1a8a4a583eb4fdd1b1bfa1033cd90321e94b03763f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 14:25:12 GMT
x-content-type-options
nosniff
age
528209
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88595
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 14:53:22 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 14:25:12 GMT
SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
pagead2.googlesyndication.com/bg/ Frame 3EBD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15932
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:19:37 GMT
dvbs_src_internal109.js
cdn.doubleverify.com/ Frame CFB0 		59 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal109.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=20944142&cmp=28483467&plc=345814581&sid=6612625&dvregion=0&unit=728x90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Aug 2022 13:20:14 GMT
Server
Microsoft-IIS/10.0
ETag
"03bb312aabbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19455
ibs:dpid=477&dpuuid=2c9ba033b4b15fddbd056c55cf92b96a4a8ad990f85da4384509f1895da8f55eb0da87c991749652
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=66373113506026136401086284029216043361
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=2c9ba033b4b15fddbd056c55cf92b96a4a8ad990f85da4384509f1895da8f55eb0da87c991749652
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=2c9ba033b4b15fddbd056c55cf92b96a4a8ad990f85da4384509f1895da8f55eb0da87c991749652
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-096e8ce47.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
fenhdBEeT6E=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Mon, 19 Sep 2022 17:08:41 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=2c9ba033b4b15fddbd056c55cf92b96a4a8ad990f85da4384509f1895da8f55eb0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame E4F7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEHYkllaMd-c-n94EzHjxnss&google_cver=1&google_push=AZmPxg-rTqtr-EA_TANVQIsEqUp6rlWrZZpam3IagFyE0HEgGt36GuyaSJZHMUdjzTq-XAO53jyXBGlcQN9m23aS...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=VzBjKKIZQgCnbwsiEVT3IQ&google_push=AZmPxg-rTqtr-EA_TANVQIsEqUp6rlWrZZpam3IagFyE0HEgGt36GuyaSJZHMUdjzTq-XAO53jyXBGlcQN9m23aSAytTRZ6a...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=VzBjKKIZQgCnbwsiEVT3IQ&google_push=AZmPxg-rTqtr-EA_TANVQIsEqUp6rlWrZZpam3IagFyE0HEgGt36GuyaSJZHMUdjzTq-XAO53jyXBGlcQN9m23aSAytTRZ6aLvWEwDVQZ6V644JV2cwBYFhHJLcSy6mPLFuQ_vcZIQKls3i2kKfBJlwzzw
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Mon, 19 Sep 2022 17:08:41 GMT
Server
MT3 4505 5b23575 master iad-pixel-x22 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=VzBjKKIZQgCnbwsiEVT3IQ&google_push=AZmPxg-rTqtr-EA_TANVQIsEqUp6rlWrZZpam3IagFyE0HEgGt36GuyaSJZHMUdjzTq-XAO53jyXBGlcQN9m23aSAytTRZ6aLvWEwDVQZ6V644JV2cwBYFhHJLcSy6mPLFuQ_vcZIQKls3i2kKfBJlwzzw
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 17:08:40 GMT
pixel
cm.g.doubleclick.net/ Frame E4F7
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEOytGbptA7X3ySa_5qvBKiI&google_cver=1&google_push=AZmPxg8RfQb3zugxHbNn9Rp8fMK5MgRjqFFlj3mZxlIkvHLXwkqDpmShg1xXVn4ROUW1pba6mZ-dp858EXha6kiBqtT2HYGoe-XYTNAf...
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzRBMEI5NjJCNTIwOEZFRg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzRBMEI5NjJCNTIwOEZFRg==
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=QzRBMEI5NjJCNTIwOEZFRg==
date
Mon, 19 Sep 2022 17:08:41 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame E4F7
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEBEZ4iEIRxJe1yGKCS7PpPs&c_param1=AZmPxg_rnEDHn1TU4tpZyIN9PVHHj8_LHtmZoyHnf1yGOIkbwhzFCpConVYegU5-xXmcJZgdB_T6UuDgivXtUxxLvBOXoedXnKz_iC0Ffkr53ivQ3mf...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg_rnEDHn1TU4tpZyIN9PVHHj8_LHtmZoyHnf1yGOIkbwhzFCpConVYegU5-xXmcJZgdB_T6UuDgivXtUxxLvBOXoedXnKz_iC0Ffkr53ivQ3mfTBii0Pf0v5V6Lg6kZc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg_rnEDHn1TU4tpZyIN9PVHHj8_LHtmZoyHnf1yGOIkbwhzFCpConVYegU5-xXmcJZgdB_T6UuDgivXtUxxLvBOXoedXnKz_iC0Ffkr53ivQ3mfTBii0Pf0v5V6Lg6kZcT_rVgE6ay87Zfu3W08yXA
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg_rnEDHn1TU4tpZyIN9PVHHj8_LHtmZoyHnf1yGOIkbwhzFCpConVYegU5-xXmcJZgdB_T6UuDgivXtUxxLvBOXoedXnKz_iC0Ffkr53ivQ3mfTBii0Pf0v5V6Lg6kZcT_rVgE6ay87Zfu3W08yXA
date
Mon, 19 Sep 2022 17:08:41 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame E4F7
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEGDIXdVW9W2_BF3JkdG_VMM&google_cver=1&google_push=AZmPxg9dmox_VxwWe5atoAAlaklVlciWItJEwXPBt3hNx8kp-egWfno4_MS0GjSIWqSmRVek1cQek4b0pK0AF...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEGDIXdVW9W2_BF3JkdG_VMM&google_push=AZmPxg9dmox_VxwWe5atoAAlaklVlciWItJEwXPBt3hNx8kp-egWfno4_MS0GjSIWqSmRVek1cQek4b0pK0AF...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9dmox_VxwWe5atoAAlaklVlciWItJEwXPBt3hNx8kp-egWfno4_MS0GjSIWqSmRVek1cQek4b0pK0AFtpPtz1qQCmsQyPJiDV8eWXaTOLdARCQ-NWK4icckHXbikH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9dmox_VxwWe5atoAAlaklVlciWItJEwXPBt3hNx8kp-egWfno4_MS0GjSIWqSmRVek1cQek4b0pK0AFtpPtz1qQCmsQyPJiDV8eWXaTOLdARCQ-NWK4icckHXbikHrJ21uBYWYnqBm7Ry773xuflg&google_hm=dUprUXVWbmFZanAzSFFQd2hIeVU=
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:41 GMT
P3p
CP="We do not support P3P header."
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9dmox_VxwWe5atoAAlaklVlciWItJEwXPBt3hNx8kp-egWfno4_MS0GjSIWqSmRVek1cQek4b0pK0AFtpPtz1qQCmsQyPJiDV8eWXaTOLdARCQ-NWK4icckHXbikHrJ21uBYWYnqBm7Ry773xuflg&google_hm=dUprUXVWbmFZanAzSFFQd2hIeVU=
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
291
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E4F7
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAZmPxg8sy3q4Kck8VJ6q9-FqqsD4lz8LE1mK4dAb-LNSf1q-mQuMbZlKvN8A7TgpTXJko3xDs1wLUL8RMs...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AZmPxg8sy3q4Kck8VJ6q9-FqqsD4lz8LE1mK4dAb-LNSf1q-mQuMbZlKvN8A7TgpTXJko3xDs1wLUL8RMsOG5wDTIfaCEP1grmR87TTdcULaB6D3wXhGf1Ntox51Ve3B2b-9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AZmPxg8sy3q4Kck8VJ6q9-FqqsD4lz8LE1mK4dAb-LNSf1q-mQuMbZlKvN8A7TgpTXJko3xDs1wLUL8RMsOG5wDTIfaCEP1grmR87TTdcULaB6D3wXhGf1Ntox51Ve3B2b-9q6moXVPT2QVQ8J4xx4MoIKA&google_hm=c7f8bd10-634b-45d5-8363-86dc55b45c70
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:41 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-114
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://cm.g.doubleclick.net/pixel?google_nid=sonobi&google_push=AZmPxg8sy3q4Kck8VJ6q9-FqqsD4lz8LE1mK4dAb-LNSf1q-mQuMbZlKvN8A7TgpTXJko3xDs1wLUL8RMsOG5wDTIfaCEP1grmR87TTdcULaB6D3wXhGf1Ntox51Ve3B2b-9q6moXVPT2QVQ8J4xx4MoIKA&google_hm=c7f8bd10-634b-45d5-8363-86dc55b45c70
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E4F7
Redirect Chain
  • https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEDpyZ7nBRmUDLlgYuFQ2fbE&google_cver=1&google_push=AZmPxg_VnqFEz0leAOJgQ0HpzHvibUVdOQ_2C_XgJsCHM-kbZ6CBy9BHMNmFlzQbdagj-ugDZD0A0ePpj4SXyz2JE7Klhgu...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AZmPxg_VnqFEz0leAOJgQ0HpzHvibUVdOQ_2C_XgJsCHM-kbZ6CBy9BHMNmFlzQbdagj-ugDZD0A0ePpj4SXyz2JE7Klhgu6NEOkmTny9zrJc8q7pGr5B0T_AH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AZmPxg_VnqFEz0leAOJgQ0HpzHvibUVdOQ_2C_XgJsCHM-kbZ6CBy9BHMNmFlzQbdagj-ugDZD0A0ePpj4SXyz2JE7Klhgu6NEOkmTny9zrJc8q7pGr5B0T_AHyLKx_qcU1G2mafPRhtlJvo-glRwlG0e9Dy&google_hm=NjA0MzUzMTY2NzgwNjM1NDAwOA==
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AZmPxg_VnqFEz0leAOJgQ0HpzHvibUVdOQ_2C_XgJsCHM-kbZ6CBy9BHMNmFlzQbdagj-ugDZD0A0ePpj4SXyz2JE7Klhgu6NEOkmTny9zrJc8q7pGr5B0T_AHyLKx_qcU1G2mafPRhtlJvo-glRwlG0e9Dy&google_hm=NjA0MzUzMTY2NzgwNjM1NDAwOA==
Date
Mon, 19 Sep 2022 17:08:41 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
onetag-sys.com/match/ Frame E4F7
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENXU9J5gFusZram82gtRVvg&google_cver=1&google_push=AZmPxg_d0Iy0eVmHTVRDPngZjOrX21ULPSGVI3pUwyMD2cMoxyHv_vc44zD8bQeDLcyCv0nquePyhP-j66Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_d0Iy0eVmHTVRDPngZjOrX21ULPSGVI3pUwyMD2cMoxyHv_vc44zD8bQeDLcyCv0nquePyhP-j66YHt7gEXkGwj2UP7cipcAEdt67IJcm956Mek02F...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Server
51.222.39.186 , Canada, ASN16276 (OVH, FR),
Reverse DNS
ip186.ip-51-222-39.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame E4F7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JVXbnnmRYwEQPwly6DrEdVNXeX1GI2YB657vVWCnFtCAmcj2PncZVAe2oP_5GQoK3alMknTwk
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
visit
events.bouncex.net/track.gif/ 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLppJhl6SQBOJklqejYAZRQAMxQkECd6V3dVADJQCBgkBFrkXqQcTvAoaAo+HjRTdARYJFIcNMhIU2EKuWMaejptugEDxgEQXt5GeOy92jBIAiQATyvYG2QAWjSURNes+tfTNPAAMwaCuI260F6YAIpFgkBABEwuhwklUzGYYLGkOhsPhmHuyJ06K6Y3i8FuWWADRAKBsljAOEoLm01BmGAA+pB7qZctR5FtqNQGnD4pYaLzqKEBSheGzibSeXyxfVSIgxSExUKQCKEGzMCgcmrNmKxGlcswAKovJBsHyfCKUACivIAHKxisV1swACIISk3FBwhFsACSnoAUmTqpBNcC2Lc2AAlX0IFCkEOQRCkWpqiUapDCyxs+IBhBoO6PAWKgVVBLzKAV8WS6gfLMze4CVOkWWjeWG-nUZWqyu5gU2AgrbI2BrdiC9ytGgWDhUjlkodudvtK1NDxtK2DkNsd8gzkBz3kLgfb5dNsAzNnJ7D3rJQSDITeLq85m-PZ8rBAyhFugVC8ly-MVSAINAMBlHh30vFVrzFZMkDZCCoP-NlYPnftQOHJteFqUw2SQWkCESODMHHYiU14Bt1QFMAfxfDCECyFAyDZKdEniD5MEwBA02wrcELAhimL-GVWPYrs0GlDBIAoGx1nPHDPzwsVGJsX9X0ktiONknJlKreCd3o6hNO0li9K7SBUEwW87kgODcN3MStOY3TpI5BIgUgAQCGctTXPM8SdKfLywHiEAsHiYDVJE9S3MszyON4FMVUChLgosjzwtS6S6JAoKzNMRpKVfUjEhPM9jJcszozQe9LBybBMtMldSpASl4nuNlTAIUxYCIuVRSEj8srM+JMDyrtNMixorTaxCBSmtkgLW555tPN8xpM5bqHieI72LcI4Ns2B9tuUwpxQka4uE9qmzuNKUNqO4siW0TqF6RrZNfDb3Ikz7EuoWi9WfeIOXQJrWKwJzdqqB1gnNBNgzEABNUQHU4Kovp+8BbIDXE2SPQSVIe-afrZP6dXmMnauKlcqZpjbzEhCAg12uqVxyiSZr6gheGLG4jKKiaVw+JAZSp0m+shOHgd5FwvQxGALgICJooZJkxWATcdeVszamAeGVJRVQPGYFw5GoSQzNAXg+3Ny3rdt9QXEkT3WBXFAAuw72m1IUw4OWVZ1hafkdloK4DgEI4Tn-c5LgqOgbnLJ4rXeO1vl+f5ASmK4vpQUXjAD3XTD17C7ZXR3dtr4LrV2r74hNp3VAt1FXerm8QHrvlXm7sU0HiRuVOoFwzI+-2zN4Xu4OoOR6FdSRnWKZh1EXyR1Hod25Gr4LSFbqv25dm27eV9p4GQWZsGgGxMiEZAcHSTIckvxBUAwW-gGQDnMGRZgBRGBFFKIwco9B37Xy-jACwAY3pICyDgFQ-AhBSHRFfT+cNoBpVALFTk3IcBpTABEK67RSRpxyEgaAHxIoIh-vmf8OB0QYAINAC4sBsAPAuGlZ+xh2gsLYQQDhtl7jcIQHIXhIh+EIFYewzh9xwYIGfigPUvAUDSNYfjBEOAACKwQNEQlLLiRRuiLovHiAYqKnJ8AIlsulAx-V-SkDETgHwcgYiWNsTwOGLiRB8KyILJR6IBC2CAr3HA1BnQVFVuE52ncz7u09tIdoOCtQIHCQvJezAV5rw3kUbeu9JDtFZL6aKxxeDInaIgAAjhdTAsVwnohFNFbAcJDLRiyKYZEJ94m2yXuoMh4Q4YoFMF1X+uIcANTkCk0psVCFVKEUgOZISbDtBvrgDBQA
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1N8jAdPDKhACZMDGA9gLb1CuXqgCe9ZACMIqALTYQ3ANZz+AMxBzg2GIV0A7MPQBkoSLASJuyYQKghUMEFPQRCmYgHYAQtSrmEAD6uGLAEP5klFRUjrgw3G6RVADC-iAcQbCEMK4RMVH+muiE+VTUaTFxCW5BBiD8ZYUxACrY+QAMAKoyqNQdABJKysQAouUAHB3EAJwzJFQdACLQIMIg8bwG-QCSCx0AUra4-QDKuNVG-SL9AErQECDou7il6OrJlbGo8YnB3BsIGBRBIChR-KcIDYnKFPv5FO9QGJ4E90Fk9LkkmDolRiqU4TEpLx8AIpI50Tk8pFwTE8U1Uv4kSj0M9sUUnviCgzacgWUzURTMU0abiOfSvoRQEEHgZcNL+DB8LJqTi6QSqIRpAqlZktjlcMLVWL1eheGBIJkYNs2bTjVyvg9UEFTebOEErSr2SVxf4OOpgEFUK5eCpPTEDMTA48OKDytyNVrFQbMhB+CAYGiySpuIoDAYIKzyiK1fb-JqpNrk-L02iwBlILh0C4FkWjd71eXK27UzWgnXGi3mqL26WYp2k920xmQqgQAZJaITjbh5y4xLEzrq9ODTmrbh4LwwyufWON1We9PCNw4AZuIavauKmWz5PexxHiUjyW18+KxOU1OaIcDWsZDt+T4xMATgOAawYqIKVLLuB8YXGA0puI0spfnaP6QdBShiEEwC8MAyABtkQrYSOuFUNwBhbmi5ZXk4vRUY+8Z0UE+rBEx3AscqSE4RBtHcFKALoDAR64KgyAnlQIjAGSToUYhrYPnJojvk66iiIIgnUcJ7BoXWBpcS+HBsXJMb1Aq3AhOA6GphAWHLqcowpF0tw7C0ACa-QAHKjAA6qc6pGXo0kbDAWxBMyhZgUJ8ZGX2gJBGg8XFolXzJSZPFkVB7g5FslkduZDFEbwHAAsIg6ZQZ8aKKgmTJXFRHsKULlqbaBleEsZjgNAcBIHwvDKHAOQAF4QJgABsACsACM-UWEN1hzlsCRPDg+BEM0dC0Iw8AsGwnA8AIQgiOIki9AowxqJo2i6PoVrGLQJj8JV00dCY8AQFI3EwBwmBUBMVBzSYFHxEDC0zTNpAzR0XikFQC0ACxeAtmPfe+sB3oDwOkHNUwLRMMwdKjhNo3N6OkEtgSWKw0MmKUACOsm3hA+NLYkN74DAA4XPwwCYDDcMI0jKNE14Jg885FzADAUCyEVBiYKhpAmDjCTTRwzO8Ggd6YL9UgmANsqYLYshAA
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
6
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CFB0 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstcQskWWJ7YxIFSqvDGHXsADJi1Vz05ucddBE5BGP6xN80kVBAXl-up0RFLhH_HkryiAcvhG4dwyvurkONJQ_iaK74UlrGf6la2kRmRATn13CmN31iKcWMX7wv15Wd53GEl0p96-dgdiWpeoDzH4Xs8mOTkZw&sig=Cg0ArKJSzCul0a9rzixhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=102&vt=11&dtpt=100&dett=2&cstd=1&cisv=r20220914.96661&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1409823.2185900AMNETCANADA/B28483467.345814581;dc_ver=90.266;sz=728x90;u_sd=1;gdpr=0;dc_adk=3366117014;ord=x2q7k7;click=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3D409c46f6-37dc-4d23-ad55-54266494c593%26ag%3D9qnntyn%26sfe%3D15602217%26sig%3DmmItmTVXtXElnRNIPf4_io-vNhEUajKxzYR-6wq56qY.%26crid%3Dq25m52xq%26cf%3D3834341%26fq%3D0%26t%3D1%26td_s%3Dwww.wired.com%26rcats%3D7sp%26mste%3D%26mfld%3D4%26mssi%3D%26mfsi%3D%26sv%3Drubicon%26uhow%3D37%26agsa%3D%26wp%3DAE954E1F176BE2E0%26rgz%3DH3A%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3D17814%26rlangs%3Den%26mlang%3Den%26did%3D%26rcxt%3DOther%26tmpc%3D10.629999999999995%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DCgZDYW5hZGESBlF1ZWJlYxoAIghNb250cmVhbDgBUAuAAQCIAQGQAQGwAQC6AQYI7roHGAzAAfb0BtAB9vQG%26dur%3DCjYKHWNoYXJnZS1hbGxJbnRlZ3JhbEJyYW5kU2FmZXR5IhUI-f__________ARIIaW50ZWdyYWwKOwodY2hhcmdlLWFsbFRUREN1c3RvbUNvbnRleHR1YWwiGgja__________8BEg10dGRjb250ZXh0dWFsCkQKKWNoYXJnZS1hbGxEaXNwbGF5Vmlld2FiaWxpdHlCaWRBZGp1c3RtZW50IhcImv__________ARIKcS1hbGxpYW5jZQpICiFjaGFyZ2UtYWxsTW9hdFZpZXdhYmlsaXR5VHJhY2tpbmciIwil__________8BEg5tb2F0LXJlcG9ydGluZyoGCMCEPRgM%26durs%3DV35sWu%26crrelr%3D%26npt%3D%26mk%3DGoogle%26mdl%3DChrome%2520-%2520Windows%26ipl%3D%2F3379%2Fconde.wired%2Fhero%2Fsecurity%2Farticle%2F1%26pcm%3D1%26ict%3DUnknown%26said%3De01438c899c4e185ab48afba271d3516c7b4fea5%26auct%3D1%26cxlvs%3D0%26tail%3D1%26r%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F$0;xdt=1;crlt=DjtbY)mk0X;gcsr=m;stc=1;chaa=1;sttr=134;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
verify.js
rtb0.doubleverify.com/ Frame CFB0 		442 B
548 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_538140099082&jsTagObjCallback=__tagObject_callback_538140099082&num=6&ctx=20944142&cmp=28483467&plc=345814581&sid=6612625&advid=&adsrv=&unit=728x90&isdvvid=&uid=538140099082&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&brid=3&brver=105&bridua=3&dup=null&srcurlD=0&ssl=1&refD=1&isbadimp=1&htmlmsging=1&m1=13&noc=4&fcifrms=14&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=157&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH%3AC65%5D4%40%3ETauDE%40CJTauF36C%5C924%3C%5C%3E72%5CA9%3AD9%3A%3F8TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH%3AC65%5D4%40%3ETar9EEADTbpTauTaughdf6fe22a6ffcfgf%60h6_geb5_55bhbb%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=5.90&callbackName=__verify_callback_538140099082
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
f01833b3abb140ecab128a6f20686851f542253cb599d258c5e902c4e3ac4487

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:41 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
X-DV-Response
1
Connection
close
Expires
09/18/2022 17:08:41
user_uploaded_metrichpe_701_normal.ttf
s0.2mdn.net/sadbundle/15895870535127717286/fonts/ Frame 735C 		60 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15895870535127717286/fonts/user_uploaded_metrichpe_701_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15895870535127717286/4fcda2cf3122d8d52bcad9e162171a6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e88f4c0915dc02c509e93e39a70d9cd6ac80e9adb85fc1184f73f39d577ec533
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15895870535127717286/index.html
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:50:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26279
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26441
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 18:09:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Sep 2023 09:50:42 GMT
dv-measurements3094.js
cdn.doubleverify.com/ Frame 5FC5 		545 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3094.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:1400:d:598::4469 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:41 GMT
Content-Encoding
gzip
Last-Modified
Sun, 18 Sep 2022 19:04:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0cf338991cbd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
106974
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 020E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
3208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 16:15:13 GMT
expires
Tue, 19 Sep 2023 16:15:13 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ibs:dpid=358&dpuuid=8264677328858952876
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=8264677328858952876
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8264677328858952876
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-0dcabe0a4.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
54W4bKSBRxQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:41 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
52f22f3e-2495-4dcf-873c-b5807c0584ca
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8264677328858952876
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 857A 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstOJZHf5bvFCemJMtCA5rlYqUk28r6w1rYg6ODmQnGuLzMfxlUctO2dzr98gGH-cS_FAsE7yOBtvCODzMhrbzC2a5NJZyb5ekCK5o2RwUC_jCu2z0y-eKVhgkhNY9ylNixRryAzYWLzRmq085oG7LYLTizj9aGf&sai=AMfl-YQpKSUQ1drkqkpjlXfPHXsxdr3Mc_Vk5n6IzniBNH09Ce7uXmhs9ssuLSy3Cat5oImWxWJk8HWPGTQE5-9K0Vka0r5XnKwwdEOZdSNbtzr-i9-movqhLlvWn39yg6gmjtO6fS2xpDVUPijHlac&sig=Cg0ArKJSzDhNP4xIHbV3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=708&vt=11&dtpt=483&dett=3&cstd=222&cisv=r20220914.99249&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.65.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s72-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:41 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=conde.wired&zMoatAdUnit2=hero&zMoatAdUnit3=security&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oeOd4UyJc8Q0YElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-QQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=436&gp=36.45112609863281&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=4&f=0&j=&t=1663607316787&de=470420900414&rx=430755292090&cu=1663607316787&m=4937&ar=5aeef158bee-clean&iw=f9dac89&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=36.45112609863281&lb=5988&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A158%3A158%3A0%3A279&as=0&ag=329&an=0&gf=110&gg=0&ix=110&ic=110&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=329&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1015&cd=163&ah=1015&am=163&xd=00&rf=0&re=1&ft=329&fv=0&fw=329&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.wired&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=200157&na=495877745&cs=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:41 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:41 GMT
visit.js
tps.doubleverify.com/ Frame 5FC5 		724 B
720 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=107&ttfrms=36&brid=3&brver=105.0.5195.125&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5DH%3AC65%5D4%40%3ETauDE%40CJTauF36C%5C924%3C%5C%3E72%5CA9%3AD9%3A%3F8TauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5DH%3AC65%5D4%40%3ETar9EEADTbpTauTaughdf6fe22a6ffcfgf%60h6_geb5_55bhbb%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&dfs=1708&ddur=22&uid=1663607321811351&jsCallback=dvCallback_1663607321811214&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F105.0.5195.125%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=3094&tgjsver=3094&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=14&brh=2&sdf=2&dvp_epl=264&noc=4&nav_pltfrm=Win32&ctx=20944142&cmp=28483467&sid=6612625&plc=345814581&crt=178302933&btreg=537313065&btadsrv=doubleclick&adsrv=1&advid=10576222&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=7227057520.644351&dvp_tukv=11411190.03079319&dvp_uuid=191139059.26371467&dvp_tuid=934630241400
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
9619b33f52384d90e2e2a03c14b32b3f9122db2c3f60ab8169523ae6b197ce53

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:42 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Connection
close
Expires
09/18/2022 17:08:42
365868.gif
idsync.rlcdn.com/ Frame 919A 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=66373113506026136401086284029216043361
Requested by
Host: condenast.demdex.net
URL: https://condenast.demdex.net/dest5.html?d_nsid=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:41 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
rid
match.adsrvr.org/track/ 		0
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=3egfyfq&fmt=json
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:08:41 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.wired.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
expires
Tue, 19 Sep 2023 17:08:41 GMT
envelope
api.rlcdn.com/api/identity/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1422
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 17:08:41 GMT
via
1.1 google
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ixmatch.html
js-sec.indexww.com/um/ Frame F1CC 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 17:08:41 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 0E9A 		35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dc77601b1c0820dc3bc352ec0964d390e2402e7947ec16a7ade2306edbeb2080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=155744
content-encoding
gzip
content-length
11727
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 17:08:42 GMT
expires
Wed, 21 Sep 2022 12:24:26 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
checksync.php
contextual.media.net/ Frame 2A98 		35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dc77601b1c0820dc3bc352ec0964d390e2402e7947ec16a7ade2306edbeb2080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=155744
content-encoding
gzip
content-length
11727
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 17:08:42 GMT
expires
Wed, 21 Sep 2022 12:24:26 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
us-u.openx.net/w/1.0/ Frame E94B 		711 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5748e9028bfb5b7153e64e016141027ffedcff1b931063d0146d647d84359eff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
449
content-type
text/html
date
Mon, 19 Sep 2022 17:08:41 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
usync.html
eus.rubiconproject.com/ Frame 7F58 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 17:08:41 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame 974F 		711 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
5748e9028bfb5b7153e64e016141027ffedcff1b931063d0146d647d84359eff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
449
content-type
text/html
date
Mon, 19 Sep 2022 17:08:41 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 530A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.64.61.6 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-6.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 17:08:41 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
pagead2.googlesyndication.com/bg/ Frame 020E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:19:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424151
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15952
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:19:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3EBD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BtVLSGKIoY4LXE5WXoPMPzZic-AsAAAAAOAHgBAI&bg=!MTKlMnbNAAZqQh0mSkI7ACkAdvg8Ws9xLU_gkxM0kJbqOrejQUimEzQFWCDTwYgvJdT_jtZUp2IclQIAAAEcUgAAAANoAQcKAKucYKKb4Is7cF3HbKamVg8hMHqvUDWRhpuLM4zORPUdCcvwXLDoTHEUAcL6RXT3YFJE5ByiYKyhaLFG5Io53lS9Z8iPob9VXyksk-SCM_644oyc8yayOXAowhdk2IJgMPeow5ztIQNxl3udyldyM-RUrd80UccEWgmE9xwf4Tf17JwcRJGAYcrMQxklBgMI8Q8CzmbHWixp1BO4uSdOfYfVQVsfDVrPOVD01eGZAu0hXiKm5RYvpJ3WbKSW2ueZDBwfY5iqIIDmdEvJ-rLCMG8Jxe7JY-Lzh6NLg4ZQzPFXk-5B7tFqh1ziDT9flzXxlsMl6ags1fJCh6ELej8zQ7lYxtU6ap252CS9T-VqE2aXlxRcweGcn2Uw2p1gs9M5tuFJB4X_JKyWF3FSFuTUR4GhfRrI7F5fNAdYMHqfItxVq7wYmcPhsCPqgmk2qc5bF0le8ZRSi3K3E9zn0NEnJuLLwPfXt0R0G-Thm_TMl7wwwX2P5vWtwhH9WIHtdivtAEmNsJ7CrgIp7ZX5eUzDqAlg_iwIV5KawwXbnLaHyZ_NVBRhLFdJMFe3hPKnegECzhRYvaU1V2rarWHtpDll_3YXAOWcO8Hs9cj-Vf4FoCXE6lF8DTQpGPz_nVHVrpJZD8E7JtU1BCA0beSX_XKn15oSXakgVhU2p03ZXuuih_38TBt5x_merwX-w-LiWGMKnQgn7mSp8Fah4Ibnvu8r2h8K3bEVBnq5LlXqVvCxIe-sJ_3fgRMcOspaioggc8EF-wtBsulzsnhC-v-BwF6nqbMrv5fru2dE_O_4NsQiTJgzLPLFplQpf-wDShLRQX8cyRJsTKHB4MuO2qiJIl7rL6wkXWOCQWNdlumSbyGha_Xs-v1YesSHTkq9DRw0E9OmM9lzq_BoaWnENX-GgKxUtRB6IOlob58wTjlIxS2tFwuqUKjnAhGxb31Jqz_V7-yLbFvMkwZWXS6DTG1Hrd1RPHoA63KhC61hF2W5-rSGXLYGoZ3ybsAYg8weQ-GkQbnYQlG8eKMwhFqIP6cjcg369HatxTQ5RYPrOFLPUwvlcrByRUk3AJF9qPpHzP5jijFZ9fby0c__P1t6dWSGtZyU24oyq-4wkui9eJSHLHWX7ww5azYCsOwBzsXdRc2Vw5f0-GepRKZxELsbtGk8fUbXnZMnZ7uY1RT7Hd5d_F_CJ7pB04xxw-kr2h01-2P01nNS5wu6d_-weBWY7ELwnA
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsevent.gif
rtbc-ue1.doubleverify.com/ Frame CFB0 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-ue1.doubleverify.com/bsevent.gif?flvr=0&impid=e41d1ef92ffe497bb310a080b6bd6176&vfdur=290&cbust=1663607321983170
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal109.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:42 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
09/18/2022 17:08:42
receive
pixel.tapad.com/idsync/ex/ Frame E94B 		95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=7ae2124d-36c4-479e-8d81-0c779aca8db2
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame E94B 		0
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=5258e238-b5a9-4050-9447-55ab3ee5b8d7
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
362358.gif
idsync.rlcdn.com/ Frame E94B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=295a1ed7-a084-4c79-9819-145290dd2d66
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESELzaWNy5fIxqcbzohq6Vd-s&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELzaWNy5fIxqcbzohq6Vd-s&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESELzaWNy5fIxqcbzohq6Vd-s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E94B
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8264677328858952876
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8264677328858952876
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:42 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
cc13e3ba-73bc-4e57-91a0-fd1404d9fe8b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8264677328858952876
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E94B 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=244a1dcc-7169-c1e3-076e-1636c175875e
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:42 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
PWY3JFG7EHR2XBN4GP2J
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame E94B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4601057333822261305&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4601057333822261305&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4601057333822261305&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ibs:dpid=481&dpuuid=L890UEAB-I-J01J
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=6404&puid=66373113506026136401086284029216043361&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=L890UEAB-I-J01J?gdpr=0
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=481&dpuuid=L890UEAB-I-J01J?gdpr=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-090ade4d1.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
79sBnYoXQ48=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=481&dpuuid=L890UEAB-I-J01J?gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usermatch
ssum-sec.casalemedia.com/ Frame 2B33 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd56ae9aba3111a0a9c536bff628958506a08a30399109ca6b4be9a75c629e6

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74d3ecc29ea9f999-YYZ
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 17:08:42 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W70yehUnu6LX6G7wiRnVB4Gl7WOnINAhV6%2Fr%2FSpccTLQOup%2B7k1hZH7Qrwm80Pc5qrBiKhrfYHKvyqZeg4x1CEFj552GrS%2BzeGeuZGHTCC9FXFW8FALW%2FUtcRioFYdrVParVZxigJ26Z7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
receive
pixel.tapad.com/idsync/ex/ Frame 974F 		95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=7ae2124d-36c4-479e-8d81-0c779aca8db2
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame 974F 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=5258e238-b5a9-4050-9447-55ab3ee5b8d7
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame 974F
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=295a1ed7-a084-4c79-9819-145290dd2d66
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=295a1ed7-a084-4c79-9819-145290dd2d66
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=295a1ed7-a084-4c79-9819-145290dd2d66
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 19 Sep 2022 17:08:42 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=295a1ed7-a084-4c79-9819-145290dd2d66
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
sd
us-u.openx.net/w/1.0/ Frame 974F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=8264677328858952876
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8264677328858952876
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:42 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
76e7897c-acf2-4592-8ed8-b6da3efa2861
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=8264677328858952876
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 974F 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=244a1dcc-7169-c1e3-076e-1636c175875e
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:42 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
TPK7JNHJECEBT22F8FF6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 974F
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4601057333822261305&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4601057333822261305&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4601057333822261305&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
n.js
geo.moatads.com/ Frame CFB0 		83 B
255 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geo.moatads.com/n.js?e=35&ol=3900400012&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xkVHrBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-21y3bVjbGrWLAw%3D%3D&sc=1&os=1-rQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRADEDESKV3&hp=1&ra=1&pxm=10&sgs=3&vb=-1&cm=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.wired.com&lp=https%3A%2F%2Fwww.wired.com&t=1663607322020&de=528626899694&m=0&ar=5aeef158bee-clean&iw=dd009cb&q=2&cb=0&ym=0&cu=1663607322020&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=3i8jb8j%3Aif4afpp%3Ax4etwe1%3A9qnntyn&zMoatJS=-&zMoatCachebuster=814314&zMoatCreative=q25m52xq&zMoatDealID=-&zMoatDomain=wired.com&zMoatImpressionId=409c46f6-37dc-4d23-ad55-54266494c593&zMoatPartnerID=3i8jb8j&zMoatSite=www.wired.com&zMoatSubdomain=wired.com&zMoatSupplyVendor=rubicon&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD00MDljNDZmNi0zN2RjLTRkMjMtYWQ1NS01NDI2NjQ5NGM1OTMmY3JpZD1xMjVtNTJ4cSZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE1NjAyMjE3JnB1aWQ9JnBpZD0zaThqYjhqJmFnPTlxbm50eW4mYWR2PWlmNGFmcHAmYnA9MC40MzE2NzA0ODY0MTQ3NTg2NDIzNSZjZj0zODM0MzQxJmZxPTAmdGRfcz13d3cud2lyZWQuY29tJnJjYXRzPTdzcCZtc3RlPSZtZmxkPTQmbXNzaT0mbWZzaT0mdWhvdz0zNyZhZ3NhPSZyZ3o9SDNBJnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPWVuJnN2cGlkPTE3ODE0JmRpZD0mcmN4dD1PdGhlciZsYXQ9NDUuNTIwMDAwJmxvbj0tNzMuNTk5OTk4JnRtcGM9MTAuNjI5OTk5OTk5OTk5OTk1JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ1pEWVc1aFpHRVNCbEYxWldKbFl4b0FJZ2hOYjI1MGNtVmhiRGdCVUF1QUFRQ0lBUUdRQVFHd0FRQzZBUVlJN3JvSEdBekFBZmIwQnRBQjl2UUcmZHVyPUNqWUtIV05vWVhKblpTMWhiR3hKYm5SbFozSmhiRUp5WVc1a1UyRm1aWFI1SWhVSS1mX19fX19fX19fX0FSSUlhVzUwWldkeVlXd0tPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrUUtLV05vWVhKblpTMWhiR3hFYVhOd2JHRjVWbWxsZDJGaWFXeHBkSGxDYVdSQlpHcDFjM1J0Wlc1MEloY0ltdl9fX19fX19fX19BUklLY1MxaGJHeHBZVzVqWlFwSUNpRmphR0Z5WjJVdFlXeHNUVzloZEZacFpYZGhZbWxzYVhSNVZISmhZMnRwYm1jaUl3aWxfX19fX19fX19fOEJFZzV0YjJGMExYSmxjRzl5ZEdsdVp5b0dDTUNFUFJnTSZjcnJlbHI9JmlwbD0vMzM3OS9jb25kZS53aXJlZC9oZXJvL3NlY3VyaXR5L2FydGljbGUvMSZwY209MSZ2Yz0zJnNhaWQ9ZTAxNDM4Yzg5OWM0ZTE4NWFiNDhhZmJhMjcxZDM1MTZjN2I0ZmVhNSZpY3Q9VW5rbm93biZhdWN0PTEmY3hsdnM9MCZpbT0xJm1jPTcwYzUwMDM0LWRkNWItNDdmZi04NmZmLWM0ZDY1N2E0MDA5YSZ0YWlsPTEmc3Y9cnViaWNvbiZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=17814&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=3&bd=www.wired.com&zMoatOrigSlicer1=www.wired.com&zMoatOrigSlicer2=N%2FA&gw=thetradedeskv275874568748&fd=1&it=500&ti=0&ih=2&pe=0%3A1800%3A1800%3A0%3A0&jk=-1&jm=-1&fs=200157&na=1488990330&cs=0&ord=1663607322020&jv=2009923343&callback=DOMlessLLDcallback_86859372
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/thetradedeskv275874568748/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.217.94.233 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-217-94-233.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
602788967141ac2f80826dc8179cf311e7d801adea29320e04ea347cf4525d27

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"1b76644033ecf20f5c7e0fe479c62e17b0f91bad"
content-length
83
content-type
text/html; charset=UTF-8
v2
mb.moatads.com/s/ Frame CFB0 		259 B
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/s/v2?url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pcode=thetradedeskv275874568748&ord=1663607322020&jv=1688556354&callback=BrandSafetyNadoscallback_86859372
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/thetradedeskv275874568748/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.217.94.233 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-217-94-233.us-east-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
d384b7de141117ba65eb5a45d077ce8ddda5c113df38ca54f77b8ad869b81c49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"78adef77a3931189aff11d97743a3873b7729c99"
content-length
259
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame CFB0 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRADEDESKV3&hp=1&ra=1&pxm=10&sgs=3&vb=-1&cm=6&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fwww.wired.com&lp=https%3A%2F%2Fwww.wired.com&t=1663607322020&de=528626899694&m=0&ar=5aeef158bee-clean&iw=dd009cb&q=3&cb=0&ym=0&cu=1663607322020&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=3i8jb8j%3Aif4afpp%3Ax4etwe1%3A9qnntyn&zMoatJS=-&zMoatCachebuster=814314&zMoatCreative=q25m52xq&zMoatDealID=-&zMoatDomain=wired.com&zMoatImpressionId=409c46f6-37dc-4d23-ad55-54266494c593&zMoatPartnerID=3i8jb8j&zMoatSite=www.wired.com&zMoatSubdomain=wired.com&zMoatSupplyVendor=rubicon&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD00MDljNDZmNi0zN2RjLTRkMjMtYWQ1NS01NDI2NjQ5NGM1OTMmY3JpZD1xMjVtNTJ4cSZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE1NjAyMjE3JnB1aWQ9JnBpZD0zaThqYjhqJmFnPTlxbm50eW4mYWR2PWlmNGFmcHAmYnA9MC40MzE2NzA0ODY0MTQ3NTg2NDIzNSZjZj0zODM0MzQxJmZxPTAmdGRfcz13d3cud2lyZWQuY29tJnJjYXRzPTdzcCZtc3RlPSZtZmxkPTQmbXNzaT0mbWZzaT0mdWhvdz0zNyZhZ3NhPSZyZ3o9SDNBJnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPWVuJnN2cGlkPTE3ODE0JmRpZD0mcmN4dD1PdGhlciZsYXQ9NDUuNTIwMDAwJmxvbj0tNzMuNTk5OTk4JnRtcGM9MTAuNjI5OTk5OTk5OTk5OTk1JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ1pEWVc1aFpHRVNCbEYxWldKbFl4b0FJZ2hOYjI1MGNtVmhiRGdCVUF1QUFRQ0lBUUdRQVFHd0FRQzZBUVlJN3JvSEdBekFBZmIwQnRBQjl2UUcmZHVyPUNqWUtIV05vWVhKblpTMWhiR3hKYm5SbFozSmhiRUp5WVc1a1UyRm1aWFI1SWhVSS1mX19fX19fX19fX0FSSUlhVzUwWldkeVlXd0tPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrUUtLV05vWVhKblpTMWhiR3hFYVhOd2JHRjVWbWxsZDJGaWFXeHBkSGxDYVdSQlpHcDFjM1J0Wlc1MEloY0ltdl9fX19fX19fX19BUklLY1MxaGJHeHBZVzVqWlFwSUNpRmphR0Z5WjJVdFlXeHNUVzloZEZacFpYZGhZbWxzYVhSNVZISmhZMnRwYm1jaUl3aWxfX19fX19fX19fOEJFZzV0YjJGMExYSmxjRzl5ZEdsdVp5b0dDTUNFUFJnTSZjcnJlbHI9JmlwbD0vMzM3OS9jb25kZS53aXJlZC9oZXJvL3NlY3VyaXR5L2FydGljbGUvMSZwY209MSZ2Yz0zJnNhaWQ9ZTAxNDM4Yzg5OWM0ZTE4NWFiNDhhZmJhMjcxZDM1MTZjN2I0ZmVhNSZpY3Q9VW5rbm93biZhdWN0PTEmY3hsdnM9MCZpbT0xJm1jPTcwYzUwMDM0LWRkNWItNDdmZi04NmZmLWM0ZDY1N2E0MDA5YSZ0YWlsPTEmc3Y9cnViaWNvbiZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=17814&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=3&bd=www.wired.com&zMoatOrigSlicer1=www.wired.com&zMoatOrigSlicer2=N%2FA&gw=thetradedeskv275874568748&fd=1&it=500&ti=0&ih=2&pe=0%3A1800%3A1800%3A0%3A0&jk=-1&jm=-1&fs=200157&na=238422680&cs=0
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:42 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:42 GMT
/
insight.adsrvr.org/enduser/pie/ Frame CFB0 		807 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/pie/?pie=20&vet=0&rtb=dD0xJmlpZD00MDljNDZmNi0zN2RjLTRkMjMtYWQ1NS01NDI2NjQ5NGM1OTMmY3JpZD1xMjVtNTJ4cSZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE1NjAyMjE3JnB1aWQ9JnBpZD0zaThqYjhqJmFnPTlxbm50eW4mYWR2PWlmNGFmcHAmYnA9MC40MzE2NzA0ODY0MTQ3NTg2NDIzNSZjZj0zODM0MzQxJmZxPTAmdGRfcz13d3cud2lyZWQuY29tJnJjYXRzPTdzcCZtc3RlPSZtZmxkPTQmbXNzaT0mbWZzaT0mdWhvdz0zNyZhZ3NhPSZyZ3o9SDNBJnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPWVuJnN2cGlkPTE3ODE0JmRpZD0mcmN4dD1PdGhlciZsYXQ9NDUuNTIwMDAwJmxvbj0tNzMuNTk5OTk4JnRtcGM9MTAuNjI5OTk5OTk5OTk5OTk1JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ1pEWVc1aFpHRVNCbEYxWldKbFl4b0FJZ2hOYjI1MGNtVmhiRGdCVUF1QUFRQ0lBUUdRQVFHd0FRQzZBUVlJN3JvSEdBekFBZmIwQnRBQjl2UUcmZHVyPUNqWUtIV05vWVhKblpTMWhiR3hKYm5SbFozSmhiRUp5WVc1a1UyRm1aWFI1SWhVSS1mX19fX19fX19fX0FSSUlhVzUwWldkeVlXd0tPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrUUtLV05vWVhKblpTMWhiR3hFYVhOd2JHRjVWbWxsZDJGaWFXeHBkSGxDYVdSQlpHcDFjM1J0Wlc1MEloY0ltdl9fX19fX19fX19BUklLY1MxaGJHeHBZVzVqWlFwSUNpRmphR0Z5WjJVdFlXeHNUVzloZEZacFpYZGhZbWxzYVhSNVZISmhZMnRwYm1jaUl3aWxfX19fX19fX19fOEJFZzV0YjJGMExYSmxjRzl5ZEdsdVp5b0dDTUNFUFJnTSZjcnJlbHI9JmlwbD0vMzM3OS9jb25kZS53aXJlZC9oZXJvL3NlY3VyaXR5L2FydGljbGUvMSZwY209MSZ2Yz0zJnNhaWQ9ZTAxNDM4Yzg5OWM0ZTE4NWFiNDhhZmJhMjcxZDM1MTZjN2I0ZmVhNSZpY3Q9VW5rbm93biZhdWN0PTEmY3hsdnM9MCZpbT0xJm1jPTcwYzUwMDM0LWRkNWItNDdmZi04NmZmLWM0ZDY1N2E0MDA5YSZ0YWlsPTEmc3Y9cnViaWNvbiZ0YWlsPTE.
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
usync.html
eus.rubiconproject.com/ Frame D368 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 17:08:42 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0873 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
3196
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 16:15:26 GMT
etag
48472445140208031
expires
Tue, 20 Sep 2022 16:15:26 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CFB0 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e48c2ae6db28320978f2e18da9486e80cbc4acc7074d2bd09babc2404025e45b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
usync.js
eus.rubiconproject.com/ Frame 7F58 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0c7511f3b050b0c377e16f2f52a3b8282c74e60ff1112a015d34e7088c00783e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74626
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9419
Expires
Tue, 20 Sep 2022 13:52:28 GMT
ibs:dpid=134096&dpuuid=2022091917084200016843476930
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://x.dlx.addthis.com/e/demdex_sync?na_exid=66373113506026136401086284029216043361&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022091917084200016843476930
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022091917084200016843476930
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0f5cc60ff.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
oPK6yi5BRzo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022091917084200016843476930
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Mon, 19 Sep 2022 17:08:42 GMT
usermatch
ssum-sec.casalemedia.com/ Frame FB98 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c31efea9424669769eba9c6204e60ed334a9d178268dbfdea286a40da8c811e

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74d3ecc83c66f999-YYZ
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 17:08:42 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SX8DkqxRivPbLRmchLy6Ia5iVUqllnvyhcUbVNMQ2PxSAusBP%2FfUtqbS%2FwpjwWprlRsd5aRb7UGDOv%2FWsHrl7u1Jq9C%2FVMvpRLFyOHBGORWLh%2BgIBcVwqn7Gb6VsdptL8uV8nb4gK1C2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pixel.gif
px.moatads.com/ Frame CFB0 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=1&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsimgad%2F15026752304348498527&i=TRADEDESKV3&ol=3900400012&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xkVHrBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-21y3bVjbGrWLAw%3D%3D&sc=1&os=1-rQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=3&cm=6&f=1&j=https%3A%2F%2Fwww.wired.com&lp=https%3A%2F%2Fwww.wired.com&t=1663607322020&de=528626899694&cu=1663607322020&m=98&ar=5aeef158bee-clean&iw=dd009cb&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=186&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A1800%3A1800%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=70&cd=0&ah=70&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=3i8jb8j%3Aif4afpp%3Ax4etwe1%3A9qnntyn&bd=www.wired.com&gw=thetradedeskv275874568748&zMoatOrigSlicer1=www.wired.com&zMoatOrigSlicer2=N%2FA&zMoatDomain=wired.com&zMoatSubdomain=wired.com&zMoatJS=3%3A-&zMoatCachebuster=814314&zMoatCreative=q25m52xq&zMoatDealID=-&zMoatImpressionId=409c46f6-37dc-4d23-ad55-54266494c593&zMoatPartnerID=3i8jb8j&zMoatSite=www.wired.com&zMoatSupplyVendor=rubicon&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD00MDljNDZmNi0zN2RjLTRkMjMtYWQ1NS01NDI2NjQ5NGM1OTMmY3JpZD1xMjVtNTJ4cSZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE1NjAyMjE3JnB1aWQ9JnBpZD0zaThqYjhqJmFnPTlxbm50eW4mYWR2PWlmNGFmcHAmYnA9MC40MzE2NzA0ODY0MTQ3NTg2NDIzNSZjZj0zODM0MzQxJmZxPTAmdGRfcz13d3cud2lyZWQuY29tJnJjYXRzPTdzcCZtc3RlPSZtZmxkPTQmbXNzaT0mbWZzaT0mdWhvdz0zNyZhZ3NhPSZyZ3o9SDNBJnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPWVuJnN2cGlkPTE3ODE0JmRpZD0mcmN4dD1PdGhlciZsYXQ9NDUuNTIwMDAwJmxvbj0tNzMuNTk5OTk4JnRtcGM9MTAuNjI5OTk5OTk5OTk5OTk1JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ1pEWVc1aFpHRVNCbEYxWldKbFl4b0FJZ2hOYjI1MGNtVmhiRGdCVUF1QUFRQ0lBUUdRQVFHd0FRQzZBUVlJN3JvSEdBekFBZmIwQnRBQjl2UUcmZHVyPUNqWUtIV05vWVhKblpTMWhiR3hKYm5SbFozSmhiRUp5WVc1a1UyRm1aWFI1SWhVSS1mX19fX19fX19fX0FSSUlhVzUwWldkeVlXd0tPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrUUtLV05vWVhKblpTMWhiR3hFYVhOd2JHRjVWbWxsZDJGaWFXeHBkSGxDYVdSQlpHcDFjM1J0Wlc1MEloY0ltdl9fX19fX19fX19BUklLY1MxaGJHeHBZVzVqWlFwSUNpRmphR0Z5WjJVdFlXeHNUVzloZEZacFpYZGhZbWxzYVhSNVZISmhZMnRwYm1jaUl3aWxfX19fX19fX19fOEJFZzV0YjJGMExYSmxjRzl5ZEdsdVp5b0dDTUNFUFJnTSZjcnJlbHI9JmlwbD0vMzM3OS9jb25kZS53aXJlZC9oZXJvL3NlY3VyaXR5L2FydGljbGUvMSZwY209MSZ2Yz0zJnNhaWQ9ZTAxNDM4Yzg5OWM0ZTE4NWFiNDhhZmJhMjcxZDM1MTZjN2I0ZmVhNSZpY3Q9VW5rbm93biZhdWN0PTEmY3hsdnM9MCZpbT0xJm1jPTcwYzUwMDM0LWRkNWItNDdmZi04NmZmLWM0ZDY1N2E0MDA5YSZ0YWlsPTEmc3Y9cnViaWNvbiZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=17814&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&ti=0&ih=2&jk=-1&jm=1&tc=0&fs=200157&na=1897466509&cs=0
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:42 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:42 GMT
/
insight.adsrvr.org/enduser/moat/ Frame CFB0 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/moat/?e=60&o=dD0xJmlpZD00MDljNDZmNi0zN2RjLTRkMjMtYWQ1NS01NDI2NjQ5NGM1OTMmY3JpZD1xMjVtNTJ4cSZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE1NjAyMjE3JnB1aWQ9JnBpZD0zaThqYjhqJmFnPTlxbm50eW4mYWR2PWlmNGFmcHAmYnA9MC40MzE2NzA0ODY0MTQ3NTg2NDIzNSZjZj0zODM0MzQxJmZxPTAmdGRfcz13d3cud2lyZWQuY29tJnJjYXRzPTdzcCZtc3RlPSZtZmxkPTQmbXNzaT0mbWZzaT0mdWhvdz0zNyZhZ3NhPSZyZ3o9SDNBJnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPWVuJnN2cGlkPTE3ODE0JmRpZD0mcmN4dD1PdGhlciZsYXQ9NDUuNTIwMDAwJmxvbj0tNzMuNTk5OTk4JnRtcGM9MTAuNjI5OTk5OTk5OTk5OTk1JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ1pEWVc1aFpHRVNCbEYxWldKbFl4b0FJZ2hOYjI1MGNtVmhiRGdCVUF1QUFRQ0lBUUdRQVFHd0FRQzZBUVlJN3JvSEdBekFBZmIwQnRBQjl2UUcmZHVyPUNqWUtIV05vWVhKblpTMWhiR3hKYm5SbFozSmhiRUp5WVc1a1UyRm1aWFI1SWhVSS1mX19fX19fX19fX0FSSUlhVzUwWldkeVlXd0tPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrUUtLV05vWVhKblpTMWhiR3hFYVhOd2JHRjVWbWxsZDJGaWFXeHBkSGxDYVdSQlpHcDFjM1J0Wlc1MEloY0ltdl9fX19fX19fX19BUklLY1MxaGJHeHBZVzVqWlFwSUNpRmphR0Z5WjJVdFlXeHNUVzloZEZacFpYZGhZbWxzYVhSNVZISmhZMnRwYm1jaUl3aWxfX19fX19fX19fOEJFZzV0YjJGMExYSmxjRzl5ZEdsdVp5b0dDTUNFUFJnTSZjcnJlbHI9JmlwbD0vMzM3OS9jb25kZS53aXJlZC9oZXJvL3NlY3VyaXR5L2FydGljbGUvMSZwY209MSZ2Yz0zJnNhaWQ9ZTAxNDM4Yzg5OWM0ZTE4NWFiNDhhZmJhMjcxZDM1MTZjN2I0ZmVhNSZpY3Q9VW5rbm93biZhdWN0PTEmY3hsdnM9MCZpbT0xJm1jPTcwYzUwMDM0LWRkNWItNDdmZi04NmZmLWM0ZDY1N2E0MDA5YSZ0YWlsPTEmc3Y9cnViaWNvbiZ0YWlsPTE.
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
pubcid.php
hbx.media.net/ Frame 2A98 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
server
Apache
date
Mon, 19 Sep 2022 17:08:43 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:38:43 GMT
sync
gum.criteo.com/ Frame 2A98 		61 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
757153
strict-transport-security
max-age=31536000; preload;
expires
60
cksync.html
contextual.media.net/ Frame A0EF
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Drkt%26refUrl%3D%26vid%3D360732227030660892214554390...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3066089221455439000V10&type=rkt&refUrl=&vid=36073222703066089221455439000V10&ovsid=6043531667806354008
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3066089221455439000V10&type=rkt&refUrl=&vid=36073222703066089221455439000V10&ovsid=6043531667806354008
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Mon, 19 Sep 2022 17:08:43 GMT
expires
Mon, 19 Sep 2022 17:08:43 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 19 Sep 2022 17:08:42 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3066089221455439000V10&type=rkt&refUrl=&vid=36073222703066089221455439000V10&ovsid=6043531667806354008
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
current
medianet-match.dotomi.com/match/bounce/ Frame 2A98 		1 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Dcon%26refUrl%3D%26vid%3D36073222703066089221455439000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2606:ae80:1451:19::1400 , United States, ASN26762 (CNVR-US-EAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
server
nginx
content-length
1
content-type
application/octet-stream, text/html
cksync.php
contextual.media.net/ Frame 2A98
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Dmma%26refUrl%3D%26vid%3D360732227030660892214554...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066089221455439000V10&type=mma&refUrl=&vid=36073222703066089221455439000V10&ovsid=57306328-a219-4200-a76f-0b221154f721
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3066089221455439000V10&type=mma&refUrl=&vid=36073222703066089221455439000V10&ovsid=57306328-a219-4200-a76f-0b221154f721
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 17:08:42 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:08:42 GMT

Redirect headers

Date
Mon, 19 Sep 2022 17:08:42 GMT
Server
MT3 4505 5b23575 master iad-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3066089221455439000V10&type=mma&refUrl=&vid=36073222703066089221455439000V10&ovsid=57306328-a219-4200-a76f-0b221154f721
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 17:08:41 GMT
cksync
cs.media.net/ Frame 2A98
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA2NjA4OTIyMTQ1NTQzOTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHNE5FQp4YipMQ4tSUx1lto&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHNE5FQp4YipMQ4tSUx1lto&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:42 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Mon, 19 Sep 2022 17:08:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHNE5FQp4YipMQ4tSUx1lto&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 2A98
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Ddxu%26refUrl%3D%26vid%3D36073222703066089221455...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Ddxu%26refUrl%3D%26vid%3D36073222703066089...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066089221455439000V10&type=dxu&refUrl=&vid=36073222703066089221455439000V10&ovsid=AE1KkLAI1OAkga5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3066089221455439000V10&type=dxu&refUrl=&vid=36073222703066089221455439000V10&ovsid=AE1KkLAI1OAkga5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 17:08:43 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:08:43 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:42 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0f64475c22353d055@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3066089221455439000V10&type=dxu&refUrl=&vid=36073222703066089221455439000V10&ovsid=AE1KkLAI1OAkga5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 2A98 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
144942
content-type
image/gif
expires
Mon, 19 Sep 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 2A98
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://pr-bh.ybp.yahoo.com/sync/iponweb?bidswitch_ssp_id=medianet&ssp_user_id=8f868ba3-3e86-4c8d-9823-c5070bf51869&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=74&&user_id=171120296&expires=5&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=8f868ba3-3e86-4c8d-9823-c5070bf51869&gdpr=&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=8f868ba3-3e86-4c8d-9823-c5070bf51869&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 17:08:43 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:08:43 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=8f868ba3-3e86-4c8d-9823-c5070bf51869&gdpr=&gdpr_consent=&gdpr_pd=
Date
Mon, 19 Sep 2022 17:08:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 2A98
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Dzem%26refUrl%3D%26vid%3D36073222703066089221455439...
  • https://stags.bluekai.com/site/23178?id=uJkQuVnaYjp3HQPwhHyU&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLVJJVVC5KWNZQVS2TQGNEFCUDXNBEHS...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=uJkQuVnaYjp3HQPwhHyU&refUrl=&type=zem&vid=36073222703066089221455439000V10&vsid=3066089221455439000V10
45 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=uJkQuVnaYjp3HQPwhHyU&refUrl=&type=zem&vid=36073222703066089221455439000V10&vsid=3066089221455439000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 17:08:43 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:08:43 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:43 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=uJkQuVnaYjp3HQPwhHyU&refUrl=&type=zem&vid=36073222703066089221455439000V10&vsid=3066089221455439000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
dmp.adblade.com/srv/sync/gateway/ Frame 2A98 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:42 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 2A98
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3066089221455439000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3066089221455439000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=9b78092d-b663-417a-852e-52d53def87e6&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=9b78092d-b663-417a-852e-52d53def87e6&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 17:08:43 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:08:43 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=9b78092d-b663-417a-852e-52d53def87e6&cs=1
date
Mon, 19 Sep 2022 17:08:43 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
710489.gif
id.rlcdn.com/ Frame 2A98 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 2A98
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=83a7adcd-79ab-42ed-8a9b-605fed9b02b2
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=83a7adcd-79ab-42ed-8a9b-605fed9b02b2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:43 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Mon, 19 Sep 2022 17:08:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=83a7adcd-79ab-42ed-8a9b-605fed9b02b2
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
sync
ups.analytics.yahoo.com/ups/58222/ Frame 2A98
Redirect Chain
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066089221455439000V10
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066089221455439000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:43 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=15724800; includeSubDomains
Date
Mon, 19 Sep 2022 17:08:42 GMT
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066089221455439000V10
Cache-Control
max-age=0, no-cache, no-store
Connection
close
Expires
Mon, 19 Sep 2022 17:08:42 GMT
pubcid.php
hbx.media.net/ Frame 0E9A 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
server
Apache
date
Mon, 19 Sep 2022 17:08:43 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:38:43 GMT
sync
gum.criteo.com/ Frame 0E9A 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
617651
strict-transport-security
max-age=31536000; preload;
expires
60
cksync
cs.media.net/ Frame 0E9A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA2NjA4OTIyMTQ1NTQzOTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHNE5FQp4YipMQ4tSUx1lto&google_cver=1
45 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHNE5FQp4YipMQ4tSUx1lto&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:42 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Mon, 19 Sep 2022 17:08:42 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEHNE5FQp4YipMQ4tSUx1lto&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.html
contextual.media.net/ Frame 7D13
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Drkt%26refUrl%3D%26vid%3D360732229930660892214554390...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3066089221455439000V10&type=rkt&refUrl=&vid=36073222993066089221455439000V10&ovsid=6043531667806354008
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3066089221455439000V10&type=rkt&refUrl=&vid=36073222993066089221455439000V10&ovsid=6043531667806354008
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Mon, 19 Sep 2022 17:08:43 GMT
expires
Mon, 19 Sep 2022 17:08:43 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 19 Sep 2022 17:08:42 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3066089221455439000V10&type=rkt&refUrl=&vid=36073222993066089221455439000V10&ovsid=6043531667806354008
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
usersync.aspx
dis.criteo.com/dis/ Frame 0E9A 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
285708
content-type
image/gif
expires
Mon, 19 Sep 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 0E9A
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D8f868ba3-3e86-4c8d-9823-c5070bf518...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=57306328-a219-4200-a76f-0b221154f721&expires=30&ssp=medianet&bsw_param=8f868ba3-3e86-4c8d-9823-c5070bf51869&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=8f868ba3-3e86-4c8d-9823-c5070bf51869&gdpr=0&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=8f868ba3-3e86-4c8d-9823-c5070bf51869&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 17:08:43 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:08:43 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=8f868ba3-3e86-4c8d-9823-c5070bf51869&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Mon, 19 Sep 2022 17:08:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
dmp.adblade.com/srv/sync/gateway/ Frame 0E9A 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:42 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 0E9A
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3066089221455439000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3066089221455439000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=9b78092d-b663-417a-852e-52d53def87e6&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=9b78092d-b663-417a-852e-52d53def87e6&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 17:08:43 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:08:43 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=9b78092d-b663-417a-852e-52d53def87e6&cs=1
date
Mon, 19 Sep 2022 17:08:43 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
710489.gif
id.rlcdn.com/ Frame 0E9A 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 0E9A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=83a7adcd-79ab-42ed-8a9b-605fed9b02b2
45 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=83a7adcd-79ab-42ed-8a9b-605fed9b02b2
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:43 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
45
X-MNET-HL2
E
Expires
Mon, 19 Sep 2022 17:08:43 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=83a7adcd-79ab-42ed-8a9b-605fed9b02b2
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
sync
ups.analytics.yahoo.com/ups/58222/ Frame 0E9A
Redirect Chain
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066089221455439000V10
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066089221455439000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:43 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

Pragma
no-cache
Strict-Transport-Security
max-age=15724800; includeSubDomains
Date
Mon, 19 Sep 2022 17:08:43 GMT
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066089221455439000V10
Cache-Control
max-age=0, no-cache, no-store
Connection
close
Expires
Mon, 19 Sep 2022 17:08:43 GMT
current
medianet-match.dotomi.com/match/bounce/ Frame 0E9A 		1 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Dcon%26refUrl%3D%26vid%3D36073222993066089221455439000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2606:ae80:1451:19::1400 , United States, ASN26762 (CNVR-US-EAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
server
nginx
content-length
1
content-type
application/octet-stream, text/html
cksync.php
contextual.media.net/ Frame 0E9A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Dmma%26refUrl%3D%26vid%3D360732229930660892214554...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066089221455439000V10&type=mma&refUrl=&vid=36073222993066089221455439000V10&ovsid=57306328-a219-4200-a76f-0b221154f721
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3066089221455439000V10&type=mma&refUrl=&vid=36073222993066089221455439000V10&ovsid=57306328-a219-4200-a76f-0b221154f721
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 17:08:42 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:08:42 GMT

Redirect headers

Date
Mon, 19 Sep 2022 17:08:42 GMT
Server
MT3 4505 5b23575 master iad-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3066089221455439000V10&type=mma&refUrl=&vid=36073222993066089221455439000V10&ovsid=57306328-a219-4200-a76f-0b221154f721
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 17:08:41 GMT
cksync.php
contextual.media.net/ Frame 0E9A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Ddxu%26refUrl%3D%26vid%3D36073222993066089221455...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Ddxu%26refUrl%3D%26vid%3D36073222993066089...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066089221455439000V10&type=dxu&refUrl=&vid=36073222993066089221455439000V10&ovsid=AE1KkLAI1OAkga5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3066089221455439000V10&type=dxu&refUrl=&vid=36073222993066089221455439000V10&ovsid=AE1KkLAI1OAkga5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 17:08:43 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:08:43 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:42 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0366c913b1f0da251@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3066089221455439000V10&type=dxu&refUrl=&vid=36073222993066089221455439000V10&ovsid=AE1KkLAI1OAkga5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 0E9A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066089221455439000V10%26type%3Dzem%26refUrl%3D%26vid%3D36073222993066089221455439...
  • https://stags.bluekai.com/site/23178?id=uJkQuVnaYjp3HQPwhHyU&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLVJJVVC5KWNZQVS2TQGNEFCUDXNBEHS...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=uJkQuVnaYjp3HQPwhHyU&refUrl=&type=zem&vid=36073222993066089221455439000V10&vsid=3066089221455439000V10
45 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=uJkQuVnaYjp3HQPwhHyU&refUrl=&type=zem&vid=36073222993066089221455439000V10&vsid=3066089221455439000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.195.100.26 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-100-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 17:08:43 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:08:43 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:43 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=uJkQuVnaYjp3HQPwhHyU&refUrl=&type=zem&vid=36073222993066089221455439000V10&vsid=3066089221455439000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
2825
dfp.bouncex.net/pub/ 		6 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp.bouncex.net/pub/2825?li=4884048123
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
b82816b0da960d07eb98c8195f14e066c6d4278457f2c4140793ed8595da3737

Request headers

Accept
*/*
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 google
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6
ibs:dpid=540&dpuuid=3aad9dc9-c03e-496d-ab1f-c7599363f9b7
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=66373113506026136401086284029...
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=3aad9dc9-c03e-496d-ab1f-c7599363f9b7
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=540&dpuuid=3aad9dc9-c03e-496d-ab1f-c7599363f9b7
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0cda817ef.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
vVEEl/NNSGM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=540&dpuuid=3aad9dc9-c03e-496d-ab1f-c7599363f9b7
date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pixel.gif
px.moatads.com/ Frame CFB0 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=1&rk=0&tk=0&ak=-&i=TRADEDESKV3&ol=3900400012&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xkVHrBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-21y3bVjbGrWLAw%3D%3D&sc=1&os=1-rQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=3&cm=6&f=1&j=https%3A%2F%2Fwww.wired.com&lp=https%3A%2F%2Fwww.wired.com&t=1663607322020&de=528626899694&cu=1663607322020&m=226&ar=5aeef158bee-clean&iw=dd009cb&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=186&le=1&lh=96&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1800%3A1800%3A0%3A2409&aa=0&ad=69&cn=0&gk=69&gl=0&ik=69&ic=69&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=70&cd=70&ah=70&am=70&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=3i8jb8j%3Aif4afpp%3Ax4etwe1%3A9qnntyn&bd=www.wired.com&gw=thetradedeskv275874568748&zMoatOrigSlicer1=www.wired.com&zMoatOrigSlicer2=N%2FA&zMoatDomain=wired.com&zMoatSubdomain=wired.com&zMoatJS=3%3A-&zMoatCachebuster=814314&zMoatCreative=q25m52xq&zMoatDealID=-&zMoatImpressionId=409c46f6-37dc-4d23-ad55-54266494c593&zMoatPartnerID=3i8jb8j&zMoatSite=www.wired.com&zMoatSupplyVendor=rubicon&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD00MDljNDZmNi0zN2RjLTRkMjMtYWQ1NS01NDI2NjQ5NGM1OTMmY3JpZD1xMjVtNTJ4cSZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE1NjAyMjE3JnB1aWQ9JnBpZD0zaThqYjhqJmFnPTlxbm50eW4mYWR2PWlmNGFmcHAmYnA9MC40MzE2NzA0ODY0MTQ3NTg2NDIzNSZjZj0zODM0MzQxJmZxPTAmdGRfcz13d3cud2lyZWQuY29tJnJjYXRzPTdzcCZtc3RlPSZtZmxkPTQmbXNzaT0mbWZzaT0mdWhvdz0zNyZhZ3NhPSZyZ3o9SDNBJnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPWVuJnN2cGlkPTE3ODE0JmRpZD0mcmN4dD1PdGhlciZsYXQ9NDUuNTIwMDAwJmxvbj0tNzMuNTk5OTk4JnRtcGM9MTAuNjI5OTk5OTk5OTk5OTk1JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ1pEWVc1aFpHRVNCbEYxWldKbFl4b0FJZ2hOYjI1MGNtVmhiRGdCVUF1QUFRQ0lBUUdRQVFHd0FRQzZBUVlJN3JvSEdBekFBZmIwQnRBQjl2UUcmZHVyPUNqWUtIV05vWVhKblpTMWhiR3hKYm5SbFozSmhiRUp5WVc1a1UyRm1aWFI1SWhVSS1mX19fX19fX19fX0FSSUlhVzUwWldkeVlXd0tPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrUUtLV05vWVhKblpTMWhiR3hFYVhOd2JHRjVWbWxsZDJGaWFXeHBkSGxDYVdSQlpHcDFjM1J0Wlc1MEloY0ltdl9fX19fX19fX19BUklLY1MxaGJHeHBZVzVqWlFwSUNpRmphR0Z5WjJVdFlXeHNUVzloZEZacFpYZGhZbWxzYVhSNVZISmhZMnRwYm1jaUl3aWxfX19fX19fX19fOEJFZzV0YjJGMExYSmxjRzl5ZEdsdVp5b0dDTUNFUFJnTSZjcnJlbHI9JmlwbD0vMzM3OS9jb25kZS53aXJlZC9oZXJvL3NlY3VyaXR5L2FydGljbGUvMSZwY209MSZ2Yz0zJnNhaWQ9ZTAxNDM4Yzg5OWM0ZTE4NWFiNDhhZmJhMjcxZDM1MTZjN2I0ZmVhNSZpY3Q9VW5rbm93biZhdWN0PTEmY3hsdnM9MCZpbT0xJm1jPTcwYzUwMDM0LWRkNWItNDdmZi04NmZmLWM0ZDY1N2E0MDA5YSZ0YWlsPTEmc3Y9cnViaWNvbiZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=17814&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=1&tc=0&fs=200157&na=1486934242&cs=0
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:42 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:42 GMT
action_links.json
fr-actions.trackonomics.net/prod/www.wired.com/story/uber-hack-mfa-phishing/ 		243 B
589 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fr-actions.trackonomics.net/prod/www.wired.com/story/uber-hack-mfa-phishing/action_links.json
Requested by
Host: cdn-magiclinks.trackonomics.net
URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/condenast_eujdmc753_wired.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-101.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ebe49a14eb8c97ddb9139f1fa98ce3b0cf0a15f81da96e5865c914e73ddad71

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 fadedfea448fa31cb8aba15ba1b05064.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
PHL50-C1
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
Error from cloudfront
content-type
application/xml
access-control-allow-origin
*
access-control-allow-methods
GET
x-amz-cf-id
ccV9vOGFfkDW9SN1_qqeXauLEKjjkkNuU3OOxMIMhrbhdqcPWOBfWw==
i.png
trx-hub.com/i/m/ 		128 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbVBDE-bURAALKFKGEA9DZQOAdCizRqGR5sSUbQiMgBPG14AI2poAFozLQBrCMp4MAipMywhVPwbEAo3eHC3aFNs8Cg4JFR0bHxREgBdCk1eP29YGjpFEE0BLDkIdXYdQhAAJgAGYeGI0YBOCIBGaYAVOYB2QlGADkIAFmHHXYBmAC1i5VV+iAFBkEWzagACAFUw6HuACVjATAIhe4ARagAbmA-JAsIgcPcAJI-ABSTQg9wAynRoGx8Pd-PcAEqA6hgARQiBCagCeD3AA+9wA6pCsQBRX7FLBYBRDZkYOYANk5B05oxWBwmhwwmk0xVxOD6EACslM7CkbiEQjBOGKjWaNDgLNMXnkcmBfWovAAVhhKJoVgBWA6wFxuBQNFlSOY68EYfV+WBG03mq0HNVO4amO3uEAkIA
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.47 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-47.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 01:07:08 GMT
via
1.1 677c6e9af68514f698151642c19f6c8e.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:40:25 GMT
server
AmazonS3
age
57695
etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-length
128
x-amz-cf-id
nfKVjsthrdhSXBTYlE8AC75-X3amCUE5xLcR-GOLoKspxe0p0z4TTg==
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=conde.wired&zMoatAdUnit2=hero&zMoatAdUnit3=security&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oeOd4UyJc8Q0YElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-QQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=436&gp=64&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=4&f=0&j=&t=1663607316787&de=470420900414&rx=430755292090&cu=1663607316787&m=5645&ar=5aeef158bee-clean&iw=f9dac89&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=64&lb=5988&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A158%3A158%3A0%3A279&as=1&ag=1037&an=329&gf=818&gg=110&ix=818&ic=818&ez=1&ck=1037&kw=1719&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1037&bx=329&ci=1037&jz=1719&dj=1&im=0&in=0&pd=0&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1719&cd=1015&ah=1719&am=1015&xd=00&rf=0&re=1&ft=1037&fv=329&fw=329&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.wired&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=200157&na=1121062635&cs=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:42 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 020E 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bl6RSGaIoY76wEpetyQO76p6gDAAAAAA4AeAEAg&bg=!vL-lv_vNAAZqQh0mSkI7ACkAdvg8Wj-MXUi7bTnmHR63nYNaZvW-4POuI-9OVd-OYW8fP8HBAMujDwIAAAG3UgAAAANoAQeZAu6fvsV8iBZD9YD5OsPR0SRRxe8u7tz-b-mfl3AGB3MAwRSLnclUxW9d-iKXev9WQPrGPP49J-9eQgynw5PmHzOw-G64ccaJEzTOQB6H0z17xEU4WcPuQIMecG8Qk2YMR10sFlfITZEq0rB6J2wM1G29P5ciaO0VWT1lR9ui0IhaqlbcmyRCrBAMKO13TNl1C-4xgtJsT08ZUFyc7Zae2_HxZLxMrjjqlEfZPNn3QssOlzWpN65lcFIPXvlXKivrbVlX4CkKl2qEODkWGwVstpRBCmnPtAEQcHron5yZv0_baGwokeGGwOgyBm_ZUgrLWsJqALLiLlD4WFbvm3_r-uQpL72Hz5fchREguO8wzPsOaMd7VCGtfTHlIb2ukXz3bqLoj9rcdLT5G9NXGd5GvD-HY5LvVb52WEqErMUu3cyH9ZOmhJQqPevzQurW3jk7lrO9IhvFr4x9SLXRED_6qt-eZtC2VvcwdD8pcpPvqcyzCo1Utus1mm6_S0i50UnrILaZzTQivkr9yoXizuFGutm8zkrQvGhuIGRfL7xBO2k2NZ91RcqOZNOcMYhHry8-gNWGueO-GZc3CtxAiEG0ody4hY3Dry2cJQ1Th9ucUTyOFBlC6QZSCnskXnEUPn_Qhcpomojt76rEbbsv5tS-vJRSg5xeiBMv2Alv7VaobS80kLlkFuqM71Shvm-0oaxAUHybiSnKwn2nbUOw-6sXcmQq63FprMwiOd5puctg7wybrj4m2d0VMSmdSC5vV3h46wHBwyvBt4y-L9ydP2G0EyoaMP4xkeEy-fCCzix6fZUZWCNqioyFfQz2lAEFLPGM9PpYatiMBi3SGG7JTtnplyrvhv8fCdq1odmxg11n2B0FV5HEzvhJBvMdD5a62Y9coUEc5tAnPNVhJlapcC8sVYbkU7pPnsSqYlzXi--ePB7n2yzcXWQWU3HvRgcmlzF5MLs22EJvU7q4ydyu43cdbvnV3khQ1pHjdvWBep5ETsA
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=601&dpuuid=211982463078274&random=1663607322
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://dp2.33across.com/ps/?pid=897&random=653361332
  • https://dpm.demdex.net/ibs:dpid=601&dpuuid=211982463078274&random=1663607322
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=601&dpuuid=211982463078274&random=1663607322
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-03c48b3e8.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
YpZClTfWQ9k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
200004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://dpm.demdex.net/ibs:dpid=601&dpuuid=211982463078274&random=1663607322
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
ca
choices.trustarc.com/ Frame 857A 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=300&h=600&c=digitas01cont5&js=pmw1&base=te-clr1-3a49a8b8-9f65-44d6-b97e-3761607db8e7
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont5&w=300&h=600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-3.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
dbbfaf15e1d2ab16cf31171e341f75ed57491e03b322221e3cbfca88f68e863b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
PHL50-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding, Origin
content-length
2471
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id
UbN4twqwnBa9hjSoYZmll6ULpo6ulSAKQCdx90maOgztbaTri8wbIg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 857A 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=hpeus01&pid=digitas01&cid=1&w=300&h=600&c=digitas01cont5&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=digitas01&aid=hpeus01&js=pmw0&cid=1&c=digitas01cont5&w=300&h=600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-3.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 17:58:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
83391
cross-origin-embedder-policy
unsafe-none
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
4IaNwqmmSl2C7uF0wkfpC3nfZPV_m2XEjuDTF8SxlA69j_qjSkXGcA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 857A 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=hpeus01&pid=digitas01&cid=1&w=300&h=600&c=b612
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-3.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
PHL50-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
vary
Origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id
EijPVn33oiDrHr_0L0D9Mu9DsHqxXc0-LbnxLL04ourfVShBIpmLNg==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ibs:dpid=771&dpuuid=CAESECjQtaUcIFYml46EfCKwQdU&google_cver=1
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjYzNzMxMTM1MDYwMjYxMzY0MDEwODYyODQwMjkyMTYwNDMzNjE=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECjQtaUcIFYml46EfCKwQdU&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECjQtaUcIFYml46EfCKwQdU&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-090ade4d1.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
rybEqFHjRyM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESECjQtaUcIFYml46EfCKwQdU&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CFB0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuKlodymY-34F_QbEVW7z_Oe0ebyNBcxZwgSxy01B9k7OQ3UVccSBuM6ZYG6rTOUAOpZ9FCiZlhoCJNWnerAL4I5XAkvk0x&sig=Cg0ArKJSzDs66V7O2s3GEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=3366117014&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663607319785&rpt=1813&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=conde.wired&zMoatAdUnit2=hero&zMoatAdUnit3=security&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oeOd4UyJc8Q0YElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-QQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=436&gp=64&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=4&f=0&j=&t=1663607316787&de=470420900414&rx=430755292090&cu=1663607316787&m=5847&ar=5aeef158bee-clean&iw=f9dac89&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=64&lb=5988&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A158%3A158%3A0%3A279&as=1&ag=1239&an=1037&gi=1&gf=1020&gg=818&ix=1020&ic=1020&ez=1&ck=1037&kw=1719&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1239&bx=1037&ci=1037&jz=1719&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1942&cd=1719&ah=1942&am=1719&xd=00&rf=0&re=1&ft=1239&fv=1037&fw=329&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.wired&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=200157&na=1101892089&cs=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:42 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:42 GMT
ibs:dpid=992&dpuuid=1i1h76qrm501a
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=66373113506026136401086284029216043361
  • https://dpm.demdex.net/ibs:dpid=992&dpuuid=1i1h76qrm501a
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=992&dpuuid=1i1h76qrm501a
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-0b4bfdf33.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
lyIZw4y0SCA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://dpm.demdex.net/ibs:dpid=992&dpuuid=1i1h76qrm501a
cache-control
no-cache
cf-ray
74d3ecc83b98713f-YUL
content-length
0
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&zMoatAdUnit1=conde.wired&zMoatAdUnit2=hero&zMoatAdUnit3=security&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oeOd4UyJc8Q0YElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-QQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=436&gp=64&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=4&f=0&j=&t=1663607316787&de=470420900414&rx=430755292090&cu=1663607316787&m=5848&ar=5aeef158bee-clean&iw=f9dac89&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=64&lb=5988&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A158%3A158%3A0%3A279&as=1&ag=1239&an=1239&gi=1&gf=1020&gg=1020&ix=1020&ic=1020&ez=1&ck=1037&kw=1719&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1239&bx=1239&ci=1037&jz=1719&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1942&cd=1942&ah=1942&am=1942&xd=00&rf=0&re=1&ft=1239&fv=1239&fw=329&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.wired&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=200157&na=1016231748&cs=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:42 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:42 GMT
adsct
analytics.twitter.com/i/ Frame 919A 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=66373113506026136401086284029216043361&p_id=38594
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
5
date
Mon, 19 Sep 2022 17:08:42 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
10d7eb1f528176c42548dc6e8df5967048635acfc809a1a1dcfacef1c78699eb
content-length
43
ibs:dpid=1175&gdpr=0&dpuuid=xAtQi5MKU4TfD1TVxlxPg5YPUtXfCVOCywzhfRnL
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=xAtQi5MKU4TfD1TVxlxPg5YPUtXfCVOCywzhfRnL
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=xAtQi5MKU4TfD1TVxlxPg5YPUtXfCVOCywzhfRnL
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0f8f1774a.edge-usw2.demdex.com 20 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/fAS2WnRQaA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=xAtQi5MKU4TfD1TVxlxPg5YPUtXfCVOCywzhfRnL
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
YyiiGGLSm_lWytm-iJ357gAAAd0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2B33 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YyiiGGLSm_lWytm-iJ357gAAAd0AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:de18:75cd:f3b9:7bd3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 2B33
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8264677328858952876
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8264677328858952876
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecc88d02a1e0-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bco6gCd3fZrtJo7vCorjm9pO188%2BXGkpValBEJTM2pLQtImPs7Rh3qMC7Q5dgzeodgUDRn3UTUyQfFz176LlYAFheyEfLM9FX9qQVlaDnx1e%2BfQIE%2B%2BnE0LrfrK3uh5Ud%2BxSYOnkpJ3wGQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:42 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
288617dc-815d-4031-8c9a-9d0296a298a0
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=8264677328858952876
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YyiiGGLSm_lWytm-iJ357gAAAd0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 2B33
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YyiiGGLSm_lWytm-iJ357gAAAd0AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YyiiGGLSm_lWytm-iJ357gAAAd0AAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YyiiGGLSm_lWytm-iJ357gAAAd0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a02:de18:75cd:f3b9:7bd3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YyiiGGLSm_lWytm-iJ357gAAAd0AAAIB
date
Mon, 19 Sep 2022 17:08:42 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 2B33
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4601057333822261305
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4601057333822261305
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecc88d17a1e0-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8k8lWC4RmfPCd%2BkD8O2sehKftFUNP1pbQbDcn9g5lt%2FpmP6MoO4da8Qf1d4Rhc3%2BQsyPMpwkKu2%2B8fBnkRP6Ate5%2Bujbx0cy7zP78UHKhzl%2BIEyivtt6L8C5GoQT2TGVe0nyN%2FreAo3kWw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4601057333822261305
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
rum
dsum-sec.casalemedia.com/ Frame 2B33
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=207fe4a3-fad9-40e2-fa8abf2e
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=207fe4a3-fad9-40e2-fa8abf2e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecc8edb3a1e0-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Thp2hh3TUAcRD1gSTnkNgStiYEz47iqYwHFAIzwDdMtUGz%2By7%2BnjXaxQRjOSKsvcJKewgGVzKSKmRGi015MHQJ%2BGMJCtdeufPj5uwoomWFfsWZT1V1Op50TjALhjWAdOacbTX9rNBnpz8g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 google
server
nginx/1.22.0
access-control-allow-origin
*
p3p
CP='This is not a P3P policy!'
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=207fe4a3-fad9-40e2-fa8abf2e
cache-control
max-age=3600
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146
dcm
s.amazon-adsystem.com/ Frame 2B33 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyiiGGLSm_lWytm-iJ357gAAAd0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:42 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
1Z7PTWX0TQ73ZJ5WJCWV
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 2B33
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=6043531667806354008
43 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=6043531667806354008
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecc8dda9a1e0-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xznx%2FbwwqLIcBdK3UGWffXXRJkFH7GvQskHX7LyIQN3h75IWOqjUIncOk5wyTPcaGtITdmKYxeuKEqwNQTemRG8Nn6vLL%2Bn1k%2BiVVKvWgK3vKIqJ%2BN5L6BaCYJIS2dkIWGKFMF%2FgWPWjRw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=6043531667806354008
Date
Mon, 19 Sep 2022 17:08:42 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rum
dsum-sec.casalemedia.com/ Frame 2B33
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=fTrA_io7w_FmPsSgf23f9i8-wqBmOMP3cj0qlkTW
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=fTrA_io7w_FmPsSgf23f9i8-wqBmOMP3cj0qlkTW
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecc88d13a1e0-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xAksP7WEGFVwKVVrt1Y7eWjnsbWm1dug0NisflZte%2BL0avS9xuejWshkb84fTptf1oFp%2BMgh3Rjzae8KcCtUhuKDEhc%2BCezv%2BCWqZByvxuSQwjQ%2B8yn6UVDa1c8uNGL0ay11F3x3edhmXA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=fTrA_io7w_FmPsSgf23f9i8-wqBmOMP3cj0qlkTW
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 2B33 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YyiiGGLSm-lWytm.iJ357gAA%26477
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecc88c034bbf-YUL
date
Mon, 19 Sep 2022 17:08:42 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
285
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 19 Sep 2022 21:08:42 GMT
usync.js
eus.rubiconproject.com/ Frame D368 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.78.168.242 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-168-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
0c7511f3b050b0c377e16f2f52a3b8282c74e60ff1112a015d34e7088c00783e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=na&co=ca
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=74626
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9419
Expires
Tue, 20 Sep 2022 13:52:28 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 0873 		1 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECtNOE2TfuJrBBkN1TbrNCU&google_cver=1&google_push=AZmPxg8Thq-l3pqRIkXjb2GYn6RrbDMwPYth8nMKfMEwGApEEtEU2MkBz2cZ_pfa1HlfyZRzNhfyQ-EojWUC0qsCo6XA1Tcq1AKR
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2606:ae80:1451:19::1400 , United States, ASN26762 (CNVR-US-EAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:43 GMT
server
nginx
content-length
1
content-type
application/octet-stream, text/html
pixel
cm.g.doubleclick.net/ Frame 0873
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEE6NYGW-aGLKYQVaXMiDPTU&google_cver=1&google_push=AZmPxg-hymQbUeYD66BOl_l7THYMcRwcP4qmg1r7iarkbUfSqcyhSgc-WEvP7zZBevPy99Vj7FyNfVqymiAsAiUePhLF7HG5QUHB
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AZmPxg-hymQbUeYD66BOl_l7THYMcRwcP4qmg1r7iarkbUfSqcyhSgc-WEvP7zZBevPy99Vj7FyNfVqymiAsAiUePhLF7HG5QUHB&google_hm=UjFCMzQxX0Y2NzY5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AZmPxg-hymQbUeYD66BOl_l7THYMcRwcP4qmg1r7iarkbUfSqcyhSgc-WEvP7zZBevPy99Vj7FyNfVqymiAsAiUePhLF7HG5QUHB&google_hm=UjFCMzQxX0Y2NzY5QTY5Xzg3QUNFM0VD
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AZmPxg-hymQbUeYD66BOl_l7THYMcRwcP4qmg1r7iarkbUfSqcyhSgc-WEvP7zZBevPy99Vj7FyNfVqymiAsAiUePhLF7HG5QUHB&google_hm=UjFCMzQxX0Y2NzY5QTY5Xzg3QUNFM0VD
Date
Mon, 19 Sep 2022 17:08:43 GMT
Cache-Control
private
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
338
Strict-Transport-Security
max-age=-346594123; includeSubDomains
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 0873
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGWNl41bR__Hx1AN7LVvlik&google_cver=1&google_push=AZmPxg9LoXA2WtFh25cIuzeO69gf82P0cesWdcSVb_WqQkkOpc-wJ9-I0E-GdTez_UZ_3YUloOEiQLy...
  • https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=kL3zs7oXS8qpSt5XPiqEBWMoohk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=kL3zs7oXS8qpSt5XPiqEBWMoohk
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=ssc&google_hm=kL3zs7oXS8qpSt5XPiqEBWMoohk
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 0873
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF-4NtzS6yh2tShc7HbbLhM&google_cver=1&google_push=AZmPxg-E460qCIUdjIzfbHhSHbai8kvfgEPC7nVcnLaXDXcaq_DM7wf4GkH08guxqsl4HfEuX2kF5bhH...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF-4NtzS6yh2tShc7HbbLhM&google_cver=1&google_push=AZmPxg-E460qCIUdjIzfbHhSHbai8kvfgEPC7nVcnLaXDXcaq_DM7wf4GkH08guxqsl4HfEuX2k...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUyNzMwNDkyNzc4NzgwMDIy&google_push=AZmPxg-E460qCIUdjIzfbHhSHbai8kvfgEPC7nVcnLaXDXcaq_DM7wf4GkH08guxqsl4HfEuX2kF5bhH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUyNzMwNDkyNzc4NzgwMDIy&google_push=AZmPxg-E460qCIUdjIzfbHhSHbai8kvfgEPC7nVcnLaXDXcaq_DM7wf4GkH08guxqsl4HfEuX2kF5bhHpvcGMcRKid6i05L_NBy4
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzUyNzMwNDkyNzc4NzgwMDIy&google_push=AZmPxg-E460qCIUdjIzfbHhSHbai8kvfgEPC7nVcnLaXDXcaq_DM7wf4GkH08guxqsl4HfEuX2kF5bhHpvcGMcRKid6i05L_NBy4
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 0873
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sQkCPcUbS92i0w_OeSvltw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sQkCPcUbS92i0w_OeSvltw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8zhJ3yKJ363xMNLTxEnHijYUzjA2vMDl853KHYPVnBOJf5F3MCQHncyR2MKkO8gr79oDSAJQiA8D4aHlZ3ouw4-id_IXCz
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=sQkCPcUbS92i0w_OeSvltw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg8zhJ3yKJ363xMNLTxEnHijYUzjA2vMDl853KHYPVnBOJf5F3MCQHncyR2MKkO8gr79oDSAJQiA8D4aHlZ3ouw4-id_IXCz
date
Mon, 19 Sep 2022 17:08:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0873
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEIbJ4W23OksWobFms2dazn4&google_cver=1&google_push=AZmPxg9awv-EYAPtx6h1nfrEweBP5Qrn3Y-rXXrsGZYc6BryjnnRlvltPWeHfN2Ix-Lv5EcRGkpkFLWDiUVAVssgQn...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE3NDc5NDQxNDE1MjAzNDYxNDY&google_push=AZmPxg9awv-EYAPtx6h1nfrEweBP5Qrn3Y-rXXrsGZYc6BryjnnRlvltPWeHfN2Ix-Lv5EcRGkpkFLWDiUVAVssgQnhv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE3NDc5NDQxNDE1MjAzNDYxNDY&google_push=AZmPxg9awv-EYAPtx6h1nfrEweBP5Qrn3Y-rXXrsGZYc6BryjnnRlvltPWeHfN2Ix-Lv5EcRGkpkFLWDiUVAVssgQnhvyWlm21o
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTE3NDc5NDQxNDE1MjAzNDYxNDY&google_push=AZmPxg9awv-EYAPtx6h1nfrEweBP5Qrn3Y-rXXrsGZYc6BryjnnRlvltPWeHfN2Ix-Lv5EcRGkpkFLWDiUVAVssgQnhvyWlm21o
Date
Mon, 19 Sep 2022 17:08:42 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
/
b1sync.zemanta.com/usersync/googleadx/ Frame 0873
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEF4R61LAyXDrf54zxi0EL60&google_cver=1&google_push=AZmPxg9PBKgHOTegacSRA6vzb0GslQ93cW5kRrz4101G5T9Gy1uGmFT-vJFqNlJWBTVzPz6XW1YWEqcJXb_CI...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg9PBKgHOTegacSRA6vzb0GslQ93cW5kRrz4101G5T9Gy1uGmFT-vJFqNlJWBTVzPz6XW1YWEqcJXb_CICvBuWLqXRz0GZAohw&google_hm=dUprUXVWbmFZanAzSF...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:43 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 0873 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J2xZJOBIpJNom0Y3LQy_3pJ8Lv0wL9VCdtrBuuh7G1UeL-268DNkUnnWMug1Ns9RUfcqoMKw
Requested by
Host: 8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
URL: https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
px
p.adsymptotic.com/d/ Frame 919A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px?_pid=11693&_psign=bf265992ae7fbdc1ab4b39651c157974&_puuid=66373113506026136401086284029216043361&_rand=1554881823&_pp=adobeXtest&_redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=1524%26dpuuid=${UUID}
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame FB98
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YyiiFwAAAEe96ANP
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YyiiFwAAAEe96ANP
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecc8edc8a1e0-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=acxmgNV9Aa%2FRPtAmGTN%2BlLeSOLg6t26fgESnaTerCFRYxpMPrLIZi1W1zLJvNH9mvWs7jkaKgEtfIZ0QzJXfQ38b0G%2BnpePI7gG0Hh6l5SOGf0MQRKo2DBRY2sQiJFV%2Bx%2FvWm4YnJRYLvw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663607323.012752,VS0,VE0
x-served-by
cache-yul12830-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YyiiFwAAAEe96ANP
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
crum
dsum-sec.casalemedia.com/ Frame FB98
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADn0U7GUUQAAA_UoQQBHw&expiration=1664816923
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADn0U7GUUQAAA_UoQQBHw&expiration=1664816923
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecc91e26a1e0-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HhnB3TZ7n%2F%2B9yFlrfmlQjCgUDIG6HNXxp8o4e9jpgU5Aqa5NCEmcRf%2BlYNvc5cWIkUA8pF0V0LOpchehQemEzNjP2EQQ8%2BiW%2FJZRVm%2BDuN5E8Cv0%2FRUNKkdqA81BUzZZ0OqppuFhFVXn0A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADn0U7GUUQAAA_UoQQBHw&expiration=1664816923
Date
Mon, 19 Sep 2022 17:08:43 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame FB98
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=57306328-a219-4200-a76f-0b221154f721
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=57306328-a219-4200-a76f-0b221154f721
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecc91e27a1e0-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3hburLrU6A2DXgnPCOshBc1J%2F0dcIusEiGF3m7EEhjeiZxMf5Io4k7n7ePrHPw8Kjqpo0JI1wlIZFTlvG%2FAWuvP0cKlMDAfNyGXCYZjkmMTBHD1Vl15OOzBgBf8m2yDxM%2BrvykzFpq7How%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 19 Sep 2022 17:08:43 GMT
Server
MT3 4505 5b23575 master iad-pixel-x3 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=57306328-a219-4200-a76f-0b221154f721
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 17:08:42 GMT
current
casale-match.dotomi.com/match/bounce/ Frame FB98 		1 B
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2606:ae80:1451:19::1400 , United States, ASN26762 (CNVR-US-EAST, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:43 GMT
server
nginx
content-length
1
content-type
application/octet-stream, text/html
crum
dsum-sec.casalemedia.com/ Frame FB98
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=uJkQuVnaYjp3HQPwhHyU&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD25KKNNIXK...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=uJkQuVnaYjp3HQPwhHyU
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=uJkQuVnaYjp3HQPwhHyU
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecca58b7a1e0-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NF2smLNFmXMKnbxLBZl2BRwXpdsGQa4nvhHYg%2B4efRCU4gL%2Ftbbcpp6Doo3A4D6HlYZlLaPjJRDNMAfAXJvOqdBXRtw21iRfcU6PfxOGaMK5LB1KXt%2BdToQy7yDtYWL%2B%2F0FNNonx6Hs9aA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:43 GMT
P3p
CP="We do not support P3P header."
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=17&external_user_id=uJkQuVnaYjp3HQPwhHyU
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
rum
dsum.casalemedia.com/ Frame FB98
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=index
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dindex
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=bf0077cd-9d67-4910-9e46-10bb165e63f6&ssp=index
  • https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=8f868ba3-3e86-4c8d-9823-c5070bf51869
43 B
872 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=8f868ba3-3e86-4c8d-9823-c5070bf51869
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3eccace3153f5-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PdgU%2FhrsX%2B4grC8ZRhMg8fXbKtw%2BCIeYYXmN3gDlEMXjVOv05pTPhpoVBgFxW4oTAlsrulHfOxhKWruztGgffvyUlq%2Fg8xxGoNyGQR%2FugIpuGgYsbUAig3lhIRaTeBkTZVXzyhNT"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Location
//dsum.casalemedia.com/rum?cm_dsp_id=51&external_user_id=8f868ba3-3e86-4c8d-9823-c5070bf51869
Date
Mon, 19 Sep 2022 17:08:43 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
indexexchange
sync.adotmob.com/cookie/ Frame FB98 		0
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.129.159.219 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-129-159-219.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame FB98
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662270673164669
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662270673164669
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecca9959a1e0-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UoKUJpjeLha5SZqN7udflrwSSlrJhX73CQ35z%2Fw50D8usXAi4Evohc4%2FNQSuPK0bgQyDBCjWDBsAshAsHWHpHxpPEdyOrVupdL5WrO4YoonZd6lW8aUva8rEU4FlXJHbZJpuukZyKRHAnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
563
cf-ray
74d3ecc9fa26ecf2-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662270673164669
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame FB98 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YyiiGGLSm-lWytm.iJ357gAA%26477
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecc8dc7e4bbf-YUL
date
Mon, 19 Sep 2022 17:08:43 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
286
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 19 Sep 2022 21:08:43 GMT
log
c21lg-d.media.net/ Frame 2A98 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=066faa41-3014-424b-9478-88a450256df8&cs=15&vsid=3066089221455439000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 19 Sep 2022 17:08:43 GMT
log
c21lg-d.media.net/ Frame 0E9A 		35 B
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=066faa41-3014-424b-9478-88a450256df8&cs=15&vsid=3066089221455439000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
cache-control
max-age=0, no-cache, no-store
expires
Mon, 19 Sep 2022 17:08:43 GMT
content-length
35
content-type
image/gif
ibs:dpid=22069&dpuuid=2027896334542
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233
  • https://tag.yieldoptimizer.com/ps/ps?tc=712665014&t=i&p=2233
  • https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2027896334542
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2027896334542
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0bfe8d411.edge-usw2.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
AZOrZLjlTKc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2027896334542
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ibs:dpid=575&dpuuid=-1192262555302735988
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=66373113506026136401086284029216043361
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=-1192262555302735988
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-1192262555302735988
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0c062a6d8.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/ScGbNqqQTA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp8.us1
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-1192262555302735988
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
reloadCampaigns.js
api.bounceexchange.com/bounce/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=1783&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDZCBmQgBgHYSAmWgFgA5NgAvEKczAdwFMAjHKmC8A+qgAmUGoxoBWTACdeOEABs4aDAQrkAHvhrkuymL0XLFUbAEM1a1AgDmouIrVQAFsGAAHHACkJACCATQAYmHh3DEAdNyoyhKxSCAAtlE4oIoAnlFw-OYAtJ42SADWRWkwNkW+nqg4Dc5RmABujcKiqSDlqLxQAZQAQmE0ar5jQaE0NN5+gfIhYXIRKxEx3PGJvMmpGfIRWSC56+EFxaUVVTV1DU2OTmdTNADCY4pTy7Mv77ONoicIFEOBUQgwX2CNTUoLCfxoAKcvhBYPQCEh0NhlAAItgQL1+oMRmM2pChqNZjgCmlhCIJKIMEIRBi7LC3mNeG1zKI1CAnE5duJ0T8QpjeHCxlT+DSfILeGkbKg1KJ+GVykhSggELw1CyYeL2ZTqbS5QqlYCbBIBcA1DZBHq2fCpTK6aJ5YrlU4bGkVA6DU7jbL6e7zcBFDYEDhfCdgH6JUbpSbg2blSINY5gNwQHHDTRnUm3SmQUh+sgDTRpmL43nA66Q8qJLxWTmA4mg4WPaIJB68iKoaz-WMkEhfDZunZUGTZmG4OXq8oXF6RCDa7sWx9eIubMu3Lq+2Mqz9c-n2-XRNGJEgbFlFhXRQOhtjqzA2rG+0RSBRqDR8NWOhJIQ-MgqFofB6EofBIPIasbGzPtoNzCYpzmHx-BWb5VkiQ5ojiBIkhSdIzmOU5sIuRQSjVG5anqRpmiebDfjGa9IQQ+E2l8Ul32rAD91mHiK1zT5eIEgT4SQV9AOIYDv1-Y9JEA6snCQIS72CGhKGrA5VNYsYJHk4S6DkRhyHwRgAE5yHoEg5DAuRwJIWTRLGNQJPfKSv1Ax92hsRQcAAbVHAVRGAHJfF4ABdKAfLQJA1F4bzfL8y1RA6IR+DiyKxQS-zotQWKxAQb0IqgAAVTwDXIABVQohPIAAJNUAjgIx8DMxZyGxTlr2Abc0TCcgAEl2oAKTgLJ+oAZR6xQ0BaIxQH6gAlTkmz3QbgFBNQYGypKZryuLxxEIFckiibeCQNxhByHbSi20ccm4OxlVS1B0uKrK2h8-z+BAHx0lVRQUs6N7MoHHb7se+xQf1Hb4HsCGnqBtKMtgMHPsSqMxxWhBgELE1FGh0EdpPV1GWEd60a+vzeX5QVHEJ+L0f8lbAZpgV6Xp1GYaZvyJBgZFFHSkAKkip6QG4YnV2TTtVQqDUI21NQGclts6yLL0rV4G07RwZWeZJ01Oy9H1da5on9aljtQ3DSNoxmvWqYN6XQ3O5pMxAB2Mcts8cBLXgy09-ynathtVtNj7He9otuyVHJA4CxRUE+kQhYqJHXpRiPEp6lwdXlf3gHj3xE8+pAcnPEBfDgZEXpBs3GappAEBDldBGU17zHjpuQXJ1vfcTmqu5HMcrwcSKZwb7PK4B9O66z-yTkbQGYBONJ44XC1lyd+OJByQqaSQYKbFzuKfRx06AFFXkqxaBpKgBNfqADkL4AdQmnaF0aMNeowURIaVvXT+m5N5iF3OvEBS4xBUl8MXVEGB47BzPBeK8N546lEUPSDeADzzKFBOfIBPQ+hiFAMCW0igBRAP4L4TgmAtY0L8uFTAvgNrWH2L4BwEYkBiBgLaJw1g+a+EYVAJgjB6CWUYIYEg7RSi0I4pIAgSg1AhTClAQKJDQq8AADS5XyqIfe2jdEHSvEdE4OQtGCNEILXkFQLF729HlI+J9844wsfzKxqdyhKIMVAdGqA7RxSAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_89ceea329a99e3935afd4105c6694d4b.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
0661ac38488e2bede6e33f169628d5f4839a9d14b7c9cda378d514b86a0836bb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 17:08:43 GMT
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
24
content-type
text/javascript;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
0
reloadcampaigns
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmH1DCAD6JAJ7IQvHqwDMAQSnUSaOIym8AwophCKaHGgaS+shXwBmUMDmPSeWvkpWMhWJLdNSAKgAtjABgBVOhBgXn8ACSg4AGtWAFFpAA5-VgBONJxwgBEQKlIoZQgscIBJLJ5-ACliEnCAZRInLAxwsnCAJTyQKzKSGzBzdXtFYGVVYQQSEAwIYFF1eSl6kCIaMWGHHh8rc1RRAHcrMF19QzUTJYsrG02pOggSMkQ6alODI0WzHktrDxG+PsjmAwF8pL9biYAT9CCCgcd3ucPFcfjd-lscKghN0sCRsYg0E9QmDrn87nwcIQ6ASiTpigZpiTUWSoVtIBhBDo0CVLt8IeipN1gEJ2ZyhNymfzyTwYHshMAGBBYkzjhADtLKdTCdMdCBEOgTq9YnAdlgsOBJWiNVSaTr8QahBhYIISGB6BVpCipaypJrbSBdfq0CcnYgmJaWXYMTbtQH7cGRMAoLhkHM6rzwVafRSY7T4ydpibuSQDhAI5Co77c3a9Q6cHA0CAsHBkXys5Wc1q87WEzAetZywLO-7Aw6YAaFhnSRXNFJkDQqNNFbFEZ8p8yZ9CmhhsYww7jB9L52gqHBREJU8hCMhVxdPW3I7O+HAsPmhJr6zQQmF196OzwX3fQlhA-OAv2JX92yfAC4CxBAwDQJkSGAQghx4MhkFeYU9A+O9PGnNC5j7YVzDmRBD2zHhQB3J1pnfasAwo-8YFENwCTgEQoB3cA9SbdN72WeINECDpSi8ABNcIADl4gAdXqaVqP0ZDCjQYohGBUFIMfaFqMdQphEIYAtIEgjFJmfS6MpZB5yYAxiiY6C-VjUcE1TeAoFID18I3NCdmAHQ9M0i9QBsA9tJndhsgAMlASBYAQFB0GwfA2JAZgqBoehGFi8BoA8pLMFwPAxAkZgBGEUrjA0JwJlcdxNFqlwphmOZJw0WUbwVSBlXsFi2JUTjuL3PjNE6+VlxiaLEAgPtmH8aKDhAOgGRANAYGYHgkh4ABWaKcMJdbmAARgANlOmRTv8dgZB4Y6ABZ2GO56Fr7PQWyOngZB2lJjqSNJ-Hu76Hp2x6ZGO6KKr0EADiOiGbAAR1Q5s1o2nhotURtcWUMMChQE7zsu67btunaIcxvioGQE9QnsrBmG3GRorelR0pgaKcAgIyW2YJa6Giri+OYYhQiAA
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame CFB0 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=1&rk=0&tk=0&ak=-&i=TRADEDESKV3&ol=3900400012&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xkVHrBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-21y3bVjbGrWLAw%3D%3D&sc=1&os=1-rQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=3&cm=6&f=1&j=https%3A%2F%2Fwww.wired.com&lp=https%3A%2F%2Fwww.wired.com&t=1663607322020&de=528626899694&cu=1663607322020&m=1235&ar=5aeef158bee-clean&iw=dd009cb&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=186&le=1&lf=233&lg=1&lh=96&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1800%3A1800%3A3174%3A2409&aa=1&ad=1080&cn=69&gn=1&gk=1080&gl=69&ik=1080&ic=1080&ez=1&co=1080&cp=1015&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1015&cd=70&ah=1015&am=70&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=3i8jb8j%3Aif4afpp%3Ax4etwe1%3A9qnntyn&bd=www.wired.com&gw=thetradedeskv275874568748&zMoatOrigSlicer1=www.wired.com&zMoatOrigSlicer2=N%2FA&zMoatDomain=wired.com&zMoatSubdomain=wired.com&zMoatJS=3%3A-&zMoatCachebuster=814314&zMoatCreative=q25m52xq&zMoatDealID=-&zMoatImpressionId=409c46f6-37dc-4d23-ad55-54266494c593&zMoatPartnerID=3i8jb8j&zMoatSite=www.wired.com&zMoatSupplyVendor=rubicon&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD00MDljNDZmNi0zN2RjLTRkMjMtYWQ1NS01NDI2NjQ5NGM1OTMmY3JpZD1xMjVtNTJ4cSZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE1NjAyMjE3JnB1aWQ9JnBpZD0zaThqYjhqJmFnPTlxbm50eW4mYWR2PWlmNGFmcHAmYnA9MC40MzE2NzA0ODY0MTQ3NTg2NDIzNSZjZj0zODM0MzQxJmZxPTAmdGRfcz13d3cud2lyZWQuY29tJnJjYXRzPTdzcCZtc3RlPSZtZmxkPTQmbXNzaT0mbWZzaT0mdWhvdz0zNyZhZ3NhPSZyZ3o9SDNBJnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPWVuJnN2cGlkPTE3ODE0JmRpZD0mcmN4dD1PdGhlciZsYXQ9NDUuNTIwMDAwJmxvbj0tNzMuNTk5OTk4JnRtcGM9MTAuNjI5OTk5OTk5OTk5OTk1JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ1pEWVc1aFpHRVNCbEYxWldKbFl4b0FJZ2hOYjI1MGNtVmhiRGdCVUF1QUFRQ0lBUUdRQVFHd0FRQzZBUVlJN3JvSEdBekFBZmIwQnRBQjl2UUcmZHVyPUNqWUtIV05vWVhKblpTMWhiR3hKYm5SbFozSmhiRUp5WVc1a1UyRm1aWFI1SWhVSS1mX19fX19fX19fX0FSSUlhVzUwWldkeVlXd0tPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrUUtLV05vWVhKblpTMWhiR3hFYVhOd2JHRjVWbWxsZDJGaWFXeHBkSGxDYVdSQlpHcDFjM1J0Wlc1MEloY0ltdl9fX19fX19fX19BUklLY1MxaGJHeHBZVzVqWlFwSUNpRmphR0Z5WjJVdFlXeHNUVzloZEZacFpYZGhZbWxzYVhSNVZISmhZMnRwYm1jaUl3aWxfX19fX19fX19fOEJFZzV0YjJGMExYSmxjRzl5ZEdsdVp5b0dDTUNFUFJnTSZjcnJlbHI9JmlwbD0vMzM3OS9jb25kZS53aXJlZC9oZXJvL3NlY3VyaXR5L2FydGljbGUvMSZwY209MSZ2Yz0zJnNhaWQ9ZTAxNDM4Yzg5OWM0ZTE4NWFiNDhhZmJhMjcxZDM1MTZjN2I0ZmVhNSZpY3Q9VW5rbm93biZhdWN0PTEmY3hsdnM9MCZpbT0xJm1jPTcwYzUwMDM0LWRkNWItNDdmZi04NmZmLWM0ZDY1N2E0MDA5YSZ0YWlsPTEmc3Y9cnViaWNvbiZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=17814&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=2&tc=0&fs=200157&na=598904574&cs=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:43 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:43 GMT
/
insight.adsrvr.org/enduser/pie/ Frame CFB0 		807 B
925 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/pie/?pie=20&vet=1&rtb=dD0xJmlpZD00MDljNDZmNi0zN2RjLTRkMjMtYWQ1NS01NDI2NjQ5NGM1OTMmY3JpZD1xMjVtNTJ4cSZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE1NjAyMjE3JnB1aWQ9JnBpZD0zaThqYjhqJmFnPTlxbm50eW4mYWR2PWlmNGFmcHAmYnA9MC40MzE2NzA0ODY0MTQ3NTg2NDIzNSZjZj0zODM0MzQxJmZxPTAmdGRfcz13d3cud2lyZWQuY29tJnJjYXRzPTdzcCZtc3RlPSZtZmxkPTQmbXNzaT0mbWZzaT0mdWhvdz0zNyZhZ3NhPSZyZ3o9SDNBJnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPWVuJnN2cGlkPTE3ODE0JmRpZD0mcmN4dD1PdGhlciZsYXQ9NDUuNTIwMDAwJmxvbj0tNzMuNTk5OTk4JnRtcGM9MTAuNjI5OTk5OTk5OTk5OTk1JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ1pEWVc1aFpHRVNCbEYxWldKbFl4b0FJZ2hOYjI1MGNtVmhiRGdCVUF1QUFRQ0lBUUdRQVFHd0FRQzZBUVlJN3JvSEdBekFBZmIwQnRBQjl2UUcmZHVyPUNqWUtIV05vWVhKblpTMWhiR3hKYm5SbFozSmhiRUp5WVc1a1UyRm1aWFI1SWhVSS1mX19fX19fX19fX0FSSUlhVzUwWldkeVlXd0tPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrUUtLV05vWVhKblpTMWhiR3hFYVhOd2JHRjVWbWxsZDJGaWFXeHBkSGxDYVdSQlpHcDFjM1J0Wlc1MEloY0ltdl9fX19fX19fX19BUklLY1MxaGJHeHBZVzVqWlFwSUNpRmphR0Z5WjJVdFlXeHNUVzloZEZacFpYZGhZbWxzYVhSNVZISmhZMnRwYm1jaUl3aWxfX19fX19fX19fOEJFZzV0YjJGMExYSmxjRzl5ZEdsdVp5b0dDTUNFUFJnTSZjcnJlbHI9JmlwbD0vMzM3OS9jb25kZS53aXJlZC9oZXJvL3NlY3VyaXR5L2FydGljbGUvMSZwY209MSZ2Yz0zJnNhaWQ9ZTAxNDM4Yzg5OWM0ZTE4NWFiNDhhZmJhMjcxZDM1MTZjN2I0ZmVhNSZpY3Q9VW5rbm93biZhdWN0PTEmY3hsdnM9MCZpbT0xJm1jPTcwYzUwMDM0LWRkNWItNDdmZi04NmZmLWM0ZDY1N2E0MDA5YSZ0YWlsPTEmc3Y9cnViaWNvbiZ0YWlsPTE.
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:43 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
pixel.gif
px.moatads.com/ Frame CFB0 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=1&rk=0&tk=0&ak=-&i=TRADEDESKV3&ol=3900400012&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xkVHrBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-21y3bVjbGrWLAw%3D%3D&sc=1&os=1-rQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=3&cm=6&f=1&j=https%3A%2F%2Fwww.wired.com&lp=https%3A%2F%2Fwww.wired.com&t=1663607322020&de=528626899694&cu=1663607322020&m=1237&ar=5aeef158bee-clean&iw=dd009cb&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=186&le=1&lf=233&lg=1&lh=96&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1800%3A1800%3A3174%3A2409&aa=1&ad=1080&cn=1080&gn=1&gk=1080&gl=1080&ik=1080&ic=1080&ez=1&co=1080&cp=1015&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1015&cd=1015&ah=1015&am=1015&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=3i8jb8j%3Aif4afpp%3Ax4etwe1%3A9qnntyn&bd=www.wired.com&gw=thetradedeskv275874568748&zMoatOrigSlicer1=www.wired.com&zMoatOrigSlicer2=N%2FA&zMoatDomain=wired.com&zMoatSubdomain=wired.com&zMoatJS=3%3A-&zMoatCachebuster=814314&zMoatCreative=q25m52xq&zMoatDealID=-&zMoatImpressionId=409c46f6-37dc-4d23-ad55-54266494c593&zMoatPartnerID=3i8jb8j&zMoatSite=www.wired.com&zMoatSupplyVendor=rubicon&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD00MDljNDZmNi0zN2RjLTRkMjMtYWQ1NS01NDI2NjQ5NGM1OTMmY3JpZD1xMjVtNTJ4cSZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE1NjAyMjE3JnB1aWQ9JnBpZD0zaThqYjhqJmFnPTlxbm50eW4mYWR2PWlmNGFmcHAmYnA9MC40MzE2NzA0ODY0MTQ3NTg2NDIzNSZjZj0zODM0MzQxJmZxPTAmdGRfcz13d3cud2lyZWQuY29tJnJjYXRzPTdzcCZtc3RlPSZtZmxkPTQmbXNzaT0mbWZzaT0mdWhvdz0zNyZhZ3NhPSZyZ3o9SDNBJnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPWVuJnN2cGlkPTE3ODE0JmRpZD0mcmN4dD1PdGhlciZsYXQ9NDUuNTIwMDAwJmxvbj0tNzMuNTk5OTk4JnRtcGM9MTAuNjI5OTk5OTk5OTk5OTk1JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ1pEWVc1aFpHRVNCbEYxWldKbFl4b0FJZ2hOYjI1MGNtVmhiRGdCVUF1QUFRQ0lBUUdRQVFHd0FRQzZBUVlJN3JvSEdBekFBZmIwQnRBQjl2UUcmZHVyPUNqWUtIV05vWVhKblpTMWhiR3hKYm5SbFozSmhiRUp5WVc1a1UyRm1aWFI1SWhVSS1mX19fX19fX19fX0FSSUlhVzUwWldkeVlXd0tPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrUUtLV05vWVhKblpTMWhiR3hFYVhOd2JHRjVWbWxsZDJGaWFXeHBkSGxDYVdSQlpHcDFjM1J0Wlc1MEloY0ltdl9fX19fX19fX19BUklLY1MxaGJHeHBZVzVqWlFwSUNpRmphR0Z5WjJVdFlXeHNUVzloZEZacFpYZGhZbWxzYVhSNVZISmhZMnRwYm1jaUl3aWxfX19fX19fX19fOEJFZzV0YjJGMExYSmxjRzl5ZEdsdVp5b0dDTUNFUFJnTSZjcnJlbHI9JmlwbD0vMzM3OS9jb25kZS53aXJlZC9oZXJvL3NlY3VyaXR5L2FydGljbGUvMSZwY209MSZ2Yz0zJnNhaWQ9ZTAxNDM4Yzg5OWM0ZTE4NWFiNDhhZmJhMjcxZDM1MTZjN2I0ZmVhNSZpY3Q9VW5rbm93biZhdWN0PTEmY3hsdnM9MCZpbT0xJm1jPTcwYzUwMDM0LWRkNWItNDdmZi04NmZmLWM0ZDY1N2E0MDA5YSZ0YWlsPTEmc3Y9cnViaWNvbiZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=17814&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=2&tc=0&fs=200157&na=809266001&cs=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:43 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:43 GMT
ibs:dpid=53196&dpuuid=Q7168937232086202263
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdpm.demdex.net%2fibs%3adpid%3d53196%26dpuuid%3dQ7168937232086202263&uid=Q7168937232086202263&ref=%2Feucm%2Fp%2Fadpq
  • https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7168937232086202263
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7168937232086202263
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-063e3d10a.edge-usw2.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
zkRBxL3rQek=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Mon, 19 Sep 2022 17:08:43 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7168937232086202263
Cache-Control
max-age=74549
Connection
keep-alive
Content-Type
text/html
Content-Length
154
pixel.gif
px.moatads.com/ Frame CFB0 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=1&rk=0&tk=0&ak=-&i=TRADEDESKV3&ol=3900400012&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xkVHrBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-21y3bVjbGrWLAw%3D%3D&sc=1&os=1-rQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=3&cm=6&f=1&j=https%3A%2F%2Fwww.wired.com&lp=https%3A%2F%2Fwww.wired.com&t=1663607322020&de=528626899694&cu=1663607322020&m=1237&ar=5aeef158bee-clean&iw=dd009cb&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=186&le=1&lf=233&lg=1&lh=96&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1800%3A1800%3A3174%3A2409&aa=1&ad=1080&cn=1080&gn=1&gk=1080&gl=1080&ik=1080&ic=1080&ez=1&co=1080&cp=1015&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1015&cd=1015&ah=1015&am=1015&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=3i8jb8j%3Aif4afpp%3Ax4etwe1%3A9qnntyn&bd=www.wired.com&gw=thetradedeskv275874568748&zMoatOrigSlicer1=www.wired.com&zMoatOrigSlicer2=N%2FA&zMoatDomain=wired.com&zMoatSubdomain=wired.com&zMoatJS=3%3A-&zMoatCachebuster=814314&zMoatCreative=q25m52xq&zMoatDealID=-&zMoatImpressionId=409c46f6-37dc-4d23-ad55-54266494c593&zMoatPartnerID=3i8jb8j&zMoatSite=www.wired.com&zMoatSupplyVendor=rubicon&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD00MDljNDZmNi0zN2RjLTRkMjMtYWQ1NS01NDI2NjQ5NGM1OTMmY3JpZD1xMjVtNTJ4cSZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE1NjAyMjE3JnB1aWQ9JnBpZD0zaThqYjhqJmFnPTlxbm50eW4mYWR2PWlmNGFmcHAmYnA9MC40MzE2NzA0ODY0MTQ3NTg2NDIzNSZjZj0zODM0MzQxJmZxPTAmdGRfcz13d3cud2lyZWQuY29tJnJjYXRzPTdzcCZtc3RlPSZtZmxkPTQmbXNzaT0mbWZzaT0mdWhvdz0zNyZhZ3NhPSZyZ3o9SDNBJnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPWVuJnN2cGlkPTE3ODE0JmRpZD0mcmN4dD1PdGhlciZsYXQ9NDUuNTIwMDAwJmxvbj0tNzMuNTk5OTk4JnRtcGM9MTAuNjI5OTk5OTk5OTk5OTk1JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ1pEWVc1aFpHRVNCbEYxWldKbFl4b0FJZ2hOYjI1MGNtVmhiRGdCVUF1QUFRQ0lBUUdRQVFHd0FRQzZBUVlJN3JvSEdBekFBZmIwQnRBQjl2UUcmZHVyPUNqWUtIV05vWVhKblpTMWhiR3hKYm5SbFozSmhiRUp5WVc1a1UyRm1aWFI1SWhVSS1mX19fX19fX19fX0FSSUlhVzUwWldkeVlXd0tPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrUUtLV05vWVhKblpTMWhiR3hFYVhOd2JHRjVWbWxsZDJGaWFXeHBkSGxDYVdSQlpHcDFjM1J0Wlc1MEloY0ltdl9fX19fX19fX19BUklLY1MxaGJHeHBZVzVqWlFwSUNpRmphR0Z5WjJVdFlXeHNUVzloZEZacFpYZGhZbWxzYVhSNVZISmhZMnRwYm1jaUl3aWxfX19fX19fX19fOEJFZzV0YjJGMExYSmxjRzl5ZEdsdVp5b0dDTUNFUFJnTSZjcnJlbHI9JmlwbD0vMzM3OS9jb25kZS53aXJlZC9oZXJvL3NlY3VyaXR5L2FydGljbGUvMSZwY209MSZ2Yz0zJnNhaWQ9ZTAxNDM4Yzg5OWM0ZTE4NWFiNDhhZmJhMjcxZDM1MTZjN2I0ZmVhNSZpY3Q9VW5rbm93biZhdWN0PTEmY3hsdnM9MCZpbT0xJm1jPTcwYzUwMDM0LWRkNWItNDdmZi04NmZmLWM0ZDY1N2E0MDA5YSZ0YWlsPTEmc3Y9cnViaWNvbiZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=17814&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=2&tc=0&fs=200157&na=1166042803&cs=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:43 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:43 GMT
ibs:dpid=73426&dpuuid=66373113506026136401086284029216043361
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=66373113506026136401086284029216043361&rn=1663607318850&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D663731135060261...
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=66373113506026136401086284029216043361
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=66373113506026136401086284029216043361
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-06ff77c74.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
vDm27nXFRXs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=66373113506026136401086284029216043361
date
Mon, 19 Sep 2022 17:08:43 GMT
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
0
x-amz-cf-id
VcwsudvNrMfX0h8h6HBRAjnYoqPgiRnub_hR2J15AUdZcureOk_Pig==
x-cache
Miss from cloudfront
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9fc5180c9574e3d0c19951cea0883c2e046e7deaa440afaf7049cca0687c51d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 17:08:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11305
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 7574 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.wired.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:08:43 GMT
server
Kestrel
server-processing-duration-in-ticks
510134
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=228464857488266&ev=Spire-Studio-Segment&dl=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&rl=&if=false&ts=1663607323567&cd[code]=&sw=1600&sh=1200&v=2.9.83&r=stable&ec=2&o=30&fbp=fb.1.1663607319664.1123849076&ic=gtm&it=1663607318841&coo=false&dpo=&tm=2&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 19 Sep 2022 17:08:43 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035094/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
358 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.224.214.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-36.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:42:15 GMT
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
1589
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
8HA4VbuuepL8RE6oI6_SupFWNVcgbmakNq7bPkoXEsalGJ1ct-DhXA==

Redirect headers

location
/internal-c2/default/cs.js
date
Mon, 19 Sep 2022 17:08:43 GMT
via
1.1 8db0da5790a86a83533944290a7dab9a.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
0
x-amz-cf-id
8E98maaIEdPcajfAGZdRrW1G-zC17FJ9LQLeoMpBWW-wUgOLxOvAEw==
x-cache
Miss from cloudfront
sn.ashx
dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_F6769A69_87ACE3EC&redir=https://abp.mxptint.net/ Frame 919A
Redirect Chain
  • https://abp.mxptint.net/sn.ashx
  • https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_F6769A69_87ACE3EC&redir=https://abp.mxptint.net/sn.ashx?ak=1
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_F6769A69_87ACE3EC&redir=https://abp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-084555eb7.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
nDyBC/SNQSA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_F6769A69_87ACE3EC&redir=https://abp.mxptint.net/sn.ashx?ak=1
Date
Mon, 19 Sep 2022 17:08:43 GMT
Cache-Control
private
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
237
Strict-Transport-Security
max-age=-346594123; includeSubDomains
Content-Type
text/html; charset=utf-8
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091401.js?cb=31069627
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:08:43 GMT
sid
mug.criteo.com/ Frame 7574
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=wired.com&sn=ChromeSyncframe&so=0&topUrl=www.wired.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=6Q2N2nxhb3FwU1IzMzZJTlJnd2NDcVI2T1lNeVd0Q1I3RjEwbFhNVmlUSU45R2lPS0NFQ3dRTkVHQ2RhZis1UGJURWEzRkFTaFNSaTlRT00rRjJoV2pQU2NIWXljbTdqdTFuMG56T0U1OTVWNXg1dnExeVRGVU5jWTB3VD...
422 B
649 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=6Q2N2nxhb3FwU1IzMzZJTlJnd2NDcVI2T1lNeVd0Q1I3RjEwbFhNVmlUSU45R2lPS0NFQ3dRTkVHQ2RhZis1UGJURWEzRkFTaFNSaTlRT00rRjJoV2pQU2NIWXljbTdqdTFuMG56T0U1OTVWNXg1dnExeVRGVU5jWTB3VDZmS3BPN2FkbENuWEZDL2ZyTE0vdm1yNUFvQ3R2d25HRUhlYjFQdUZXbGhDVjlnTUM3eUY0d1R1QWYzQ2VTMlpIUDc3R0wwSlJLQU94Zk1LbVpSbk5rb0dwT080dGliWFpOMVR0eDY4ODVicU1UUStvQmRrbHBGMi82UGxCZm9FS2dKT29lY1F1azNGN1VtZzA3bS9DKytRZzVTelMvQT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
1e823d94961768b23a6c686cc65655b82cd5dfff3af4521deb7d313c0434ed81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2833258
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:42 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=6Q2N2nxhb3FwU1IzMzZJTlJnd2NDcVI2T1lNeVd0Q1I3RjEwbFhNVmlUSU45R2lPS0NFQ3dRTkVHQ2RhZis1UGJURWEzRkFTaFNSaTlRT00rRjJoV2pQU2NIWXljbTdqdTFuMG56T0U1OTVWNXg1dnExeVRGVU5jWTB3VDZmS3BPN2FkbENuWEZDL2ZyTE0vdm1yNUFvQ3R2d25HRUhlYjFQdUZXbGhDVjlnTUM3eUY0d1R1QWYzQ2VTMlpIUDc3R0wwSlJLQU94Zk1LbVpSbk5rb0dwT080dGliWFpOMVR0eDY4ODVicU1UUStvQmRrbHBGMi82UGxCZm9FS2dKT29lY1F1azNGN1VtZzA3bS9DKytRZzVTelMvQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
318418
content-length
0
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 87BE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
25419
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 10:05:04 GMT
expires
Tue, 19 Sep 2023 10:05:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E728 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
babbf9312379a1373dbf87673c1913910207b16269c5b9776a88a6a90c1d9b23
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--7tKqpD_1WRZxFJpTufXLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce--7tKqpD_1WRZxFJpTufXLw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 17:08:43 GMT
expires
Mon, 19 Sep 2022 17:08:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
pagead2.googlesyndication.com/bg/ Frame 87BE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:19:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
424146
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15932
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:19:37 GMT
ibs:dpid=79908&dpuuid=c:29289150156ddd0f20cad19a6bd3acfc
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=124&cm=66373113506026136401086284029216043361&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:29289150156ddd0f20cad19a6bd3acfc
42 B
956 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:29289150156ddd0f20cad19a6bd3acfc
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0c57a06f3.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
300
X-TID
Vz3m3we0SEo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Mon, 19 Sep 2022 17:08:43 GMT
server
Aorta/20220919.eafb99d28
location
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:29289150156ddd0f20cad19a6bd3acfc
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
3b42d0cec4ed
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame E728 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091401&jk=545560438447052&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ca
choices.trustarc.com/ Frame CFB0 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=x4etwe1_9qnntyn_q25m52xq&w=728&h=90&c=tradedesk01cont1&js=pmw1&base=te-clr1-e18a3435-33cd-48ce-8ce0-5a0f3c945349&sid=0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=x4etwe1_9qnntyn_q25m52xq&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-3.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
b0f47d3e34466d73d6ed47a3b3fdb066a872d628fb6ce56e061aa5520625a320
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
PHL50-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding, Origin
content-length
2414
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id
bhtDEsWZSmWw4RYTNUJZZ3GgN5aS0548WdfT2NKpf6xOE_Dtoqssmw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame CFB0 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=x4etwe1_9qnntyn_q25m52xq&w=728&h=90&c=tradedesk01cont1&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=x4etwe1_9qnntyn_q25m52xq&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-3.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 00:27:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
60050
cross-origin-embedder-policy
unsafe-none
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
OTv86bfIppFAHb07BiPcx_v1leJhspjLLpJWTWZOhR637b6-gZ7kaA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame CFB0 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=x4etwe1_9qnntyn_q25m52xq&w=728&h=90&c=be99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-3.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:43 GMT
via
1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
PHL50-C1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
vary
Origin
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id
MEu9uF8NJ1lE9-4uXDGSZ1-ts6qt4TpfXD_0fhDzgg9TOLhvgEzUpA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 919A
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=66373113506026136401086284029216043361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=66373113506026136401086284029216043361
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=66373113506026136401086284029216043361
Protocol
H2
Server
34.197.122.29 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-122-29.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:43 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1663607323
x-served-by
beacon-n013-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=66373113506026136401086284029216043361
date
Mon, 19 Sep 2022 17:08:43 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a014-ash-prod.krxd.net
generate_204
tpc.googlesyndication.com/ Frame 87BE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?IhZ03A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
get
choices.trustarc.com/ Frame CFB0 		287 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-3.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
public
date
Mon, 05 Sep 2022 07:16:29 GMT
via
1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
server
nginx
age
1245134
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
PHL50-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
d2mYXYBlvky4j2NyYiAQJplOdWAdtX005UwZwFm85rpV4WcV6SqAYQ==
expires
Wed, 05 Oct 2022 07:16:29 GMT
ibs:dpid=121998&dpuuid=f876724d5fadf28a54903c2f911d4340
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=66373113506026136401086284029216043361?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=f876724d5fadf28a54903c2f911d4340
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=f876724d5fadf28a54903c2f911d4340
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0b2dbfdb6.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ELW6/1t2SbY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:43 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=f876724d5fadf28a54903c2f911d4340
cache-control
no-cache
x-server
10.40.47.236
content-length
0
expires
0
get
choices.trustarc.com/ Frame CF99 		287 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=x4etwe1_9qnntyn_q25m52xq&w=728&h=90&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-3.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
public
date
Mon, 05 Sep 2022 07:16:29 GMT
via
1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
server
nginx
age
1245134
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
PHL50-C1
timing-allow-origin
*
content-length
287
x-amz-cf-id
TBh0NOpdckQ4dlpHz450f30SuILw8R-Jg4TQJ1UndgsPB7Na1tZvug==
expires
Wed, 05 Oct 2022 07:16:29 GMT
get
choices.trustarc.com/ Frame CF99 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-3.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
public
date
Wed, 31 Aug 2022 06:58:33 GMT
via
1.1 558a7274c3bf9c351a26dc5ddb8c820a.cloudfront.net (CloudFront)
server
nginx
age
1678210
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
PHL50-C1
timing-allow-origin
*
content-length
739
x-amz-cf-id
q3eD48CJmE9P02a203NExnmAovXRP7MJnpZqryU2pAQmB9ThdLYtLg==
expires
Fri, 30 Sep 2022 06:58:33 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A43.991Z&_t=impressionViewable&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&_o=wired&_c=ad_metrics&xID=7019f732-25e0-4a38-bce5-b53f5c128960&dim1=%7B%22channel%22%3A%22security%22%2C%22platform%22%3A%22verso%22%2C%22template%22%3A%22mt_article_two_column%22%2C%22viewport%22%3A%22desktop%22%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22hero%22%2C%22size%22%3A%22728x90%22%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:44 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
event
condenast.demdex.net/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://condenast.demdex.net/event?d_dil_ver=9.4&_ts=1663607324006
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.41.193.199 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-41-193-199.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7b3122b8978c82a4c544d943a7c17fc04507c7d0a628ab221227e7ddc2c50407
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-2-v038-0eee6f39d.edge-usw2.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
Wz5UrmqmSYI=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.wired.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
2291
Expires
Thu, 01 Jan 1970 00:00:00 UTC
u
dmp.v.fwmrm.net/ad/ Frame 919A 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f606:b0c3:6468:eab1:934c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:44 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame 919A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXlpaUZ3QUFBRWU5NkFOUA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXlpaUZ3QUFBRWU5NkFOUA==
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663607324.122877,VS0,VE0
x-served-by
cache-yul12830-YUL
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXlpaUZ3QUFBRWU5NkFOUA==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
t
elsa.memoinsights.com/ 		107 B
349 B 		Script
General
Check archive.org
Download Go to
Full URL
https://elsa.memoinsights.com/t?pid=5c058a6070cdcc676efa61c4&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&date=2022-09-16T21%3A35%3A11.388Z&title=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&channels=tags&authors=Lily%20Hay%20Newman&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&cb=MEMO.API.callbacks.cbkkmpdxqbe&v=v3.0.6&t=5000&e=5000&s=0
Requested by
Host: cdn.memo.co
URL: https://cdn.memo.co/js/memo.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.234.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-234-45.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
58b6a40c7698a85d15c512895b0c018075417b1459c50a09dcb1c47dfce10482

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:44 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
107
x-request-id
1d273243b75647c1ffb71efec57f2e01
content-type
application/javascript
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 919A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YyiiFwAAAEe96ANP&expires=90
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YyiiFwAAAEe96ANP&expires=90
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
ab995a74221271a8dc253760ec78ee1d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663607324.246826,VS0,VE0
x-served-by
cache-yul12830-YUL
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YyiiFwAAAEe96ANP&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
background-img%403x.jpg
media.wired.com/photos/5dc1c39d774e490008209a29/master/pass/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/5dc1c39d774e490008209a29/master/pass/background-img%403x.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7475b0e4ec6aaefe03e26dee8683fe8dbb06a19d4443265e59aae73cb9f1e261

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:44 GMT
Connection
keep-alive
Age
1757201
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=55588 idim=900x750 ifmt=jpeg ofsz=7716 odim=900x750 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-iad-kiad7000048-IAD, cache-yul12825-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663607324.346781,VS0,VE1
Etag
"Cd5P3SxK/J//Un88wJ+y+MDEBQLE3V7dZEG6ZrcJl7M"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
7716
timing-allow-origin
*
X-Cache-Hits
4, 1858
LabGrotesque-Black.woff2
www.wired.com/verso/static/assets/fonts/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/LabGrotesque-Black.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c41dc37fea212372d1f53109304ebae695e644f9ce083dcab08d5978c8c3020f
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:44 GMT
via
1.1 varnish
age
2973731
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/LabGrotesque-Black.woff2
last-modified
Tue, 16 Aug 2022 07:03:59 GMT
verso
true
content-length
47924
x-amz-id-2
Ef9O5Lr7bZe66ylFD2lvoz93UsJDPPONPooNG5itxvpmrderWi/SY1FH0GC58DXoXQDaku+d1t0=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607324.348865,VS0,VE1
apple-news-services-request-url
/verso/static/assets/fonts/LabGrotesque-Black.woff2
etag
"44b6bf0cd9f1d027a6ca723b2024925c"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
NGQPD36MWKPAC0ZV
access-control-allow-origin
*
expires
Wed, 16 Aug 2023 07:06:34 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff2
apple-news-services-host
www.wired.com
x-cache-hits
81
rum
dsum-sec.casalemedia.com/ Frame 919A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YyiiFwAAAEe96ANP
43 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YyiiFwAAAEe96ANP
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3ecd18fbba1e0-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 17:08:44 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ID7HCl2oFG132tVoWboEx%2BAFv6SXzNJtO7GpHH7EafJwOOBZ3Pt5TLULkl9AZhPF%2FfxTq78RiJgiMnyB%2B%2FNI9rSJR%2FmdTDDYoboTyz84Z2%2FheWEMfSjZ5i8W3af0mYBeON9NosaP4pwhYA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663607324.378064,VS0,VE0
x-served-by
cache-yul12830-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YyiiFwAAAEe96ANP
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A44.373Z&_t=adBlock&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6000&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&aam_uuid=66373113506026136401086284029216043361&_o=wired&_c=ad_metrics&xID=7019f732-25e0-4a38-bce5-b53f5c128960&dim1=%7B%22device%22%3A%22desktop%22%2C%22pageContext%22%3A%7B%22channel%22%3A%22security%22%2C%22content%22%3A%7B%22copyCount%22%3A932%2C%22imageCount%22%3A0%2C%22embedCount%22%3A1%2C%22ratio%22%3A932%7D%2C%22contentType%22%3A%22article%22%2C%22experiments%22%3A%7B%7D%2C%22keywords%22%3A%7B%22copilotid%22%3A%5B%22632496798990652479ff3877%22%5D%2C%22platform%22%3A%5B%22verso%22%5D%2C%22tags%22%3A%5B%22security%22%2C%22hacking%22%2C%22vulnerabilities%22%2C%22uber%22%2C%22national-security%22%2C%22Uber%22%5D%7D%2C%22server%22%3A%22production%22%2C%22slug%22%3A%22uber-hack-mfa-phishing%22%2C%22subChannel%22%3A%22national-security%22%2C%22subSubChannel%22%3A%22%22%2C%22templateType%22%3A%22mt_article_two_column%22%2C%22adBlock%22%3Atrue%7D%2C%22adBlock%22%3Atrue%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:44 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
background-img.png
media.wired.com/photos/5e421bd83130b10008e82ca9/master/pass/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/5e421bd83130b10008e82ca9/master/pass/background-img.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3e2c74520955923ebd7093beb2cf2a2fd6b1dabba81de3948e4712620159e61f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:44 GMT
Connection
keep-alive
Age
3479746
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=148842 idim=940x140 ifmt=png ofsz=2234 odim=940x140 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-iad-kcgs7200057-IAD, cache-yul12825-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663607324.398951,VS0,VE1
Etag
"zbCT2zmHP1Ct0HkI+Jr1IUmD97959wZmU1KGYEjcIpw"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
2234
timing-allow-origin
*
X-Cache-Hits
339, 194
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091401&jk=545560438447052&bg=!CgmlCU3NAAZqQh0mSkI7ACkAdvg8WtP0Mk_QvWNTAcOQWxGTTXUIZHWo2GYzNAj1tQE0Tq8lMiquHgIAAAC1UgAAAARoAQcKAF3riJnR6beMghiRaC3KHPQCTZ9gEp2FVByFvI2Da2XZnUk_BpR154WBGb5VHm_0czXwsSD0nrdonUJSm1296da4pF4OyOhUIjfVVaX-dDko5EBNESPXKJ5j1O9ytRmZApIyd2zJCG5R2OhOUFOO2T3QtIqIPhTF3QD9iD3iA857zGNIlRAOIFDs3oZu_J9DRGAaFYX1clOkytAPtnMRbYkdpSonFuUlX8LgWt-NpAruk1VwnCqF6ia5o-9G_Ek4GG4HmjTnlyins9CTOLVK8-c1bf0GoV9ryBZGot37jRp1wUS79ggob0lVRstwHOpT6T2QiH8LOUxLNjAQ1QN5hCujYceImlZBADxkE-uRD0Y_WKG26j-cckbZgiIHHhv-HtbOoRT9lOsyPMWDzs2mx625YETIs1V1uup98i9coOIb99UiFc3nn5aWuJ2jUkgMIfw6m38yQfU2b_UnaMCVv9Vy65GIYTKnCS6RIauwCBoV71ahxt0ZoUAan33FVZDnOJTAxHDy2fwq6zriva50k-ASseC5A8nz3d2e86wvKH_annDGpBWqxfsqrrlWrv78LW-RrfZi3GNHQX441W92gClsBv85HyHRdpjjVZjAg4rstHGZNu6Hx-DrxkoyJxbdfHvA1GZGF_DOO_nfNBDmRdt_X7NumOBzL-2hyg-i_VKS8ZnPmeF_E-tAix-c98tQSRe5-LDwNHxeFDyKjlGFwKiKf_KcFdL0F18880DEjZyLIZUqwI4Q1bi8Yf3iWXAGipk7MlHgY4LU2HqkbFJ-Suwtv3WRT24bsSxzm9unDC4h6iNbfMLeJ6hpDTBfvru-t0xOvsBO-1YGeCstIcsogCAp8qLb2bHy6RWcQoINEskFLfiPplq9w_uKYN3jtIN91esZOgooVF3zUwWCLq9R_2SWlxSMFVGkPMwVtIrFXnpTLVcdLz95rI4usJsp9_9vCRpR1lcCu9xh17ZcUL0RTTC5ozLyBKHGruBmBfN00qy2EPx4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
setuid
ib.adnxs.com/ Frame 919A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YyiiFwAAAEe96ANP
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YyiiFwAAAEe96ANP
Protocol
HTTP/1.1
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:44 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
5a68fb18-a004-4997-b0ad-9e37a68c0133
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663607324.479553,VS0,VE0
x-served-by
cache-yul12830-YUL
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YyiiFwAAAEe96ANP
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame 919A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YyiiFwAAAEe96ANP
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YyiiFwAAAEe96ANP
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:44 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663607325.582085,VS0,VE0
x-served-by
cache-yul12830-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YyiiFwAAAEe96ANP
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame 919A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YyiiFwAAAEe96ANP
1 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YyiiFwAAAEe96ANP
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663607325.683578,VS0,VE0
x-served-by
cache-yul12830-YUL
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YyiiFwAAAEe96ANP
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
/
id.sv.rkdms.com/identity/ 		348 B
622 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=CONDENAST&sv_domain=www.wired.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.220.58.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-220-58-99.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
50df22a8aba339f78f050ff784c2854c0a1416d4880c0e67b06c80a77fca1211

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.wired.com
date
Mon, 19 Sep 2022 17:08:44 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.20.2
vary
Accept-Encoding, Origin
content-type
application/json
partner
sync.search.spotxchange.com/ Frame 919A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YyiiFwAAAEe96ANP&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YyiiFwAAAEe96ANP&img=1&__user_check__=1&sync_id=b7f72435-383d-11ed-aed7-15e8696a0403
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YyiiFwAAAEe96ANP&img=1&__user_check__=1&sync_id=b7f72435-383d-11ed-aed7-15e8696a0403
Protocol
HTTP/1.1
Server
192.35.249.120 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:44 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
95
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 19 Sep 2022 17:08:44 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YyiiFwAAAEe96ANP&img=1&__user_check__=1&sync_id=b7f72435-383d-11ed-aed7-15e8696a0403
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
78
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame 919A
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YyiiFwAAAEe96ANP&t=2592000&o=0
43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YyiiFwAAAEe96ANP&t=2592000&o=0
Protocol
H3
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 10:08:44 PDT
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
y2NfDGsZfrFfQrBVsbMYRxNXKkA4tB9I1I9vUun4H/vSZ6N3Z7NwcpWsJkAiyNMuCOIp04nN46+r2suOdEtWJQ==
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Mon, 19 Sep 2022 10:08:44 PDT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:44 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663607325.887734,VS0,VE0
x-served-by
cache-yul12830-YUL
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YyiiFwAAAEe96ANP&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
headerstats
as-sec.casalemedia.com/ 		0
499 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=383250&u=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3R9zD0QujK3V%2BiuEYhbBYurs1e0tzVN65ACZrnjztxliTLXJDw42JOEUETz8M4Rky0HceRRl1B1eY5dfwEcVMqPjfonGhpqYxrX05I6rTOhyzX2YC9xK9s%2F2i%2B6CgLlah0zIKfVYNJA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.wired.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74d3ecd51cf4a23b-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
ibs:dpid=161033&dpuuid=
dpm.demdex.net/ Frame 919A
Redirect Chain
  • https://pixel.onaudience.com/?partner=130&mapped=66373113506026136401086284029216043361&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m
  • https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
Protocol
HTTP/1.1
Server
52.36.124.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-124-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-04186efd4.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
300,104
X-TID
6a1LBo5NRDA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
content-length
0
image.sbxx
ib.mookie1.com/ Frame 919A
Redirect Chain
  • https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=66373113506026136401086284029216043361
  • https://ib.mookie1.com/image.sbix?go=244346&pid=268&xid=66373113506026136401086284029216043361
  • https://dpm.demdex.net/ibs:dpid=285689&dpuuid=66373113506026136401086284029216043361&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D
  • https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=66373113506026136401086284029216043361
  • https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=66373113506026136401086284029216043361
120 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=66373113506026136401086284029216043361
Protocol
HTTP/1.1
Server
64.58.232.177 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
be31-199.crrt01.las04.flexential.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:45 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS06
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Mon, 19 Sep 2022 17:08:45 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=244346&pid=268&xid=66373113506026136401086284029216043361
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
LAS10
Content-Type
text/html; charset=utf-8
Content-Length
223
LabGrotesque-Medium.woff2
www.wired.com/verso/static/assets/fonts/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/LabGrotesque-Medium.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8575c83bcd649c28701830bc98d0051adba45ba685776092d2417c9240ee0c67
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:45 GMT
via
1.1 varnish
age
1157992
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/LabGrotesque-Medium.woff2
last-modified
Tue, 06 Sep 2022 07:28:03 GMT
verso
true
content-length
46416
x-amz-id-2
6iryniM81fcWd6ScAutzw9k948BSkZ/S+dECSzP3TlpxRemTo93lilL6CASZmoOYkscofeDbFi0=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607325.098984,VS0,VE1
apple-news-services-request-url
/verso/static/assets/fonts/LabGrotesque-Medium.woff2
etag
"d3df48def87009f6ce71e9e5b82a1281"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
PVVDNZ610318RMTJ
access-control-allow-origin
*
expires
Wed, 06 Sep 2023 07:28:53 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff2
apple-news-services-host
www.wired.com
x-cache-hits
1
LabGrotesque-Bold.woff2
www.wired.com/verso/static/assets/fonts/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/LabGrotesque-Bold.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2c667cdbe90922576bac69bbd0fa8f61d0c410748bf29b5bccea09b21123f1a0
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:45 GMT
via
1.1 varnish
age
1157992
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/LabGrotesque-Bold.woff2
last-modified
Tue, 06 Sep 2022 07:28:03 GMT
verso
true
content-length
47856
x-amz-id-2
g3cUgUGNjRAu4ll5mTfXyKru0zEO0ukPdXz6y+KzVHlXWfXzB4jHVDSbZ9oCVANOIkPvXO5RjAU=
x-served-by
cache-yul12825-YUL
apple-news-services-handled
false
x-timer
S1663607325.102118,VS0,VE1
apple-news-services-request-url
/verso/static/assets/fonts/LabGrotesque-Bold.woff2
etag
"181b7a06e7a0586c230d9b6282d73532"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
PVVD0T5FZYHGD77Y
access-control-allow-origin
*
expires
Wed, 06 Sep 2023 07:28:53 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff2
apple-news-services-host
www.wired.com
x-cache-hits
1
WIRED_3009_500x680.jpg
media.wired.com/photos/632486938990652479ff3876/master/w_600,c_limit/
Redirect Chain
  • https://covers.conde.io/images_covers/cover_wired_600.jpg
  • https://media.wired.com/photos/632486938990652479ff3876/master/w_600,c_limit/WIRED_3009_500x680.jpg
64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/632486938990652479ff3876/master/w_600,c_limit/WIRED_3009_500x680.jpg
Protocol
HTTP/1.1
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c6456830401da80934234015a0656a2027db0263faf7854db60adcc994c25c2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 17:08:45 GMT
Connection
keep-alive
Age
269153
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=358458 idim=500x680 ifmt=jpeg ofsz=65544 odim=500x680 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-iad-kjyo7100114-IAD, cache-yul12825-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663607325.179459,VS0,VE1
Etag
"kFLU+pPloJ/DNDWK2O9YDIj76mVSxljpnbCwCA0hdbE"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
65544
timing-allow-origin
*
X-Cache-Hits
1, 8

Redirect headers

Date
Mon, 19 Sep 2022 17:08:45 GMT
Via
1.1 varnish
Server
nginx/1.15.8
Age
1
X-Served-By
cache-yul12829-YUL
X-Cache
HIT
location
https://media.wired.com/photos/632486938990652479ff3876/master/w_600,c_limit/WIRED_3009_500x680.jpg
cache-control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1663607325.157967,VS0,VE0
Content-Length
0
X-Cache-Hits
1
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ieYR_BleEhmlEx6cqyBsuQHUUW1m9uZTWMPvGECXrDaaiHtBDVTJDHCA
www.wired.com/ 		0
98 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/ieYR_BleEhmlEx6cqyBsuQHUUW1m9uZTWMPvGECXrDaaiHtBDVTJDHCA
Requested by
Host: journey.wired.com
URL: https://journey.wired.com/build-81a8a2d4b6012a28cee66c2306ead313.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 17:08:45 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-yul12825-YUL
vary
Origin
x-cache
HIT
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
apple-news-services-host
www.wired.com
content-length
0
retry-after
0
x-cache-hits
0
user_uploaded_metrichpe_400_undefined.ttf
s0.2mdn.net/sadbundle/15895870535127717286/fonts/ Frame 735C 		60 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15895870535127717286/fonts/user_uploaded_metrichpe_400_undefined.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15895870535127717286/4fcda2cf3122d8d52bcad9e162171a6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e88f4c0915dc02c509e93e39a70d9cd6ac80e9adb85fc1184f73f39d577ec533
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15895870535127717286/index.html
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:50:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26279
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26441
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 18:09:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 19 Sep 2023 09:50:46 GMT
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-P1P55J3LNW&gtm=2oe9e0&_p=1330670363&cid=987098063.1663607318&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&dl=%2Fstory%2Fuber-hack-mfa-phishing%2F&dr=%2F&sid=1663607320&sct=1&seg=0&dt=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-P1P55J3LNW&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tpsc-ue1.doubleverify.com/ Frame 5FC5 		0
229 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-ue1.doubleverify.com/event.png?impid=e26054a9078e4ac29d06e295e484ada2&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=399&eoid=11&msrjs=3094&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=22&tetms=10&msltms=55&vltms=399&sei=289&vetms=140&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=394&msrcannum=4&ismms=49&isumms=48&nvr=6&elmtp=3&isbxdms=2654&b0=100&b11=2790&adhgt=90&adwdth=728&norwdth=728&norhgt=90&vsos=3&dvp_vsosnmr=16&lftb=2890&sftb=2890&msrdp=6&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1048&isuiabvms=1048&ispmxpms=1048&engalms=47&engscrlms=158&dvp_pageEng=true&dvp_dpr=1&ttfurm=3574&cbust=1663607325351656
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3094.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.117.228.201 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
201.228.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Mon, 19 Sep 2022 17:08:45 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
close
Expires
09/18/2022 17:08:45
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=conde.wired&zMoatAdUnit2=hero&zMoatAdUnit3=security&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oeOd4UyJc8Q0YElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-QQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=436&gp=64&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=4&f=0&j=&t=1663607316787&de=470420900414&rx=430755292090&cu=1663607316787&m=8981&ar=5aeef158bee-clean&iw=f9dac89&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=64&lb=6128&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A158%3A158%3A7163%3A279&as=1&ag=4372&an=1239&gi=1&gf=4153&gg=1020&ix=4153&ic=4153&ez=1&ck=1037&kw=1719&aj=1&pg=100&pf=100&ib=0&cc=1&bw=4372&bx=1239&ci=1037&jz=1719&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5077&cd=1942&ah=5077&am=1942&xd=00&rf=0&re=1&ft=4372&fv=1239&fw=329&wb=2&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.wired&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=200157&na=1748723607&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:45 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:45 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T17%3A08%3A45.846Z&_t=timespent&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6100&pSw=1600&pSh=1200&uID=8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3&sID=b26e9da3-ffdd-4ac0-8d12-3a3b05351aea&pID=0e27f216-33c8-404f-98be-5c28fb0fba90&uDt=desktop&aam_uuid=66373113506026136401086284029216043361&_o=wired&_c=general&xID=7019f732-25e0-4a38-bce5-b53f5c128960&_v=5000&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 17:08:45 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=conde.wired&zMoatAdUnit2=hero&zMoatAdUnit3=security&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oeOd4UyJc8Q0YElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-QQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=6&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=436&gp=64&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=4&f=0&j=&t=1663607316787&de=470420900414&rx=430755292090&cu=1663607316787&m=9785&ar=5aeef158bee-clean&iw=f9dac89&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=64&lb=6128&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A158%3A158%3A7163%3A279&as=1&ag=5177&an=4372&gi=1&gf=4958&gg=4153&ix=4958&ic=4958&ez=1&ck=1037&kw=1719&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5177&bx=4372&ci=1037&jz=1719&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5882&cd=5077&ah=5882&am=5077&xd=00&rf=0&re=1&ft=4676&fv=4372&fw=329&wb=2&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.wired&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=200157&na=2109248997&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:46 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:46 GMT
pixel.gif
px.moatads.com/ Frame CFB0 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=1&rk=0&tk=0&ak=-&i=TRADEDESKV3&ol=3900400012&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xkVHrBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-21y3bVjbGrWLAw%3D%3D&sc=1&os=1-rQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=3&cm=6&f=1&j=https%3A%2F%2Fwww.wired.com&lp=https%3A%2F%2Fwww.wired.com&t=1663607322020&de=528626899694&cu=1663607322020&m=5169&ar=5aeef158bee-clean&iw=dd009cb&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=186&le=1&lf=233&lg=1&lh=96&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1800%3A1800%3A3174%3A2409&aa=1&ad=5014&cn=1080&gn=1&gk=5014&gl=1080&ik=5014&ic=5014&ez=1&co=1080&cp=1015&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4951&cd=1015&ah=4951&am=1015&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=3i8jb8j%3Aif4afpp%3Ax4etwe1%3A9qnntyn&bd=www.wired.com&gw=thetradedeskv275874568748&zMoatOrigSlicer1=www.wired.com&zMoatOrigSlicer2=N%2FA&zMoatDomain=wired.com&zMoatSubdomain=wired.com&zMoatJS=3%3A-&zMoatCachebuster=814314&zMoatCreative=q25m52xq&zMoatDealID=-&zMoatImpressionId=409c46f6-37dc-4d23-ad55-54266494c593&zMoatPartnerID=3i8jb8j&zMoatSite=www.wired.com&zMoatSupplyVendor=rubicon&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD00MDljNDZmNi0zN2RjLTRkMjMtYWQ1NS01NDI2NjQ5NGM1OTMmY3JpZD1xMjVtNTJ4cSZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE1NjAyMjE3JnB1aWQ9JnBpZD0zaThqYjhqJmFnPTlxbm50eW4mYWR2PWlmNGFmcHAmYnA9MC40MzE2NzA0ODY0MTQ3NTg2NDIzNSZjZj0zODM0MzQxJmZxPTAmdGRfcz13d3cud2lyZWQuY29tJnJjYXRzPTdzcCZtc3RlPSZtZmxkPTQmbXNzaT0mbWZzaT0mdWhvdz0zNyZhZ3NhPSZyZ3o9SDNBJnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPWVuJnN2cGlkPTE3ODE0JmRpZD0mcmN4dD1PdGhlciZsYXQ9NDUuNTIwMDAwJmxvbj0tNzMuNTk5OTk4JnRtcGM9MTAuNjI5OTk5OTk5OTk5OTk1JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ1pEWVc1aFpHRVNCbEYxWldKbFl4b0FJZ2hOYjI1MGNtVmhiRGdCVUF1QUFRQ0lBUUdRQVFHd0FRQzZBUVlJN3JvSEdBekFBZmIwQnRBQjl2UUcmZHVyPUNqWUtIV05vWVhKblpTMWhiR3hKYm5SbFozSmhiRUp5WVc1a1UyRm1aWFI1SWhVSS1mX19fX19fX19fX0FSSUlhVzUwWldkeVlXd0tPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrUUtLV05vWVhKblpTMWhiR3hFYVhOd2JHRjVWbWxsZDJGaWFXeHBkSGxDYVdSQlpHcDFjM1J0Wlc1MEloY0ltdl9fX19fX19fX19BUklLY1MxaGJHeHBZVzVqWlFwSUNpRmphR0Z5WjJVdFlXeHNUVzloZEZacFpYZGhZbWxzYVhSNVZISmhZMnRwYm1jaUl3aWxfX19fX19fX19fOEJFZzV0YjJGMExYSmxjRzl5ZEdsdVp5b0dDTUNFUFJnTSZjcnJlbHI9JmlwbD0vMzM3OS9jb25kZS53aXJlZC9oZXJvL3NlY3VyaXR5L2FydGljbGUvMSZwY209MSZ2Yz0zJnNhaWQ9ZTAxNDM4Yzg5OWM0ZTE4NWFiNDhhZmJhMjcxZDM1MTZjN2I0ZmVhNSZpY3Q9VW5rbm93biZhdWN0PTEmY3hsdnM9MCZpbT0xJm1jPTcwYzUwMDM0LWRkNWItNDdmZi04NmZmLWM0ZDY1N2E0MDA5YSZ0YWlsPTEmc3Y9cnViaWNvbiZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=17814&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=3&tc=0&fs=200157&na=945182839&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:47 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:47 GMT
/
insight.adsrvr.org/enduser/moat/ Frame CFB0 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/moat/?e=61&o=dD0xJmlpZD00MDljNDZmNi0zN2RjLTRkMjMtYWQ1NS01NDI2NjQ5NGM1OTMmY3JpZD1xMjVtNTJ4cSZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE1NjAyMjE3JnB1aWQ9JnBpZD0zaThqYjhqJmFnPTlxbm50eW4mYWR2PWlmNGFmcHAmYnA9MC40MzE2NzA0ODY0MTQ3NTg2NDIzNSZjZj0zODM0MzQxJmZxPTAmdGRfcz13d3cud2lyZWQuY29tJnJjYXRzPTdzcCZtc3RlPSZtZmxkPTQmbXNzaT0mbWZzaT0mdWhvdz0zNyZhZ3NhPSZyZ3o9SDNBJnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPWVuJnN2cGlkPTE3ODE0JmRpZD0mcmN4dD1PdGhlciZsYXQ9NDUuNTIwMDAwJmxvbj0tNzMuNTk5OTk4JnRtcGM9MTAuNjI5OTk5OTk5OTk5OTk1JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ1pEWVc1aFpHRVNCbEYxWldKbFl4b0FJZ2hOYjI1MGNtVmhiRGdCVUF1QUFRQ0lBUUdRQVFHd0FRQzZBUVlJN3JvSEdBekFBZmIwQnRBQjl2UUcmZHVyPUNqWUtIV05vWVhKblpTMWhiR3hKYm5SbFozSmhiRUp5WVc1a1UyRm1aWFI1SWhVSS1mX19fX19fX19fX0FSSUlhVzUwWldkeVlXd0tPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrUUtLV05vWVhKblpTMWhiR3hFYVhOd2JHRjVWbWxsZDJGaWFXeHBkSGxDYVdSQlpHcDFjM1J0Wlc1MEloY0ltdl9fX19fX19fX19BUklLY1MxaGJHeHBZVzVqWlFwSUNpRmphR0Z5WjJVdFlXeHNUVzloZEZacFpYZGhZbWxzYVhSNVZISmhZMnRwYm1jaUl3aWxfX19fX19fX19fOEJFZzV0YjJGMExYSmxjRzl5ZEdsdVp5b0dDTUNFUFJnTSZjcnJlbHI9JmlwbD0vMzM3OS9jb25kZS53aXJlZC9oZXJvL3NlY3VyaXR5L2FydGljbGUvMSZwY209MSZ2Yz0zJnNhaWQ9ZTAxNDM4Yzg5OWM0ZTE4NWFiNDhhZmJhMjcxZDM1MTZjN2I0ZmVhNSZpY3Q9VW5rbm93biZhdWN0PTEmY3hsdnM9MCZpbT0xJm1jPTcwYzUwMDM0LWRkNWItNDdmZi04NmZmLWM0ZDY1N2E0MDA5YSZ0YWlsPTEmc3Y9cnViaWNvbiZ0YWlsPTE.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:47 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
bJmQ77Max4JL50Kav-Nw0ABMiZn12MajX6kW8Mfo0yqXngtbshkzY1OQ
www.wired.com/ 		0
74 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/bJmQ77Max4JL50Kav-Nw0ABMiZn12MajX6kW8Mfo0yqXngtbshkzY1OQ
Requested by
Host: journey.wired.com
URL: https://journey.wired.com/build-81a8a2d4b6012a28cee66c2306ead313.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 19 Sep 2022 17:08:47 GMT
via
1.1 varnish
server
Varnish
x-served-by
cache-yul12825-YUL
vary
Origin
x-cache
HIT
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
apple-news-services-host
www.wired.com
content-length
0
retry-after
0
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=conde.wired&zMoatAdUnit2=rail&zMoatAdUnit3=security&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oeOd4UyJc8Q0YElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-QQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=1066.65625&gp=1512.453125&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=4&f=0&j=&t=1663607316787&de=457303900673&rx=430755292090&cu=1663607316787&m=13605&ar=5aeef158bee-clean&iw=f9dac89&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=1512.453125&lb=6128&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A158%3A158%3A7163%3A279&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10052&cd=350&ah=10052&am=350&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.wired&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=200157&na=1380264543&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:50 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:50 GMT
pixel.gif
px.moatads.com/ 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&zMoatAdUnit1=conde.wired&zMoatAdUnit2=hero&zMoatAdUnit3=security&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=9&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-oeOd4UyJc8Q0YElkt2ndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-kd5aRxmAS248Xw%3D%3D&sc=1&os=1-QQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=7&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=436&gp=64&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=4&f=0&j=&t=1663607316787&de=470420900414&rx=430755292090&cu=1663607316787&m=14610&ar=5aeef158bee-clean&iw=f9dac89&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=64&lb=6128&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A158%3A158%3A7163%3A279&as=1&ag=10003&an=5177&gi=1&gf=9784&gg=4958&ix=9784&ic=9784&ez=1&ck=1037&kw=1719&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10003&bx=5177&ci=1037&jz=1719&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10707&cd=5882&ah=10707&am=5882&xd=00&rf=0&re=1&ft=4676&fv=4676&fw=329&wb=2&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.wired&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=200157&na=370463729&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:51 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:51 GMT
user_uploaded_metrichpe_601_normal.ttf
s0.2mdn.net/sadbundle/15895870535127717286/fonts/ Frame 735C 		61 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15895870535127717286/fonts/user_uploaded_metrichpe_601_normal.ttf
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15895870535127717286/4fcda2cf3122d8d52bcad9e162171a6b.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
39c7c602e0d57a569539f7e8e0b2d75a9f5aa9bb38d59782d2011d9e35c07d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/15895870535127717286/index.html
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 09:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
547693
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26501
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 18:09:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 09:00:38 GMT
bdade49f658140f9abb33414cef28140.png
s0.2mdn.net/sadbundle/15895870535127717286/media/ Frame 735C 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15895870535127717286/media/bdade49f658140f9abb33414cef28140.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
919b1c684bb15d6a1bdb4e0a5b0d73aa09ddd1a84798a4409fa4e83e88252d5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15895870535127717286/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 09:00:38 GMT
x-content-type-options
nosniff
age
547693
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7686
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 18:09:06 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 09:00:38 GMT
1941bae9bd0bf61df7be537148c1b999.svg
s0.2mdn.net/sadbundle/15895870535127717286/media/ Frame 735C 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15895870535127717286/media/1941bae9bd0bf61df7be537148c1b999.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f734bf760d9f9edd6ca06199c0195e98f4f7dc5c0bb50e7f5692e6779ed125b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15895870535127717286/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 09:00:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
547693
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3100
x-xss-protection
0
last-modified
Fri, 18 Feb 2022 18:09:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 13 Sep 2023 09:00:38 GMT
dc_oe=ChMI2L-Bm6yh-gIVWN2zCh0DlwF1EAAYACD-krVOQhMImuOrmqyh-gIVgVPsCh2HOw8w;met=1;&timestamp=1663607331720;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 857A 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI2L-Bm6yh-gIVWN2zCh0DlwF1EAAYACD-krVOQhMImuOrmqyh-gIVgVPsCh2HOw8w;met=1;&timestamp=1663607331720;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 17:08:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame CFB0 		43 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&ra=1&pxm=10&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=1&rk=0&tk=0&ak=-&i=TRADEDESKV3&ol=3900400012&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-xkVHrBsiY9PHPf0uHVjPGlx1P1tMeAYh8VIp1Vf7AbESGfrl5%2FmliBNlAlwWxmRnpyWz&rs=1-21y3bVjbGrWLAw%3D%3D&sc=1&os=1-rQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&id=1&ii=3&cm=6&f=1&j=https%3A%2F%2Fwww.wired.com&lp=https%3A%2F%2Fwww.wired.com&t=1663607322020&de=528626899694&cu=1663607322020&m=10219&ar=5aeef158bee-clean&iw=dd009cb&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=186&le=1&lf=233&lg=1&lh=96&gm=1&io=1&fa=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A1800%3A1800%3A3174%3A2409&aa=1&ad=10064&cn=5014&gn=1&gk=10064&gl=5014&ik=10064&ic=10064&ez=1&co=1080&cp=1015&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=9998&cd=4951&ah=9998&am=4951&xd=00&rf=0&re=1&wb=2&cl=0&at=0&d=3i8jb8j%3Aif4afpp%3Ax4etwe1%3A9qnntyn&bd=www.wired.com&gw=thetradedeskv275874568748&zMoatOrigSlicer1=www.wired.com&zMoatOrigSlicer2=N%2FA&zMoatDomain=wired.com&zMoatSubdomain=wired.com&zMoatJS=3%3A-&zMoatCachebuster=814314&zMoatCreative=q25m52xq&zMoatDealID=-&zMoatImpressionId=409c46f6-37dc-4d23-ad55-54266494c593&zMoatPartnerID=3i8jb8j&zMoatSite=www.wired.com&zMoatSupplyVendor=rubicon&zMoatTempIDs=https%253A%252F%252Finsight.adsrvr.org%252Fenduser%252Fpie%252F%253Fpie%253D20%2526vet%253DVIEWABILITY_EVENT_TYPE%2526rtb%253DdD0xJmlpZD00MDljNDZmNi0zN2RjLTRkMjMtYWQ1NS01NDI2NjQ5NGM1OTMmY3JpZD1xMjVtNTJ4cSZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE1NjAyMjE3JnB1aWQ9JnBpZD0zaThqYjhqJmFnPTlxbm50eW4mYWR2PWlmNGFmcHAmYnA9MC40MzE2NzA0ODY0MTQ3NTg2NDIzNSZjZj0zODM0MzQxJmZxPTAmdGRfcz13d3cud2lyZWQuY29tJnJjYXRzPTdzcCZtc3RlPSZtZmxkPTQmbXNzaT0mbWZzaT0mdWhvdz0zNyZhZ3NhPSZyZ3o9SDNBJnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPWVuJnN2cGlkPTE3ODE0JmRpZD0mcmN4dD1PdGhlciZsYXQ9NDUuNTIwMDAwJmxvbj0tNzMuNTk5OTk4JnRtcGM9MTAuNjI5OTk5OTk5OTk5OTk1JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ1pEWVc1aFpHRVNCbEYxWldKbFl4b0FJZ2hOYjI1MGNtVmhiRGdCVUF1QUFRQ0lBUUdRQVFHd0FRQzZBUVlJN3JvSEdBekFBZmIwQnRBQjl2UUcmZHVyPUNqWUtIV05vWVhKblpTMWhiR3hKYm5SbFozSmhiRUp5WVc1a1UyRm1aWFI1SWhVSS1mX19fX19fX19fX0FSSUlhVzUwWldkeVlXd0tPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrUUtLV05vWVhKblpTMWhiR3hFYVhOd2JHRjVWbWxsZDJGaWFXeHBkSGxDYVdSQlpHcDFjM1J0Wlc1MEloY0ltdl9fX19fX19fX19BUklLY1MxaGJHeHBZVzVqWlFwSUNpRmphR0Z5WjJVdFlXeHNUVzloZEZacFpYZGhZbWxzYVhSNVZISmhZMnRwYm1jaUl3aWxfX19fX19fX19fOEJFZzV0YjJGMExYSmxjRzl5ZEdsdVp5b0dDTUNFUFJnTSZjcnJlbHI9JmlwbD0vMzM3OS9jb25kZS53aXJlZC9oZXJvL3NlY3VyaXR5L2FydGljbGUvMSZwY209MSZ2Yz0zJnNhaWQ9ZTAxNDM4Yzg5OWM0ZTE4NWFiNDhhZmJhMjcxZDM1MTZjN2I0ZmVhNSZpY3Q9VW5rbm93biZhdWN0PTEmY3hsdnM9MCZpbT0xJm1jPTcwYzUwMDM0LWRkNWItNDdmZi04NmZmLWM0ZDY1N2E0MDA5YSZ0YWlsPTEmc3Y9cnViaWNvbiZ0YWlsPTE.&zMoatViewType=0&zMoatOtherScript=-&zMoatOtherHash=-&zMoatAttention=-&zMoatDR=-&zMoatPublisherID=17814&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&jk=-1&jm=4&tc=0&fs=200157&na=1655951854&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.64.61.169 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-64-61-169.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

unused62
8096267
date
Mon, 19 Sep 2022 17:08:52 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
pragma
no-cache
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 17:08:52 GMT
/
insight.adsrvr.org/enduser/moat/ Frame CFB0 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/enduser/moat/?e=62&o=dD0xJmlpZD00MDljNDZmNi0zN2RjLTRkMjMtYWQ1NS01NDI2NjQ5NGM1OTMmY3JpZD1xMjVtNTJ4cSZ3cD0ke0FVQ1RJT05fUFJJQ0U6QkZ9JmFpZD0xJndwYz1VU0Qmc2ZlPTE1NjAyMjE3JnB1aWQ9JnBpZD0zaThqYjhqJmFnPTlxbm50eW4mYWR2PWlmNGFmcHAmYnA9MC40MzE2NzA0ODY0MTQ3NTg2NDIzNSZjZj0zODM0MzQxJmZxPTAmdGRfcz13d3cud2lyZWQuY29tJnJjYXRzPTdzcCZtc3RlPSZtZmxkPTQmbXNzaT0mbWZzaT0mdWhvdz0zNyZhZ3NhPSZyZ3o9SDNBJnN2YnR0ZD0xJmR0PVBDJm9zZj1XaW5kb3dzJm9zPVdpbmRvd3MxMCZicj1DaHJvbWUmcmxhbmdzPWVuJm1sYW5nPWVuJnN2cGlkPTE3ODE0JmRpZD0mcmN4dD1PdGhlciZsYXQ9NDUuNTIwMDAwJmxvbj0tNzMuNTk5OTk4JnRtcGM9MTAuNjI5OTk5OTk5OTk5OTk1JmRhaWQ9JnZwPTAmb3NpPSZvc3Y9Jm1rPUdvb2dsZSZtZGw9Q2hyb21lJTIwLSUyMFdpbmRvd3MmYz1DZ1pEWVc1aFpHRVNCbEYxWldKbFl4b0FJZ2hOYjI1MGNtVmhiRGdCVUF1QUFRQ0lBUUdRQVFHd0FRQzZBUVlJN3JvSEdBekFBZmIwQnRBQjl2UUcmZHVyPUNqWUtIV05vWVhKblpTMWhiR3hKYm5SbFozSmhiRUp5WVc1a1UyRm1aWFI1SWhVSS1mX19fX19fX19fX0FSSUlhVzUwWldkeVlXd0tPd29kWTJoaGNtZGxMV0ZzYkZSVVJFTjFjM1J2YlVOdmJuUmxlSFIxWVd3aUdnamFfX19fX19fX19fOEJFZzEwZEdSamIyNTBaWGgwZFdGc0NrUUtLV05vWVhKblpTMWhiR3hFYVhOd2JHRjVWbWxsZDJGaWFXeHBkSGxDYVdSQlpHcDFjM1J0Wlc1MEloY0ltdl9fX19fX19fX19BUklLY1MxaGJHeHBZVzVqWlFwSUNpRmphR0Z5WjJVdFlXeHNUVzloZEZacFpYZGhZbWxzYVhSNVZISmhZMnRwYm1jaUl3aWxfX19fX19fX19fOEJFZzV0YjJGMExYSmxjRzl5ZEdsdVp5b0dDTUNFUFJnTSZjcnJlbHI9JmlwbD0vMzM3OS9jb25kZS53aXJlZC9oZXJvL3NlY3VyaXR5L2FydGljbGUvMSZwY209MSZ2Yz0zJnNhaWQ9ZTAxNDM4Yzg5OWM0ZTE4NWFiNDhhZmJhMjcxZDM1MTZjN2I0ZmVhNSZpY3Q9VW5rbm93biZhdWN0PTEmY3hsdnM9MCZpbT0xJm1jPTcwYzUwMDM0LWRkNWItNDdmZi04NmZmLWM0ZDY1N2E0MDA5YSZ0YWlsPTEmc3Y9cnViaWNvbiZ0YWlsPTE.
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/ ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 17:08:52 GMT
cache-control
private
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fastlane.rubiconproject.com
URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=306872&zone_id=1548440&size_id=2&alt_size_ids=57&us_privacy=1---&eid_pubcid.org=af305ee8-c444-45ee-9db6-5c49cd617f43%5E1&rf=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&tg_i.cnt_tags=security%2Chacking%2Cvulnerabilities%2Cuber%2Cnational-security&tk_flint=pbjs_lite_v7.11.0&x_source.tid=9ca17fad-c9b0-42e7-858e-3f3f66a796c5&l_pb_bid_id=2bf72a6a4f0ede&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06144071395722017

Verdicts & Comments Add Verdict or Comment

236 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| cns function| getCookie function| setCookie function| setGPC function| OptanonWrapper object| googletag object| sparrowQueue object| cnBus object| PARSELY object| __PRELOADED_STATE__ object| dataLayer object| _4d string| CN_STACK_TEMP object| _perfRefForUserTimingPolyfill object| fastdom function| moatYieldReady object| BOOMR_mq object| apstag object| pbjs object| pbjsChunk object| _pbjsGlobals object| mnet object| OneTrustStub function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| headertag object| UrlCache object| SUBSCRIPTIONS object| SWG undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_4285734 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi boolean| apstagLOADED object| gapi object| ___jsl object| ggeac object| google_tag_data object| google_js_reporting_queue object| webpackJsonpVerso function| setImmediate function| clearImmediate function| CNE_onReady_16636073174380 object| journeyDataGateway object| dfpDataGateway object| paymentGateway object| paywallGateway object| _cne object| wrfzgujrtg object| jBus object| experiments string| beaconHostname function| setOptions object| cookie function| ajax function| resetOurXid function| propagateXid function| pixel string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData object| __otccpaooLocation undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| setupInterlude1 function| onIframeReady16636073181720 object| Criteo object| google_tag_manager function| postscribe object| google_tag_manager_external object| performanceConsent object| functionalConsent object| targetingConsent string| b object| h function| getVisitNumCustom number| d string| eventMethod function| eventer string| messageEvent object| ats object| core object| Optanon object| OneTrust string| queryString function| e object| visitor object| adobe function| Visitor object| s_c_il number| s_c_in function| DIL object| dilInstance object| _qevents function| rdt function| fbq function| _fbq function| addPixel object| __adIq_Config string| _linkedin_partner_id object| _linkedin_data_partner_ids object| __memo_config function| hj object| _hjSettings string| TiktokAnalyticsObject object| ttq object| scrEm function| obApi object| urlParams string| fullUrl object| myParam object| publishDate object| now string| GoogleAnalyticsObject function| ga object| _aam_dataLayer undefined| userId boolean| _aam_spa object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels number| google_global_correlator object| bouncex function| lintrk boolean| _already_called_lintrk object| Sailthru object| _google_rum_ns_ object| google_persistent_state_async object| closure_lm_388546 object| google object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| google_image_requests function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| MEMO object| SparrowConfigV2 object| gaplugins object| trx function| md5 object| auvars object| regeneratorRuntime object| JSON3 object| closure_lm_774778 object| SparrowCache function| Sparrow boolean| sparrowInitialize object| sparrow function| _typeof object| gaData object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 object| hadron boolean| __halo_loaded__ function| docReady object| au object| autag object| blingbyJson function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie undefined| $ function| jQuery function| close_bouncex_ad object| GoogleGcLKhOms

236 Cookies

Domain/Path Name / Value
.wired.com/ Name: CN_xid
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
.wired.com/ Name: CN_xid_refresh
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
www.wired.com/ Name: xid1
Value: 1
www.wired.com/ Name: verso_bucket
Value: 180
.wired.com/ Name: CN_geo_country_code
Value: CA
.wired.com/ Name: CN_segments
Value: co.w2238
www.wired.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.wired.com/ Name: _pubcid
Value: af305ee8-c444-45ee-9db6-5c49cd617f43
www.wired.com/ Name: usprivacy
Value: 1---
.condenastdigital.com/ Name: CN_xid
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
.epicurious.com/ Name: CN_xid
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
.epicurious.com/ Name: CN_geo_country_code
Value: CA
.bonappetit.com/ Name: CN_xid
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
.bonappetit.com/ Name: CN_geo_country_code
Value: CA
.allure.com/ Name: CN_xid
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
.allure.com/ Name: CN_geo_country_code
Value: CA
.cntraveler.com/ Name: CN_xid
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
.cntraveler.com/ Name: CN_geo_country_code
Value: CA
.pitchfork.com/ Name: CN_xid
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
.pitchfork.com/ Name: CN_geo_country_code
Value: CA
.newyorker.com/ Name: CN_xid
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
.newyorker.com/ Name: CN_geo_country_code
Value: CA
.architecturaldigest.com/ Name: CN_xid
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
.architecturaldigest.com/ Name: CN_geo_country_code
Value: CA
.glamour.com/ Name: CN_xid
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
.glamour.com/ Name: CN_geo_country_code
Value: CA
.gq.com/ Name: CN_xid
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
.gq.com/ Name: CN_geo_country_code
Value: CA
www.wired.com/ Name: CN_visits_m
Value: 1664582400313%26vn%3D1
www.wired.com/ Name: CN_in_visit_m
Value: true
.teenvogue.com/ Name: CN_xid
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
.teenvogue.com/ Name: CN_geo_country_code
Value: CA
.self.com/ Name: CN_xid
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
.self.com/ Name: CN_geo_country_code
Value: CA
.them.us/ Name: CN_xid
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
.them.us/ Name: CN_geo_country_code
Value: CA
.vogue.com/ Name: CN_xid
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
.vogue.com/ Name: CN_geo_country_code
Value: CA
.vanityfair.com/ Name: CN_xid
Value: 7019f732-25e0-4a38-bce5-b53f5c128960
.vanityfair.com/ Name: CN_geo_country_code
Value: CA
.wired.com/ Name: pay_ent_msmp
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsInZlciI6MX0.eyJjbnRzIjp7ImFsbCI6MX0sImlhdCI6MTY2MzYwNzMxODMyNywiaXNzIjoiam91cm5leSIsInVhdCI6MTY2MzYwNzMxODMyNywidXJscyI6WyIvc3RvcnkvdWJlci1oYWNrLW1mYS1waGlzaGluZy8iXX0.7gPtC1Q_pEviblQTfcVngNlXSohhvkDWd_-ZOgw_yPQ
.openx.net/ Name: i
Value: af305ee8-c444-45ee-9db6-5c49cd617f43|1663607318
.wired.com/ Name: _gcl_au
Value: 1.1.255923862.1663607318
.yahoo.com/ Name: A3
Value: d=AQABBBaiKGMCEO8L928M4B8UU3Xfabc23zgFEgEBAQHzKWMyYwAAAAAA_eMAAA&S=AQAAAotMt6xOSp-uyM4a5sltEnY
.wired.com/ Name: __gads
Value: ID=29223b196227471a:T=1663607318:S=ALNI_Mb-H0CrkXv1zp2kwalB3U9Yg4whDg
www.wired.com/ Name: _lr_geo_location
Value: CA
.tapad.com/ Name: TapAd_TS
Value: 1663607318732
.tapad.com/ Name: TapAd_DID
Value: 3aad9dc9-c03e-496d-ab1f-c7599363f9b7
.scorecardresearch.com/ Name: UID
Value: 1AAda9f1ba145effac50a7b1663607318
.wired.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Mon+Sep+19+2022+17%3A08%3A38+GMT%2B0000+(GMT)&version=6.35.0&hosts=&consentId=7aa5573b-3021-49d2-ae3a-c45c6e6fd46e&interactionCount=0&landingPath=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&groups=C0001%3A1%2CC0003%3A1%2CC0004%3A1%2CC0002%3A1
.rubiconproject.com/ Name: khaos
Value: L890UEAB-I-J01J
.wired.com/ Name: _rdt_uuid
Value: 1663607318764.4a953f63-3112-4dbe-aafc-38c2adba22e5
www.wired.com/ Name: sailthru_pageviews
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A_Zjt7gbYUhlhkjHoUHwP88
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.demdex.net/ Name: demdex
Value: 66373113506026136401086284029216043361
.turn.com/ Name: uid
Value: 4601057333822261305
.linkedin.com/ Name: li_sugr
Value: 26e01f1b-8ffe-434e-a9d8-9cf5bb92dcde
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&1427b2ca-4bc8-4e88-8165-89f945f4ec3e"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2790:u=1:x=1:i=1663607318:t=1663693718:v=2:sig=AQH01GHXRJ-FaubtOBA48k16RiTq2Vq8"
.tiktok.com/ Name: _ttp
Value: 2EznXWmBYXdcRZ4Cx9rYIET3hYt
.wired.com/ Name: AMCVS_F7093025512D2B690A490D44%40AdobeOrg
Value: 1
www.wired.com/ Name: __srret
Value: 1
.adsrvr.org/ Name: TDID
Value: 83a7adcd-79ab-42ed-8a9b-605fed9b02b2
www.wired.com/ Name: cneplayercount
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YyiiFwAAAEe96ANP
.linkedin.com/ Name: UserMatchHistory
Value: AQL0dezgQnGFjAAAAYNWuSuGogBb5e7G_YwISSWJ37G6-vF_ibKvzNVwlH50hTyJHSjclMrJVK8Y3w
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQL3n3QuavlanAAAAYNWuSuG7e15jmuibd2JaX1BuykwLCaUXV5mQDMQ6wEfEDXN_sz8n3wNT8Dd4O0zvAcXiw
.wired.com/ Name: _au_1d
Value: AU1D-0100-001663607319-29KI610D-PHIA
.wired.com/ Name: _au_last_seen_apn
Value: 1663607319484
.wired.com/ Name: _au_last_seen_ttd
Value: 1663607319484
.wired.com/ Name: _au_last_seen_pub
Value: 1663607319484
.wired.com/ Name: _au_last_seen_adx
Value: 1663607319484
.wired.com/ Name: _au_last_seen_goo
Value: 1663607319484
.wired.com/ Name: _au_last_seen_ado
Value: 1663607319484
.wired.com/ Name: _au_last_seen_bees
Value: 1663607319484
.wired.com/ Name: _au_last_seen_impr
Value: 1663607319484
.wired.com/ Name: _au_last_seen_son
Value: 1663607319484
.wired.com/ Name: _au_last_seen_rub
Value: 1663607319484
.quantserve.com/ Name: mc
Value: 6328a217-76f4d-0d70f-11194
www.wired.com/ Name: qcSxc
Value: 1663607319539
.doubleclick.net/ Name: IDE
Value: AHWqTUlHG0eUO9FibNhjsvxklIodJp6STg9BMvl2jJq4X9mLiJ31GzCKgxm_KyaybpY
.pippio.com/ Name: did
Value: AbxOT_6WCRy7IMx8
.pippio.com/ Name: didts
Value: 1663607319
.pippio.com/ Name: nnls
Value:
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6305
.dpm.demdex.net/ Name: dpm
Value: 66373113506026136401086284029216043361
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220919170839695dea5e-7dfa-4c18-8627-a23440d461d3AQEmJrCMZCW0yJT3Xwq09nEzUv1UiMPc"
.wired.com/ Name: _fbp
Value: fb.1.1663607319664.1123849076
.adnxs.com/ Name: uuid2
Value: 8264677328858952876
www.wired.com/ Name: sailthru_content
Value: 52f46342e544c7e3360ee4c34c1ede2b
www.wired.com/ Name: sailthru_visitor
Value: e3ed9b2b-0a84-464c-9d0b-8873b08068e2
.pubmatic.com/ Name: KTPCACOOKIE
Value: true
.wired.com/ Name: CN_ad_block
Value: 0
.wired.com/ Name: _tt_enable_cookie
Value: 1
.wired.com/ Name: _ttp
Value: 0ccde811-ea9d-4ca6-b044-ea471d2e3ddb
.wired.com/ Name: sID
Value: b26e9da3-ffdd-4ac0-8d12-3a3b05351aea
www.wired.com/ Name: pID
Value: 0e27f216-33c8-404f-98be-5c28fb0fba90
www.wired.com/ Name: CN_sp
Value: 8f4e1eb9-5c11-4b63-aaa4-c6efd6fe98f3
www.wired.com/ Name: CN_su
Value: a041423a-65b8-4f0e-bb7a-9450bab224d5
.360yield.com/ Name: tuuid
Value: 156f4374-5314-4efa-b48b-bb3f41dda401
.360yield.com/ Name: tuuid_lu
Value: 1663607319
.go.sonobi.com/ Name: __uis
Value: c7f8bd10-634b-45d5-8363-86dc55b45c70
.go.sonobi.com/ Name: HAPLB8S
Value: s85114|Yyii+
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B109023D-C51B-4BDD-A2D3-0FCE792BE5B7
.wired.com/ Name: _ga_P1P55J3LNW
Value: GS1.1.1663607320.1.0.1663607320.60.0.0
.wired.com/ Name: AMCV_F7093025512D2B690A490D44%40AdobeOrg
Value: -408604571%7CMCIDTS%7C19255%7CMCMID%7C66523600266451065131107560201084272056%7CMCAAMLH-1664212119%7C9%7CMCAAMB-1664212119%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663614519s%7CNONE%7CMCSYNCSOP%7C411-19262%7CvVersion%7C4.6.0
.ad.gt/ Name: au_id
Value: AU1D-0100-001663607319-29KI610D-PHIA
.ad.gt/ Name: g_hosted
Value:
.bidr.io/ Name: bito
Value: AADn0U7GUUQAAA_UoQQBHw
.bidr.io/ Name: bitoIsSecure
Value: ok
.pippio.com/ Name: pxrc
Value: CJjEopkGEgQIAhAAEgYI7OsBEAA=
.wired.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.wired.com/story/uber-hack-mfa-phishing/%22%2C%22sref%22:%22%22%2C%22sts%22:1663607320511%2C%22slts%22:0}
.wired.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=eb21888fb76d39e0a3e755200c9a4ffb%22%2C%22session_count%22:1%2C%22last_session_ts%22:1663607320511}
www.wired.com/ Name: __srui
Value: b4c5dcf9-383d-11ed-8005-6a1025f604db
www.wired.com/ Name: outbrain_cid_fetch
Value: true
.wired.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.wired.com/ Name: _ga
Value: GA1.2.987098063.1663607318
.wired.com/ Name: _gid
Value: GA1.2.1648165934.1663607321
.wired.com/ Name: _dc_gtm_UA-8293713-27
Value: 1
.contextweb.com/ Name: V
Value: jtiWPfNSdxnN
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4e382c6300834138
.3lift.com/ Name: tluid
Value: 614278318266112921207
.facebook.com/ Name: fr
Value: 0vBypcaO6S2b9O67N..BjKKIY...1.0.BjKKIY.
.casalemedia.com/ Name: CMID
Value: YyiiGGLSm-lWytm.iJ357gAA
.casalemedia.com/ Name: CMPS
Value: 477
.casalemedia.com/ Name: CMPRO
Value: 477
.smartadserver.com/ Name: pid
Value: 7826486786654209056
.linksynergy.com/ Name: rmuid
Value: 18a0bc53-da43-4e0d-9c80-53075592361a
.linksynergy.com/ Name: icts
Value: 2022-09-19T17:08:40Z
.wired.com/ Name: __qca
Value: P0-1663932039-1663607319533
.wired.com/ Name: _hjSessionUser_1537182
Value: eyJpZCI6IjQwNTZhYjM5LWUxNmUtNTg2Yy1iNWM3LWQzZDdkMjJmYzc3ZSIsImNyZWF0ZWQiOjE2NjM2MDczMTk2MDcsImV4aXN0aW5nIjpmYWxzZX0=
.wired.com/ Name: _hjFirstSeen
Value: 1
www.wired.com/ Name: _hjIncludedInSessionSample
Value: 0
.wired.com/ Name: _hjSession_1537182
Value: eyJpZCI6ImRlYzQwYmJiLWM3ZGQtNGJjNC05YmEzLTM4ZjM5MzEwZjA0OSIsImNyZWF0ZWQiOjE2NjM2MDczMjA3ODksImluU2FtcGxlIjpmYWxzZX0=
.agkn.com/ Name: ab
Value: 0001%3A%2BDI%2BAtpoGGcb4RMCouNbVrVdHYFa3Hmo
.wired.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1g70|2N.0|3oy.0|4is.0.CAESEB3HunQrisGGqWbLku114Tw|7TY.0
.adsymptotic.com/ Name: U
Value: 918e1a4c396a072ddff2f5ae06c6138b
.mathtag.com/ Name: uuid
Value: 57306328-a219-4200-a76f-0b221154f721
.openx.net/ Name: univ_id
Value: 537072971|83a7adcd-79ab-42ed-8a9b-605fed9b02b2|1663607321153471
.sitescout.com/ Name: ssi
Value: 90bdf3b3-ba17-4bca-a94a-de573e2a8405#1663607321221
www.wired.com/ Name: _lr_sampling_rate
Value: 100
.exelator.com/ Name: EE
Value: "0967c80763583a5eeefde07ec97542b0"
.csync.loopme.me/ Name: viewer_token
Value: 8210b848-c2fc-40a7-b79f-217b73523159
.sitescout.com/ Name: _ssuma
Value: eyIyNCI6MTY2MzYwNzMyMTMwMywiMzkiOjE2NjM2MDczMjEzMDMsIjciOjE2NjM2MDczMjEzMDN9
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHA0sw82cLA3MzY1MI40TQ1NTUtJdXAPDXZ0tzUxCjJYHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAdEl%252BUWb6ImfHxUUpaQyLSopPBR9cHQsAki8qOA%253D%253D"
.bounceexchange.com/ Name: bounceClientVisit2825c
Value: %7B%22vid%22%3A1663607321471110%2C%22did%22%3A%222358018904351454731%22%7D
.wired.com/ Name: bounceClientVisit2825v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgO6kB0xAlgE4CmAJmQMYD2AtkSgi9QJ5EBXAEa1qAWjgBDJgGsxbAGaSxEOJRRqAdgHMiIADQhqMEAZDqA+tpYWUtFCkotNMJWDuHL2iLfuPnrpLutAC+QA
.mathtag.com/ Name: mt_mop
Value: 4:1663607321
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: f876724d5fadf28a54903c2f911d4340
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSLMwNzM3MkkxTUtMSTOySDQ1sTQwTjZKszQ0TDExNjFgAIJkjUWSIBoKAEdICc4%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI1lgkCaSgAAAQLwFH"
fksnk.com/ Name: AWSALBCORS
Value: IgTFT2jEmVh7DCWeVZ2JOr6uXjswRzxRym98XhTrcI8R3xF6VqeBnpTugL1Wm8uN1r5CCllVkM8kINPGkK+iRoiq7hueox4cOqwGp/fu4V+QoTAnPLWyKHoketzL
.fksnk.com/ Name: f_001
Value: C4A0B962B5208FEF
.fksnk.com/ Name: g_001
Value: 1
.zemanta.com/ Name: zuid
Value: uJkQuVnaYjp3HQPwhHyU
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjMwMTY1NjQzM7cwMDM2NTEwsBDiM9Q1T8x29Qp18fHJCS8DAGysHjElAAAA
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_-OSMXR2dA12dSmojDLPcwrKDXXxyUmPLHULNEpLcgUAvRvRgh4AAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjMwMTY1NjQzM7cwMDM2NTEwsBDiM9Q1T8x29Qp18fHJCS8DAGysHjElAAAA
.wired.com/ Name: _pubcid_last
Value: Mon%2C%2019%20Sep%202022%2017%3A08%3A41%20GMT
www.wired.com/ Name: _lr_retry_request
Value: true
www.wired.com/ Name: _lr_env_src_ats
Value: false
.uuidksinc.net/ Name: jcsuuid
Value: CWQdgnU5mowfVckDtEff
.addthis.com/ Name: ouid
Value: 6328a219000196ab2d2ee95f70fa102b3f5c641e62546a9558cd
.addthis.com/ Name: um
Value: g.'66373113506026136401086284029216043361'
.addthis.com/ Name: uid
Value: 6328a219248f7a83
.openx.net/ Name: pd
Value: v2|1663607320.1|iKvMgakWgy.bwuYvPhEgKg2
.media.net/ Name: visitor-id
Value: 3066089221455439000V10
.rlcdn.com/ Name: rlas3
Value: jKrCqd9/uXLuGHCPOoRQEwww4bLvv/AiPvZGglVtft0=
.rlcdn.com/ Name: pxrc
Value: CJbEopkGEgUI6AcQABIFCOhHEAASBgi66gEQBBIGCPHrARAD
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwiateyT9JqNOxAFEhUKBmNhc2FsZRILCKaIuKT0mo07EAUSFgoHcnViaWNvbhILCO7ls6f0mo07EAUYASABKAIyCwjm593cipuNOxAFOAFaBzhtMzN6azRgAg..
.media.net/ Name: data-mm
Value: 57306328-a219-4200-a76f-0b221154f721~~8
.quantserve.com/ Name: d
Value: EE0BDQGRJ7jvsQA
.twitter.com/ Name: personalization_id
Value: "v1_kf0TPfVWKohonx80Pa6RKA=="
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A1747944141520346146
.w55c.net/ Name: wfivefivec
Value: AE1KkLAI1OAkga5
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_-OSMXR2dA12dSmojDLPcwrKDXXxyUmPLHULNEpLcg3iNTQzMzYzMDc2MjSzMH3FiMI3AwATUtSEPQAAAA
.bidswitch.net/ Name: c
Value: 1663607322
.bidswitch.net/ Name: tuuid
Value: 8f868ba3-3e86-4c8d-9823-c5070bf51869
.media.net/ Name: data-g
Value: CAESEHNE5FQp4YipMQ4tSUx1lto~~8
.33across.com/ Name: 33x_ps
Value: u%3D211982463078274%3As1%3D1663607322977%3Ats%3D1663607322977
.mfadsrvr.com/ Name: c
Value: 1663607322
.mfadsrvr.com/ Name: tuuid
Value: 9b78092d-b663-417a-852e-52d53def87e6
.media6degrees.com/ Name: clid
Value: 2rigvmi01171i1h76qrm501a000000017a011301901
.media6degrees.com/ Name: acs
Value: 012020k1rigvmixzt10
.brand-display.com/ Name: _knxq_
Value: 207fe4a3-fad9-40e2-fa8abf2e.1663607322.0.1663607322.1663607322
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: matchmedianet
Value: 5
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2795:18za~2795:175w~2795:18xa~2795"
.adform.net/ Name: uid
Value: 752730492778780022
.bidswitch.net/ Name: tuuid_lu
Value: 1663607323
.media.net/ Name: data-rk
Value: 6043531667806354008~~8
.media.net/ Name: data-ttd
Value: 83a7adcd-79ab-42ed-8a9b-605fed9b02b2~~1
.mfadsrvr.com/ Name: tuuid_lu
Value: 1663607323
.mfadsrvr.com/ Name: ssh
Value: !medianet,1663607323
.media.net/ Name: data-xu
Value: AE1KkLAI1OAkga5~~8
.media.net/ Name: data-ze
Value: uJkQuVnaYjp3HQPwhHyU~~8
.media.net/ Name: data-mf
Value: 9b78092d-b663-417a-852e-52d53def87e6~~1
.yieldoptimizer.com/ Name: fbh0
Value: %7B%7D
.yieldoptimizer.com/ Name: gcma
Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/ Name: rmxc
Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/ Name: cktst
Value: 712665014
.media.net/ Name: data-bs
Value: 8f868ba3-3e86-4c8d-9823-c5070bf51869~~1
ads.avct.cloud/ Name: uuid
Value: bf0077cd-9d67-4910-9e46-10bb165e63f6
.yieldoptimizer.com/ Name: ckid
Value: 2027896334542
.yieldoptimizer.com/ Name: dph
Value: %7B%22t%22%3A%5B120233%5D%2C%22dp%22%3A%5B2233%5D%7D
.yieldoptimizer.com/ Name: ph
Value: %7B%22p%22%3A%5B1025%5D%2C%22t%22%3A%5B120233%5D%7D
.tribalfusion.com/ Name: ANON_ID
Value: ajnrXhOleq8PZabprMjqfil1JFKOCKZahnwyP8euPnrNnoI21tJgrGSUHDYnAqnZaFE3xMdpAGi
.criteo.com/ Name: uid
Value: ac2094fa-10d7-4142-9553-e328ef91037e
.owneriq.net/ Name: si
Value: Q7168937232086202263
.owneriq.net/ Name: p2
Value: adpq
.wired.com/ Name: cto_bundle
Value: LKQf6F9CeUVSYXRNWnF2cm9laDBEUDlLQm12VlR1VXd4N2hBVlNIJTJCMUlNZjEwQkUxdWtxTFowV0gyRFBUS3NlWDJGeU1hU0V0TUJTOVFGSFVCbEpTeXkwa0VYY0VabFJpT2VBTXl0RyUyQkZDbFFsQ1RveVo2M2dMUUd3Y1Rzd25Va2VSYVFBS1FoZ21RSlZpY0pEU3c5M1JxZVBBJTNEJTNE
.mxptint.net/ Name: mxpim
Value: R1B341_F6769A69_87ACE3EC.1.6328A21B0000000000000000000000000000000000000000000000006328A21B
.krxd.net/ Name: _kuid_
Value: PFrP4a8C
.wired.com/ Name: aamconde
Value: conde%3Dsv%3BCN%3D764985
.wired.com/ Name: aamoptsegs
Value: aam%3D226821
.wired.com/ Name: aam_uuid
Value: 66373113506026136401086284029216043361
.fwmrm.net/ Name: _uid
Value: "e4537_7145139049966216618"
.rubiconproject.com/ Name: audit
Value: 1|tcR/wBEzWcIcplJoQOs6+u1WuCoMxA8a+JUixCbOKdokEu2gZrfHPg0xIXq3/7zmegxD8FN/YvjcsbnI2WrMriYbB5SW5XQ3r2IsKRhWH5f9W23uEog5JA==
.casalemedia.com/ Name: CMTS
Value: 195
.adnxs.com/ Name: anj
Value: dTM7k!M40<F7/.XF']wIg2GUfo91l5!A#F%.TOKKnyW<U1`VROYQM+P8a^YDCDb$`aXxqfT*/t5DB(!0I7Ri1/I%3B<QJ<lJ9rAzT5`.4]Ras41xL+[JE=2#J:bmSUnl4xcd#A^/kM_F]s.hL(84*B-I$it%vhLj)fy)k#!lmK
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YyiiFwAAAEe96ANP&KRTB&22978-YyiiFwAAAEe96ANP&KRTB&23194-YyiiFwAAAEe96ANP&KRTB&23209-YyiiFwAAAEe96ANP
.pubmatic.com/ Name: PugT
Value: 1663607322
.rkdms.com/ Name: sessionid
Value: h-71fb3001eae7e7c9887b448d28edd973_t-1663607324
.spotxchange.com/ Name: audience
Value: b7f723ce-383d-11ed-aed7-15e8696a0403
.demdex.net/ Name: dextp
Value: 21-1-1663607320705|269-1-1663607321002|3-1-1663607321166|420-1-1663607321418|60-1-1663607321572|358-1-1663607321711|477-1-1663607321853|481-1-1663607321987|843-1-1663607322207|540-1-1663607322347|601-1-1663607322449|771-1-1663607322556|992-1-1663607322657|1123-1-1663607322758|1175-1-1663607322872|1524-1-1663607322989|22069-1-1663607323090|575-1-1663607323192|53196-1-1663607323293|73426-1-1663607323394|75557-1-1663607323577|79908-1-1663607323680|66757-1-1663607323793|121998-1-1663607323900|796-1-1663607324013|144230-1-1663607324114|144231-1-1663607324238|144232-1-1663607324369|144233-1-1663607324471|144234-1-1663607324573|144235-1-1663607324675|144236-1-1663607324778|144237-1-1663607324879|161033-1-1663607324980|285689-1-1663607325081
.onaudience.com/ Name: cookie
Value: 4482aebe23552610
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: 1gtwxrvgrpwacwcgbscoty2s
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: lcyoz24naexxavucz4v45pav
.ib.mookie1.com/ Name: ibkukiuno
Value: s=1b34f1c6-2bd7-4a49-96f7-2e6ced941ec5&h=&v=0&l=-8585379995594046618&op=&hl=0&vlu=0&tcs=1&dcc=-8585379995596706051
.ib.mookie1.com/ Name: ibkukinet
Value: 2503514554=-8585379995594046618&2503514554=-8585379995594046618

8 Console Messages

Source Level URL
Text
network error URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=306872&zone_id=1548440&size_id=2&alt_size_ids=57&us_privacy=1---&eid_pubcid.org=af305ee8-c444-45ee-9db6-5c49cd617f43%5E1&rf=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&tg_i.cnt_tags=security%2Chacking%2Cvulnerabilities%2Cuber%2Cnational-security&tk_flint=pbjs_lite_v7.11.0&x_source.tid=9ca17fad-c9b0-42e7-858e-3f3f66a796c5&l_pb_bid_id=2bf72a6a4f0ede&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06144071395722017
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MjE1L3QvMA/kv/PageName=national%20security,SiteID=Wired,CampaignID=1802C,Channel=website,CreativeID=security,Placement=undefined
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)
javascript warning URL: https://z.moatads.com/thetradedeskv275874568748/moatad.js(Line 141)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://fr-actions.trackonomics.net/prod/www.wired.com/story/uber-hack-mfa-phishing/action_links.json
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://p.adsymptotic.com/d/px?_pid=11693&_psign=bf265992ae7fbdc1ab4b39651c157974&_puuid=66373113506026136401086284029216043361&_rand=1554881823&_pp=adobeXtest&_redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=1524%26dpuuid=${UUID}
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://sync.adotmob.com/cookie/indexexchange?r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7bamob_user_id%7d%26expiration%3D%5bEXPIRATION%5d
Message:
Failed to load resource: the server responded with a status of 503 (Service Unavailable: Back-end server is at capacity)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4d.condenastdigital.com
8957e76aa2e77478719e0863d0dd3933.safeframe.googlesyndication.com
a.ad.gt
a.rfihub.com
a.tribalfusion.com
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
abp.mxptint.net
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.avct.cloud
ads.scorecardresearch.com
adservice.google.ca
adservice.google.com
aep.mxptint.net
ak.sail-horizon.com
alb.reddit.com
ampcid.google.ca
ampcid.google.com
amplify.outbrain.com
analytics.google.com
analytics.tiktok.com
analytics.twitter.com
aorta.clickagy.com
api.bounceexchange.com
api.rlcdn.com
api.sail-personalize.com
apis.google.com
as-sec.casalemedia.com
assets.bounceexchange.com
ats.rlcdn.com
b1sync.zemanta.com
beacon.krxd.net
bh.contextweb.com
bid.g.doubleclick.net
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
c21lg-d.media.net
c2shb.ssp.yahoo.com
capture.condenastdigital.com
casale-match.dotomi.com
cdn-magiclinks.trackonomics.net
cdn.cookielaw.org
cdn.doubleverify.com
cdn.hadronid.net
cdn.indexww.com
cdn.memo.co
cdn.parsely.com
check.analytics.rlcdn.com
choices.trustarc.com
choices.truste.com
cm.everesttech.net
cm.g.doubleclick.net
condenast.demdex.net
condenastus-d.openx.net
connect.facebook.net
contextual.media.net
covers.conde.io
cs.media.net
csync.loopme.me
d.turn.com
d1z2jf7jlzjs58.cloudfront.net
d2c8v52ll5s99u.cloudfront.net
dclk-match.dotomi.com
dfp.bouncex.net
dis.criteo.com
dmp.adblade.com
dmp.brand-display.com
dmp.v.fwmrm.net
dp2.33across.com
dp8hsntg6do36.cloudfront.net
dpm.demdex.net
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dwgyu36up6iuz.cloudfront.net
eb2.3lift.com
elsa.memoinsights.com
eus.rubiconproject.com
events.bouncex.net
fastlane.rubiconproject.com
fei.pro-market.net
fksnk.com
fr-actions.trackonomics.net
geo.moatads.com
geo.privacymanager.io
geolocation.onetrust.com
global.ib-ibi.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbx.media.net
htlb.casalemedia.com
ib.adnxs.com
ib.mookie1.com
id.hadron.ad.gt
id.rlcdn.com
id.sv.rkdms.com
idpix.media6degrees.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
infinityid.condenastdigital.com
insight.adsrvr.org
journey.wired.com
js-sec.indexww.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.prod.bidr.io
mb.moatads.com
media.wired.com
medianet-match.dotomi.com
mug.criteo.com
news.google.com
onetag-sys.com
p.ad.gt
p.adsymptotic.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pbs.getpublica.com
pippio.com
pitchfork.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.condenastdigital.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
player.cnevids.com
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
prebid.media.net
pubads.g.doubleclick.net
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
px4.ads.linkedin.com
pxl.qccerttest.com
r.casalemedia.com
rtb.mfadsrvr.com
rtb0.doubleverify.com
rtbc-ue1.doubleverify.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
segment-data.zqtk.net
snap.licdn.com
ssbsync-us.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
su.addthis.com
sync-tm.everesttech.net
sync.adotmob.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.search.spotxchange.com
tag.bounceexchange.com
tag.yieldoptimizer.com
tags.rd.linksynergy.com
token.rubiconproject.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-ue1.doubleverify.com
tr.outbrain.com
trx-hub.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
va6-bid.adsrvr.org
vars.hotjar.com
www.allure.com
www.architecturaldigest.com
www.bonappetit.com
www.cntraveler.com
www.epicurious.com
www.facebook.com
www.glamour.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gq.com
www.linkedin.com
www.newyorker.com
www.redditstatic.com
www.self.com
www.teenvogue.com
www.them.us
www.vanityfair.com
www.vogue.com
www.wired.com
x.bidswitch.net
x.dlx.addthis.com
z.moatads.com
fastlane.rubiconproject.com
100.24.249.189
104.18.101.194
104.18.18.126
104.18.19.126
104.244.42.195
104.36.115.113
107.178.246.49
107.178.254.65
13.107.42.14
13.224.201.38
13.224.202.36
13.224.205.195
13.224.208.178
13.224.208.192
13.224.208.35
13.224.214.101
13.224.214.103
13.224.214.105
13.224.214.109
13.224.214.111
13.224.214.119
13.224.214.125
13.224.214.16
13.224.214.3
13.224.214.30
13.224.214.35
13.224.214.36
13.224.214.47
13.224.214.53
13.224.214.63
13.224.214.70
142.250.176.194
142.250.65.194
142.250.72.98
142.251.163.154
142.251.40.198
146.59.148.16
151.101.0.239
151.101.128.239
151.101.130.194
151.101.192.239
151.101.193.140
151.101.64.239
151.101.66.49
174.137.133.49
18.217.94.233
18.232.234.45
184.86.229.123
185.167.164.37
192.35.249.120
198.148.27.140
199.187.193.181
199.250.162.129
199.38.167.128
204.2.255.224
207.198.113.87
23.195.100.26
23.208.216.126
23.48.25.35
23.49.248.25
23.52.167.93
23.64.61.104
23.64.61.169
23.64.61.6
23.78.168.242
2600:1400:d:598::4469
2600:141b:13::17d7:82d1
2600:1901:0:8eee::
2600:1f14:426:3f00:f108:c7fb:5062:bafe
2600:1f18:4e9:5a02:de18:75cd:f3b9:7bd3
2600:1f18:6593:f606:b0c3:6468:eab1:934c
2600:9000:20ed:ba00:1d:8c8c:47c0:93a1
2600:9000:20ed:de00:6:44e3:f8c0:93a1
2600:9000:20ed:fc00:11:615:7240:93a1
2602:803:c002:200::42
2606:4700:20::681a:b19
2606:4700:4400::ac40:929e
2606:4700:4400::ac40:98f5
2606:4700::6810:9540
2606:4700::6812:a4f
2606:4700::6812:c4c
2606:4700::6813:ad6c
2606:ae80:1451:19::1400
2607:f8b0:4004:c06::9b
2607:f8b0:4006:808::2002
2607:f8b0:4006:808::200e
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::2002
2607:f8b0:4006:80a::2002
2607:f8b0:4006:80a::200e
2607:f8b0:4006:80d::200a
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81c::200e
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81e::2008
2607:f8b0:4006:81e::200e
2607:f8b0:4006:820::2006
2607:f8b0:4006:823::2001
2607:f8b0:4006:824::2002
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:b08a:1dc5:659b:4055
2620:1ec:21::14
2a02:6ea0:c400::12
2a03:2880:f03a:1c:face:b00c:0:3
2a03:2880:f13a:83:face:b00c:0:25de
2a04:4e42:200::396
2a04:4e42:600::282
3.129.159.219
3.220.58.99
3.33.220.150
3.95.113.43
3.95.43.37
31.220.27.135
34.107.148.139
34.111.151.213
34.111.8.32
34.117.228.201
34.120.155.137
34.120.253.250
34.194.161.83
34.197.122.29
34.199.73.116
34.227.179.190
34.228.96.109
34.237.73.49
34.239.109.150
34.98.67.3
34.98.72.95
35.190.52.204
35.190.60.146
35.207.24.140
35.211.178.172
35.244.159.8
35.71.139.29
35.86.50.147
4.78.226.224
44.194.129.7
44.209.73.62
44.240.10.58
50.16.197.56
51.222.39.186
52.24.177.43
52.3.25.241
52.36.124.159
52.4.33.45
52.41.193.199
52.45.55.227
52.46.151.131
52.94.223.167
54.162.244.84
54.172.188.135
54.175.87.114
54.200.124.182
54.85.209.9
64.58.232.176
64.58.232.177
67.202.105.24
68.67.160.24
68.67.179.164
69.166.1.12
70.42.32.255
70.42.32.63
74.119.119.129
74.119.119.139
74.119.119.150
74.121.140.14
75.2.40.13
8.28.7.83
8.43.72.97
8.43.72.98
013694a42f9917dbf4ebba3cd8c1924c763856eefa56e5deaa140bb8688ee6c0
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0661ac38488e2bede6e33f169628d5f4839a9d14b7c9cda378d514b86a0836bb
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0760a0a454d26128b9f9bee6f99df65853ac0d5c14f498ff5b5c012ac9d715cc
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c0d06a3263585957eed5ce7ced05f0d8f5c60418544fa74cd4c9619172eb918
0c7511f3b050b0c377e16f2f52a3b8282c74e60ff1112a015d34e7088c00783e
0cb52e90ef1b6d486d5ae330bf1b1823fb6c32c77b530ed462322582a95003a5
0da425eaadbec3853cae0b85493ea7ad6934972097b4f59d2a05dbb130585444
0de94ae1e4dc98c4dfc2e55b93faf202250122afe52b82d724ced0b3e120db9f
0e010e0692c3bb0c343d4ce57c17cca7328054c7fc2b6776d483450f6cc4ad0f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12efd30ba2cb9e04161c4ab3bb6c993839c4401d43785b2763d4b96917c5b22e
1412791fc3e8ede20785df7b4856ac7452464af2e797beb0859adb07771fdc84
1552dca5d8f032ff00b19b9d389961cdb2efbfd895f25847bdb1a5fc9b8736e0
1a2805cb40491a1e86d6f29f756e5e46eb48773f7ad1c1e6527c605f9ec7d235
1b80a8fc491f973cc7bce5e3e8bf7992c52208c4bc516909d9fd84c6285750c2
1d097e69ff47df9414a0ec07dfc70401084f4599617045a3a3edc7661ff76f3f
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1df3371f650083389e7b8913c038c3d3695cc92776c8a72d4f4bec5673e17046
1e823d94961768b23a6c686cc65655b82cd5dfff3af4521deb7d313c0434ed81
1f232c5d80bc1d133ee48f3957bfff5b490c9e56be5e4cf2c7303f4ad391814a
20c078d1c46cc6adb228e8f2d75abac84332c702edccab59242023740c77e191
20e74b9a708a64d7a66a3e3a0aa57ce43513e1e19d0b2cde757260d5a1da2457
232c4a0172c44381d68b1097f313840805eea86f6c5c9efa46b7eed1b25e333f
246f4254dc2c80b2aa63d488a6aca92b3d7e29c4bc60efbd0f3e8397a63c9fd2
2497f94d8a997612d5da2ad1d85dc3e430771037e23c2d9c9a89379686ceccac
26ed5f6aa822d65b6ea7df8d13f1a217d7a933376a824b7ef52af0e6f64f1a44
27e83793f50bb31fc8e9fd687a90b7472f979f925993f597db551450c423487a
28fd0a0bb402484e3f7622df7a5539f7bec89921e801d57a5b89d57a9d7658b5
295a536985ac8f07fae9253207220d64c4372d4f8b7c5f1cad33ffa8c440968f
295bed7c7d72c04a487c76dbc75a7d9ceba16f553bc3ff5e40d1e39b90338536
2a7dab87e27ba551d648c6bbfc6c0411659b50763c1f116558e294f3a8439444
2c667cdbe90922576bac69bbd0fa8f61d0c410748bf29b5bccea09b21123f1a0
2cd22835802a19a7da38b3d108b18762642f5436e3ff2623637d7cfe568cc273
2d5187e8108a020d9f8dce480944e3b5c9d2b531c932d9526e05f1e840dcc94d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8a1f45a3760d8c6bdb8b4d2d55ac3532f06ac81bacb6731a30ede548e6cc99
31bbf3dc3fd57434c865ad04bfbcf28f286bad852fa4d5b88fb9fe4bfa2a9125
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
35dc0e7741c0b7b7860544338b1b5378f4027ed6801cc88bf831ffa2a768da00
39c7c602e0d57a569539f7e8e0b2d75a9f5aa9bb38d59782d2011d9e35c07d77
3ae474e9227986bfaa6b83411f707e953993c7b8058abcbe0870ad330a98cffb
3af73629b27e0479db0ecf28bfb38c25f4fde995b48a0aef46993a404e456e63
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c409ce9996191eed195e4864d7f28d25ab2b09331b26a86a364fe6c39652a0e
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3e2c74520955923ebd7093beb2cf2a2fd6b1dabba81de3948e4712620159e61f
3e54db533043ad1e0d874401f6b842df9d5d18dc838beddad991cf9ecdde73fa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f734bf760d9f9edd6ca06199c0195e98f4f7dc5c0bb50e7f5692e6779ed125b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42141e3a6ee96e76b31d9d103d3fffab2227c7afe68405010c68541c30ae6e0c
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
43ac53321699de9b855293f00101a35c359ed2a276e1d361644c22c2ba63cecd
440ed7dcab5bbb83186176e96fef8405973affd427cb867bde3868a23e0493ff
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b
45c924dda7d9edbb1289005f0bd2beb71527b7ea9aa1498af0143726b8eb1c0d
46d18dad9b9bc26a5edbb508136e75230c9b470f68fc0f751f190ac88728dea7
47a6d427b9f549f52ec7103a6ad5ce45c0f69e29b740eb88be8dfa053db21441
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c174b7731359ce16773d4f72b076dc2b3512e5cb43edafb59b0353e2fdd994a
4cc892362e5eda041f4dc9e7cee0407c2df380d8fe65804b6799d93239a55b22
4ce6adc57571a65e9a7dfb327b27586a757c7d3ab5ac51f0a3630e6ae51ca412
4d7b91ed4a7804e22b94e4873af273def73469e80b740bd9787e287003058868
4de3f44f9af02f0a9ac1366998ed8d04b85caee3bccd4552c04edd8dcd926bee
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50df22a8aba339f78f050ff784c2854c0a1416d4880c0e67b06c80a77fca1211
518dc2c424ab8141de1fdc2126bdd3d7c7e1ff50b62e12674c6a52398a45a632
540f48245870c99b467d8171b70e0fac699be40281033d7d90e4a70eb4666f0b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5748e9028bfb5b7153e64e016141027ffedcff1b931063d0146d647d84359eff
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
58b6a40c7698a85d15c512895b0c018075417b1459c50a09dcb1c47dfce10482
599a300e48ade01b815ff0c6c41cef73d2c046530b8bf2a8aa26d53a7548e603
5a07667afbb809399e222a8aec9a7cf310c87ef7ff8b6108ac791e817ecd4c47
5c9b4ae05fb5b2e0a0f6b8ba4f3e2fd3669261fbb1decbbb9d9238feb65878e5
5d505c23eeafb9281187da223f11be7c4da970fb89bff25f0dc920d3f502f3c2
602788967141ac2f80826dc8179cf311e7d801adea29320e04ea347cf4525d27
619fe63e60464a4fee071a5931bd474b4cafbe619f1d2cb27c241f6bc06897bc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
66113d720f4bbd28846d83b6e1696785479dcfe046e57e6187182429a2e19994
6a28b60aabe29b83721c1e0af81e85184c20c96c9c1c65f5f7d84a74642416b0
6a4dac260dffc284594d633859fb508b2fcfade38b61c8af9cd55eb23adf9e89
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0f24d267fac3bd4905048bf2e384650a040a010094475a2ff2b090ed8bf883
6e4de4e2365a4b8d592875694220f3a355404793ded47e557e320f2165abaaf0
6ebe49a14eb8c97ddb9139f1fa98ce3b0cf0a15f81da96e5865c914e73ddad71
6fdbcf5a6487b5dcbd6f11e3791b7f01221a47cfd4863ce6b671b29b7f2f2df5
706e88adde1f3be4facb695aa38d99f2678898ae7bd3333a3f69714f08f7bafe
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
7259aaf1b41374f0bfc5da7db2520de524612671731ffc96bd6b4ec2e69d7465
733a9406c80665c4d69a3f36a0ec9d416aed4d859fa95a3183f894c14b9c5532
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
73d0b3ad6191c9bd1da09afa330eef03cde53d36063d669c0715194b5648f709
7419908540048c23afc58230effbbd6231be763ee633bf747ff7d30be3785d17
7475b0e4ec6aaefe03e26dee8683fe8dbb06a19d4443265e59aae73cb9f1e261
74c0911329aa791933bf7fce4a6260ee7e542a83adb28a09a71454cf38ebb663
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
75c6cc7e4d68b8dec8bb65307a86cea2c0412fdb5d03e77dcf7eb173b78b2209
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b3122b8978c82a4c544d943a7c17fc04507c7d0a628ab221227e7ddc2c50407
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c2b816951633f059a0b33215f1bf37a71b0653f1d94067f1be07f97a684b565
7c31efea9424669769eba9c6204e60ed334a9d178268dbfdea286a40da8c811e
7c6052d8af13184eee9dca36797fd0b748b3d556b1adc933a51a365dbd9b2021
7ff758ced20d4139eb5f580cfc93d1161ed5e19a4a2d4020728143855d17adeb
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
823e186d74636c4d48883a6badb1fc5399bf9bad10143289d20330cdbf7f4f22
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377
8392b864ce606bf8ec20cf749f148dd7134d770200dd81df9b7adbc33a88978e
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
8575c83bcd649c28701830bc98d0051adba45ba685776092d2417c9240ee0c67
85864f071a9ad44581c779d4b39c7c1e080292689c668d3ac34d020cd9cc9cc0
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf
88d739f667b9df4d11c027da7b5a61816b796d2d9e217c87100fd48daff232e1
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c6456830401da80934234015a0656a2027db0263faf7854db60adcc994c25c2
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8f7bdb9c79c5498f8a5ed7229bf62d3ab6d11dca4698bfdd0f6249f624da13c1
905ea556d01332e5b556febce1b8c55cd81d6d984859cf797eaf9137d2c6dd8a
9112b16c0bd02d574944dbfe8200cda4f233856de27ec693da793a78f656ec6d
919b1c684bb15d6a1bdb4e0a5b0d73aa09ddd1a84798a4409fa4e83e88252d5c
91a2a54925057273b021ab677923f9d2c270deb47621a844719994c6069a20a1
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9451ca22d2a1003d98684847c67d660019bf57980cf92ac8ab81411e0d695e60
9619b33f52384d90e2e2a03c14b32b3f9122db2c3f60ab8169523ae6b197ce53
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9d6c798275ce0c1eaff4c943110103ab8cdf4096dd5e9fe23dbcb8ceba2be83f
9dc99a92f9d68c0bb47cf55e03971e0f068090465859bd483c97bf9c6fdd32e3
9e0843dbf1dc0d65a75182a82b945a9373557932e61934c27679c357f20c33a9
9fc5180c9574e3d0c19951cea0883c2e046e7deaa440afaf7049cca0687c51d7
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a27d8289678c53095dc81f3d8060612f679daf0f5cceb89b5a42866631f932f2
a3beb16a21d5a57e22fdabd66cd77b3dcba2b332d86c30f71f5144b5ea2412f1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3
a979f920e11758bf37879d3a8e33bbd7d0a6841fab93c07669becd880225386e
aa92d06c8169879c441900a70cc12735e0458766f2163be72fe031e107898d48
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
ab7227f2ae21f2daf452863dfa171d2f5c902bf6f12deecd773ef6cb6e06d710
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ace6bf492560c2e8bf9a3b1a8a4a583eb4fdd1b1bfa1033cd90321e94b03763f
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
af29cacfb5125f85da0f1557bb56456abcc1556dbd3094bb56e569890348c984
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b01d4ba963be16f491485ac46d5aa89bf52e45fc64fad558aba54b43ce4ca024
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
b0f47d3e34466d73d6ed47a3b3fdb066a872d628fb6ce56e061aa5520625a320
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a2deea210bdb9d247c7084553a1db3b3392536e3bd832159ad01b61177ced7
b1d33a490da124213ec8c47d880260190deb1f112b2507b512ba2f547f5a65a1
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b2e968d2e76e3cc0c7ce3c54f63ac9d9e345539b0591041b153357f36284315b
b3bb96f49e25e37d6a8a7cf4c775b8f25af1b30e71e36426fd937b78b78a34d6
b42f035c593881359488262fdaf928acd4b9e6129051810120cc361c2a9688dd
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b6d10209938eec5a9fe4ff26d46f0fcd46d5f08c64acdbad2b0d49731f0ed305
b824fb86dba0ad706f216f3f13a6e469dbfd52eacca667d306532a235917c7d0
b82816b0da960d07eb98c8195f14e066c6d4278457f2c4140793ed8595da3737
b94aea5f091eed6b7c2a43510824eee31474336036540843ace6d0221821ef8f
b9daef61d4b711f1d28c3eef6bd8d522b8df518e833767512ad79502cc605dbd
babbf9312379a1373dbf87673c1913910207b16269c5b9776a88a6a90c1d9b23
bb0137567a729cf712624be4ad3500fd341216cc1c9b1faaa451c13d0e899d0b
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c306e770b80446e8099af5c8372a240a0d5efa20441cc8d80305a06fc6711f0a
c34a9420de5b381d4f2459193c70e4d84d5aaa0928a67907a57e2a9e9d3a8852
c41dc37fea212372d1f53109304ebae695e644f9ce083dcab08d5978c8c3020f
c603917a1f98cbd38c3fd21ed961ebdf78b2bf8a7c783794da68b325769ed437
c87318fef7fcccd15255393146bbaa4ee04652789f1fe500e66367e63eb5f84e
c8c9128b649afff93f89f77eb2aa5a4bbbb1443bebc5156d0f697780c8beaa26
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb59848b4e6672fb3b94f7ce6ee8c7f6916c0ea6110c79e1384d9a71e8ebbf1d
cce9d31edf1c7ac059b6f913d03411925ce3d17d21a36e4e97e4dfb19b54b3ce
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff3ff7513a42187f914df965c0006c8756f549dc13ffb64540767042902a748
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3
d2980b54624eb2ecc649343a4eafc6ede027112c1f012cbe6277f9d541048e19
d2f18cbf74456d2df6bc33974409f51f80b74bb7751ec4b22b7a32f628e983ab
d384b7de141117ba65eb5a45d077ce8ddda5c113df38ca54f77b8ad869b81c49
d3915cd5b4242079fbda395e38ea52f7ab62d9bf34c1dae243d78117cecc8632
d4a9fd9436a3afebc7179d2a360e2e5a2280d7fb522ee463ae783d1b0ae05177
d754e05bc2acdfe544b477f31c057921708a43b9868402c1ae574c5c614dc528
d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927
db17b76020ac9ac2f859b55338c32255277124c9c3dae380c1bebda7242d4ff9
dbbfaf15e1d2ab16cf31171e341f75ed57491e03b322221e3cbfca88f68e863b
dc77601b1c0820dc3bc352ec0964d390e2402e7947ec16a7ade2306edbeb2080
dcd56ae9aba3111a0a9c536bff628958506a08a30399109ca6b4be9a75c629e6
ddbae2df2e784b3bbc312a7bf40f0048c5f6379fa036351bbbef7935a0c3bf02
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e3a29ccf9dced5176ca14ebd599de94a00a171dca3d5ac0dc4db9bdf90d0e60c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b99178c5da6ff4d7f612c2c76c390f0a6485f16d87214aca7bca276aaebb86
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4312f2f537cbd6e153d8426ab167e1537c2aa53c8be4f62f05de9e666155d13
e48c2ae6db28320978f2e18da9486e80cbc4acc7074d2bd09babc2404025e45b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
e88f4c0915dc02c509e93e39a70d9cd6ac80e9adb85fc1184f73f39d577ec533
e9881b639c7528a358803222a3d5b1ea1fae69ede0ad9ee2e363be38a2712302
eb2ba0979cfa6f63dd913f3dd0fdc60a7d27ebc06d1a726d6a8db2de01392b09
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f01833b3abb140ecab128a6f20686851f542253cb599d258c5e902c4e3ac4487
f22c32205a7417f8c00ddadfe7a17931f1d5f1e20a38f61b695c12d4d4e61a8e
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f520d200f5d04a2bc40f94c843eb0c2611ffcf103109f6758d81740c8f3b516a
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f891dd70b84754589cde070b857269e5a5603ec828eff6ba8e0ec7bbdb8a0484
f9af8f22898bfc556f103a507cb72fa77ba9e0e13111604c9b08ee407d146fa9
f9f4ab30d5ad26fb21fac14245a63c41deb74cbcd51d6b9000acd6437c1ab5f9