urlscan.io logo urlscan.io
SecurityTrails logo

www.wired.com Open in urlscan Pro
151.101.194.194  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Submission: On September 19 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 129 IPs in 5 countries across 119 domains to perform 462 HTTP transactions. The main IP is 151.101.194.194, located in United States and belongs to FASTLY, US. The main domain is www.wired.com. The Cisco Umbrella rank of the primary domain is 6979.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q3 on September 2nd 2022. Valid for: a year.
This is the only time www.wired.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 151.101.194.194 54113 (FASTLY)
1 15 151.101.128.239 54113 (FASTLY)
6 2606:4700::68... 13335 (CLOUDFLAR...)
14 2607:f8b0:400... 15169 (GOOGLE)
8 23.200.169.173 16625 (AKAMAI-AS)
3 13.224.205.195 16509 (AMAZON-02)
3 104.112.10.99 16625 (AKAMAI-AS)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2a04:4e42:a00... 54113 (FASTLY)
1 3.95.43.37 14618 (AMAZON-AES)
3 151.101.192.239 54113 (FASTLY)
2 2606:4700:440... 13335 (CLOUDFLAR...)
2 34.197.5.69 14618 (AMAZON-AES)
3 13.224.214.21 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
1 54.85.209.9 14618 (AMAZON-AES)
1 13.35.93.23 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
4 151.101.64.239 54113 (FASTLY)
5 151.101.0.239 54113 (FASTLY)
2 13.224.202.36 16509 (AMAZON-02)
4 2602:803:c002... 26667 (RUBICONPR...)
1 8 104.18.19.126 13335 (CLOUDFLAR...)
4 3.230.217.116 14618 (AMAZON-AES)
1 4 34.98.64.218 15169 (GOOGLE)
2 34.107.148.139 15169 (GOOGLE)
2 74.119.119.129 19750 (AS-CRITEO)
1 13.224.214.67 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
4 13.224.208.104 16509 (AMAZON-02)
2 24 34.215.0.93 16509 (AMAZON-02)
2 7 2620:116:800b... 14618 (AMAZON-AES)
1 2a04:4e42::396 54113 (FASTLY)
1 13.35.93.62 16509 (AMAZON-02)
4 2a03:2880:f03... 32934 (FACEBOOK)
1 34.120.253.250 15169 (GOOGLE)
1 2620:112:f002... 6336 (TURN-US-ASN)
1 2600:141b:500... 20940 (AKAMAI-ASN1)
1 13.224.214.63 16509 (AMAZON-02)
2 44.224.191.126 16509 (AMAZON-02)
1 13.224.214.65 16509 (AMAZON-02)
4 23.49.248.26 20940 (AKAMAI-ASN1)
1 2600:9000:21e... 16509 (AMAZON-02)
1 104.112.11.48 16625 (AKAMAI-AS)
3 5 13.224.214.23 16509 (AMAZON-02)
5 11 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
12 18 142.250.80.34 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
6 10 107.178.246.49 15169 (GOOGLE)
8 9 35.71.131.137 16509 (AMAZON-02)
5 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
13 2607:f8b0:400... 15169 (GOOGLE)
11 2607:f8b0:400... 15169 (GOOGLE)
2 16 209.54.182.161 16509 (AMAZON-02)
1 52.85.150.80 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 52.70.130.122 14618 (AMAZON-AES)
1 151.101.193.140 54113 (FASTLY)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 13.107.42.14 8068 (MICROSOFT...)
1 3 104.18.99.194 13335 (CLOUDFLAR...)
1 2600:9000:20e... 16509 (AMAZON-02)
2 75.2.40.13 16509 (AMAZON-02)
4 34.98.72.95 15169 (GOOGLE)
2 13.224.214.90 16509 (AMAZON-02)
2 52.40.109.212 16509 (AMAZON-02)
1 1 3.208.156.92 14618 (AMAZON-AES)
2 70.42.32.255 13789 (INTERNAP-...)
2 50.17.85.17 14618 (AMAZON-AES)
1 6 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.128.58 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 44.240.10.58 16509 (AMAZON-02)
3 3 68.67.179.164 29990 (ASN-APPNEX)
1 11 2600:1f14:426... 16509 (AMAZON-02)
2 3 8.28.7.83 62713 (AS-PUBMATIC)
7 11 8.43.72.98 26667 (RUBICONPR...)
5 5 216.200.232.249 30419 (MEDIAMATH...)
25 44.194.129.7 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
3 13.224.208.192 16509 (AMAZON-02)
2 2620:100:a001::4 19750 (AS-CRITEO)
1 13.224.201.38 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
5 13.224.214.93 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:21d... 16509 (AMAZON-02)
4 2a03:2880:f13... 32934 (FACEBOOK)
2 2607:f8b0:400... 15169 (GOOGLE)
4 104.127.172.242 16625 (AKAMAI-AS)
1 4 198.148.27.139 19189 (PULSEPOINT)
2 6 3.218.90.66 14618 (AMAZON-AES)
3 13 35.244.159.8 15169 (GOOGLE)
1 1 199.187.193.182 47043 (SMARTADSE...)
5 6 68.67.160.24 29990 (ASN-APPNEX)
2 2 35.71.139.29 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
2 52.40.56.16 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2 108.139.29.68 16509 (AMAZON-02)
1 54.200.124.182 16509 (AMAZON-02)
1 3.95.113.43 14618 (AMAZON-AES)
10 10 151.101.66.49 54113 (FASTLY)
1 5 2600:1f18:4e9... 14618 (AMAZON-AES)
8 8 2606:ae80:145... 26762 (CNVR-US-EAST)
2 2 50.16.197.56 14618 (AMAZON-AES)
1 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 20 104.18.18.126 13335 (CLOUDFLAR...)
2 2 72.251.229.176 32475 (SINGLEHOP...)
1 52.73.219.253 14618 (AMAZON-AES)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.144.144.142 14618 (AMAZON-AES)
2 108.139.29.121 16509 (AMAZON-02)
1 1 23.208.216.126 16625 (AKAMAI-AS)
1 1 8.43.72.97 26667 (RUBICONPR...)
6 34.111.8.32 15169 (GOOGLE)
1 52.95.126.160 16509 (AMAZON-02)
3 3 184.29.132.233 16625 (AKAMAI-AS)
5 2607:f8b0:400... 15169 (GOOGLE)
1 3 2620:100:a001::c 19750 (AS-CRITEO)
1 1 67.202.105.24 32748 (STEADFAST)
1 74.119.119.139 19750 (AS-CRITEO)
1 34.120.155.137 15169 (GOOGLE)
15 23.49.100.28 16625 (AKAMAI-AS)
3 3 2620:112:f002... 6336 (TURN-US-ASN)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 34.204.163.217 14618 (AMAZON-AES)
5 5 184.86.229.123 16625 (AKAMAI-AS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 8 23.221.200.79 16625 (AKAMAI-AS)
2 2 199.38.167.131 54312 (ROCKETFUEL)
3 3 54.157.83.177 14618 (AMAZON-AES)
2 74.119.119.150 19750 (AS-CRITEO)
3 4 35.211.178.172 19527 (GOOGLE-2)
3 3 35.190.90.30 15169 (GOOGLE)
4 4 50.31.142.127 22075 (AS-OUTBRAIN)
2 34.199.73.116 14618 (AMAZON-AES)
4 4 35.207.24.140 15169 (GOOGLE)
3 104.112.12.25 16625 (AKAMAI-AS)
2 2 207.198.113.86 13768 (COGECO-PEER1)
3 3 52.45.149.5 14618 (AMAZON-AES)
1 1 34.96.71.22 15169 (GOOGLE)
1 1 141.226.224.48 200478 (TABOOLA-AS)
1 104.244.42.3 13414 (TWITTER)
1 13.224.214.55 16509 (AMAZON-02)
1 13.225.214.129 16509 (AMAZON-02)
2 2 35.190.52.204 15169 (GOOGLE)
1 1 2600:1901:0:8... 15169 (GOOGLE)
1 1 204.2.255.224 2914 (NTT-LTD-2914)
1 1 35.168.171.75 14618 (AMAZON-AES)
1 1 3.218.193.24 14618 (AMAZON-AES)
1 72.44.48.48 14618 (AMAZON-AES)
1 2600:1f18:659... 14618 (AMAZON-AES)
1 2 192.35.249.120 11742 (SPOTX-IAD)
1 1 141.94.171.214 16276 (OVH)
2 2 64.58.232.176 13649 (ASN-VINS)
1 2 64.58.232.180 13649 (ASN-VINS)
1 34.234.134.156 14618 (AMAZON-AES)
462 129
22    151.101.194.194 (United States)

ASN54113 (FASTLY, US)
www.wired.com
15    151.101.128.239 (United States)

ASN54113 (FASTLY, US)
media.wired.com
www.epicurious.com
www.glamour.com
www.gq.com
www.newyorker.com
www.them.us
covers.conde.io
6    2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
14    2607:f8b0:4006:822::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
8    23.200.169.173 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-200-169-173.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
3    13.224.205.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-205-195.phl50.r.cloudfront.net
c.amazon-adsystem.com
3    104.112.10.99 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-112-10-99.deploy.static.akamaitechnologies.com
js-sec.indexww.com
1    2607:f8b0:4006:809::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
apis.google.com
2    2607:f8b0:4006:81e::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
news.google.com
1    2a04:4e42:a00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    3.95.43.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-43-37.compute-1.amazonaws.com
segment-data.zqtk.net
3    151.101.192.239 (United States)

ASN54113 (FASTLY, US)
journey.wired.com
www.cntraveler.com
www.vogue.com
2    2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
2    34.197.5.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-5-69.compute-1.amazonaws.com
mb.moatads.com
3    13.224.214.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-21.phl50.r.cloudfront.net
player.cnevids.com
3    2607:f8b0:4006:81e::2008 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    54.85.209.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-209-9.compute-1.amazonaws.com
infinityid.condenastdigital.com
1    13.35.93.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-23.jfk50.r.cloudfront.net
ats.rlcdn.com
1    2607:f8b0:4006:81c::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
3    2607:f8b0:4006:807::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2607:f8b0:4006:807::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)
2215ed5f1bb5c1f19d3d08f3e16e9b9d.safeframe.googlesyndication.com
4    151.101.64.239 (United States)

ASN54113 (FASTLY, US)
www.allure.com
www.teenvogue.com
pixel.condenastdigital.com
5    151.101.0.239 (United States)

ASN54113 (FASTLY, US)
www.architecturaldigest.com
www.bonappetit.com
pitchfork.com
www.self.com
www.vanityfair.com
2    13.224.202.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-202-36.phl50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
4    2602:803:c002:200::62 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
8    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
4    3.230.217.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-217-116.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
condenastus-d.openx.net
u.openx.net
us-u.openx.net
2    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
1    13.224.214.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-67.phl50.r.cloudfront.net
geo.privacymanager.io
3    2607:f8b0:4006:816::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    13.224.208.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-208-104.phl50.r.cloudfront.net
d2c8v52ll5s99u.cloudfront.net
24    34.215.0.93 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-0-93.us-west-2.compute.amazonaws.com
dpm.demdex.net
7    2620:116:800b:21:a021:b886:81cc:55cf (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
1    2a04:4e42::396 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
1    13.35.93.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-93-62.jfk50.r.cloudfront.net
ak.sail-horizon.com
4    2a03:2880:f03a:1c:face:b00c:0:3 (Minneapolis, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    34.120.253.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
1    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    2600:141b:5000::17df:9c20 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
1    13.224.214.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-63.phl50.r.cloudfront.net
cdn.memo.co
2    44.224.191.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-224-191-126.us-west-2.compute.amazonaws.com
a.ad.gt
1    13.224.214.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-65.phl50.r.cloudfront.net
static.hotjar.com
4    23.49.248.26 (Edison, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-49-248-26.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2600:9000:21ea:9600:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-magiclinks.trackonomics.net
1    104.112.11.48 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-112-11-48.deploy.static.akamaitechnologies.com
amplify.outbrain.com
5    13.224.214.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-23.phl50.r.cloudfront.net
sb.scorecardresearch.com
ads.scorecardresearch.com
11    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
18    142.250.80.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s34-in-f2.1e100.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
10    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
9    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
5    2607:f8b0:4006:821::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
2    2607:f8b0:4006:823::200a (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    2607:f8b0:4006:809::2001 (Rockville, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
11    2607:f8b0:4006:820::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
16    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    52.85.150.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-150-80.iad89.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    2607:f8b0:4006:820::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
2    2607:f8b0:4006:820::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.70.130.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-130-122.compute-1.amazonaws.com
pbs.getpublica.com
1    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
3    104.18.99.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    2600:9000:20ed:1e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    75.2.40.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
4    34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
2    13.224.214.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-90.phl50.r.cloudfront.net
script.hotjar.com
2    52.40.109.212 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-109-212.us-west-2.compute.amazonaws.com
condenast.demdex.net
1    3.208.156.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-156-92.compute-1.amazonaws.com
cm.everesttech.net
2    70.42.32.255 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
tr.outbrain.com
2    50.17.85.17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-85-17.compute-1.amazonaws.com
elsa.memoinsights.com
6    2607:f8b0:4006:81d::2004 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4006:823::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
1    108.138.128.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-128-58.jfk50.r.cloudfront.net
vars.hotjar.com
1    2606:4700:20::ac43:49e4 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    44.240.10.58 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-10-58.us-west-2.compute.amazonaws.com
p.ad.gt
3    68.67.179.164 (Secaucus, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
11    2600:1f14:426:3f00:f108:c7fb:5062:bafe (Boardman, United States)

ASN16509 (AMAZON-02, US)
ids.ad.gt
3    8.28.7.83 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
11    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
5    216.200.232.249 (Frederick, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
25    44.194.129.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-129-7.compute-1.amazonaws.com
capture.condenastdigital.com
1    2607:f8b0:4006:820::2006 (Rockville, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    13.224.208.192 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-208-192.phl50.r.cloudfront.net
dwgyu36up6iuz.cloudfront.net
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    13.224.201.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-201-38.phl50.r.cloudfront.net
cdn.parsely.com
2    2607:f8b0:4006:80c::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    13.224.214.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-93.phl50.r.cloudfront.net
dp8hsntg6do36.cloudfront.net
1    2607:f8b0:4006:808::200e (Rockville, United States)

ASN15169 (GOOGLE, US)
ampcid.google.ca
1    2600:9000:21dd:b200:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)
pxl.qccerttest.com
4    2a03:2880:f13a:83:face:b00c:0:25de (Minneapolis, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2607:f8b0:4006:808::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
4    104.127.172.242 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-127-172-242.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
4    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
6    3.218.90.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-90-66.compute-1.amazonaws.com
ups.analytics.yahoo.com
13    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
1    199.187.193.182 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync-us.smartadserver.com
6    68.67.160.24 (New York, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
3    2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    52.40.56.16 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-56-16.us-west-2.compute.amazonaws.com
id.hadron.ad.gt
2    2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
3    2607:f8b0:4006:81e::2003 (Rockville, United States)

ASN15169 (GOOGLE, US)
www.google.ca
2    108.139.29.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-68.jfk50.r.cloudfront.net
aa.agkn.com
1    54.200.124.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-124-182.us-west-2.compute.amazonaws.com
pixels.ad.gt
1    3.95.113.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-113-43.compute-1.amazonaws.com
4d.condenastdigital.com
10    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    2600:1f18:4e9:5a02:de18:75cd:f3b9:7bd3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
8    2606:ae80:1451:22::760 (United States)

ASN26762 (CNVR-US-EAST, US)
pulsepoint-match.dotomi.com
medianet-match.dotomi.com
casale-match.dotomi.com
2    50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com
loadm.exelator.com
1    2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
20    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
dsum.casalemedia.com
r.casalemedia.com
as-sec.casalemedia.com
2    72.251.229.176 (United States)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    52.73.219.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-219-253.compute-1.amazonaws.com
d.adroll.com
1    2606:4700::6813:ad6c (United States)

ASN13335 (CLOUDFLARENET, US)
csync.loopme.me
1    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
2    108.139.29.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-29-121.jfk50.r.cloudfront.net
check.analytics.rlcdn.com
1    23.208.216.126 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-208-216-126.deploy.static.akamaitechnologies.com
su.addthis.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
6    34.111.8.32 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
events.bouncex.net
dfp.bouncex.net
1    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
3    184.29.132.233 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-132-233.deploy.static.akamaitechnologies.com
x.dlx.addthis.com
stags.bluekai.com
5    2607:f8b0:4006:80f::2002 (Rockville, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    67.202.105.24 (United States)

ASN32748 (STEADFAST, US)
PTR: ip24.67-202-105.static.steadfastdns.net
dp2.33across.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
15    23.49.100.28 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-49-100-28.deploy.static.akamaitechnologies.com
contextual.media.net
3    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
1    2606:4700::6812:a4f (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
2    34.204.163.217 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-163-217.compute-1.amazonaws.com
match.prod.bidr.io
5    184.86.229.123 (Minneapolis, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-86-229-123.deploy.static.akamaitechnologies.com
px.owneriq.net
2    2606:4700::6812:d4c (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
8    23.221.200.79 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-221-200-79.deploy.static.akamaitechnologies.com
hbx.media.net
cs.media.net
2    199.38.167.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
3    54.157.83.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-83-177.compute-1.amazonaws.com
pm.w55c.net
2    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
4    35.211.178.172 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
3    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
4    50.31.142.127 (Chicago, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
2    34.199.73.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-73-116.compute-1.amazonaws.com
dmp.adblade.com
4    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
3    104.112.12.25 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-112-12-25.deploy.static.akamaitechnologies.com
c21lg-d.media.net
2    207.198.113.86 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
3    52.45.149.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-149-5.compute-1.amazonaws.com
sync.crwdcntrl.net
1    34.96.71.22 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 22.71.96.34.bc.googleusercontent.com
s.company-target.com
1    141.226.224.48 (United States)

ASN200478 (TABOOLA-AS, IL)
sync.taboola.com
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    13.224.214.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-55.phl50.r.cloudfront.net
fr-actions.trackonomics.net
1    13.225.214.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-129.ewr50.r.cloudfront.net
trx-hub.com
2    35.190.52.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.52.190.35.bc.googleusercontent.com
tag.yieldoptimizer.com
1    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
1    204.2.255.224 (Bear, United States)

ASN2914 (NTT-LTD-2914, US)
abp.mxptint.net
1    35.168.171.75 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-171-75.compute-1.amazonaws.com
aorta.clickagy.com
1    3.218.193.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-193-24.compute-1.amazonaws.com
usermatch.krxd.net
1    72.44.48.48 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-72-44-48-48.compute-1.amazonaws.com
beacon.krxd.net
1    2600:1f18:6593:f606:ee73:d59a:4018:6dc2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    192.35.249.120 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
1    141.94.171.214 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-8.cloudy.ovh
pixel.onaudience.com
2    64.58.232.176 (United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
2    64.58.232.180 (United States)

ASN13649 (ASN-VINS, US)
ib.mookie1.com
1    34.234.134.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-134-156.compute-1.amazonaws.com
id.sv.rkdms.com
Apex Domain
Subdomains		 Transfer
37 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
pubads.g.doubleclick.net — Cisco Umbrella Rank: 437
stats.g.doubleclick.net — Cisco Umbrella Rank: 79
198 KB
32 wired.com
www.wired.com — Cisco Umbrella Rank: 6979
media.wired.com — Cisco Umbrella Rank: 32567
journey.wired.com — Cisco Umbrella Rank: 70411
2 MB
29 condenastdigital.com
infinityid.condenastdigital.com — Cisco Umbrella Rank: 24918
pixel.condenastdigital.com — Cisco Umbrella Rank: 19258
capture.condenastdigital.com — Cisco Umbrella Rank: 15095
4d.condenastdigital.com — Cisco Umbrella Rank: 18505
18 KB
28 media.net
prebid.media.net — Cisco Umbrella Rank: 1065
contextual.media.net — Cisco Umbrella Rank: 559
hbx.media.net — Cisco Umbrella Rank: 1441
cs.media.net — Cisco Umbrella Rank: 1318
c21lg-d.media.net — Cisco Umbrella Rank: 1716
78 KB
28 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
dsum.casalemedia.com — Cisco Umbrella Rank: 1306
r.casalemedia.com — Cisco Umbrella Rank: 849
as-sec.casalemedia.com — Cisco Umbrella Rank: 1353
24 KB
26 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
condenast.demdex.net — Cisco Umbrella Rank: 19976
31 KB
22 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 6415
s.amazon-adsystem.com — Cisco Umbrella Rank: 295
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1232
61 KB
20 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
token.rubiconproject.com — Cisco Umbrella Rank: 667
eus.rubiconproject.com — Cisco Umbrella Rank: 564
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 796
pixel.rubiconproject.com — Cisco Umbrella Rank: 335
31 KB
19 googlesyndication.com
2215ed5f1bb5c1f19d3d08f3e16e9b9d.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
550 KB
17 ad.gt
a.ad.gt — Cisco Umbrella Rank: 3831
p.ad.gt — Cisco Umbrella Rank: 4394
ids.ad.gt — Cisco Umbrella Rank: 3454
id.hadron.ad.gt — Cisco Umbrella Rank: 4243
pixels.ad.gt — Cisco Umbrella Rank: 4386
21 KB
17 openx.net
condenastus-d.openx.net — Cisco Umbrella Rank: 22530
u.openx.net — Cisco Umbrella Rank: 650
us-u.openx.net — Cisco Umbrella Rank: 396
3 KB
15 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 953
ups.analytics.yahoo.com — Cisco Umbrella Rank: 287
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 468
5 KB
15 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 1358
idsync.rlcdn.com — Cisco Umbrella Rank: 331
check.analytics.rlcdn.com — Cisco Umbrella Rank: 3955
api.rlcdn.com — Cisco Umbrella Rank: 804
id.rlcdn.com — Cisco Umbrella Rank: 561
113 KB
15 google.com
apis.google.com — Cisco Umbrella Rank: 98
news.google.com — Cisco Umbrella Rank: 5276
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
ampcid.google.com — Cisco Umbrella Rank: 2077
analytics.google.com — Cisco Umbrella Rank: 402
75 KB
13 cloudfront.net
d2c8v52ll5s99u.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
dwgyu36up6iuz.cloudfront.net
dp8hsntg6do36.cloudfront.net
1 MB
11 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1036
sync-tm.everesttech.net — Cisco Umbrella Rank: 562
2 KB
11 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
23 KB
10 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 436
1 KB
10 moatads.com
z.moatads.com — Cisco Umbrella Rank: 403
mb.moatads.com — Cisco Umbrella Rank: 659
px.moatads.com — Cisco Umbrella Rank: 467
418 KB
9 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 432
ib.adnxs.com — Cisco Umbrella Rank: 228
8 KB
9 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
5 KB
8 dotomi.com
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 5704
medianet-match.dotomi.com — Cisco Umbrella Rank: 7468
casale-match.dotomi.com — Cisco Umbrella Rank: 2448
3 KB
8 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
gum.criteo.com — Cisco Umbrella Rank: 406
mug.criteo.com — Cisco Umbrella Rank: 2876
dis.criteo.com — Cisco Umbrella Rank: 688
9 KB
7 bounceexchange.com
tag.bounceexchange.com — Cisco Umbrella Rank: 2610
assets.bounceexchange.com — Cisco Umbrella Rank: 2202
api.bounceexchange.com — Cisco Umbrella Rank: 2463
264 KB
7 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905
pixel.quantserve.com — Cisco Umbrella Rank: 423
12 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
www.linkedin.com — Cisco Umbrella Rank: 623
px4.ads.linkedin.com — Cisco Umbrella Rank: 6198
4 KB
6 google.ca
adservice.google.ca — Cisco Umbrella Rank: 13421
ampcid.google.ca — Cisco Umbrella Rank: 87375
www.google.ca — Cisco Umbrella Rank: 8529
2 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 410
129 KB
5 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 947
ib.mookie1.com — Cisco Umbrella Rank: 2340
3 KB
5 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 973
3 KB
5 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 444
3 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 359
109 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 153
ads.scorecardresearch.com — Cisco Umbrella Rank: 2354
2 KB
5 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 424
fonts.googleapis.com — Cisco Umbrella Rank: 40
365 KB
5 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 615
cdn.indexww.com — Cisco Umbrella Rank: 1381
19 KB
4 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 911
1 KB
4 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 568
3 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 301
2 KB
4 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 2043
dfp.bouncex.net — Cisco Umbrella Rank: 4745
549 B
4 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 524
3 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
583 B
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 966
70 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 591
script.hotjar.com — Cisco Umbrella Rank: 779
vars.hotjar.com — Cisco Umbrella Rank: 852
74 KB
4 turn.com
d.turn.com — Cisco Umbrella Rank: 1042
ad.turn.com — Cisco Umbrella Rank: 742
1 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 152
280 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 725
2 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 739
2 KB
3 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 1378
load77.exelator.com — Cisco Umbrella Rank: 2424
2 KB
3 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 883
948 B
3 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 492
489 B
3 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 2418
tr.outbrain.com — Cisco Umbrella Rank: 2246
4 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
271 KB
3 cnevids.com
player.cnevids.com — Cisco Umbrella Rank: 16860
38 KB
2 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1965
941 B
2 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 563
1 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 1103
beacon.krxd.net — Cisco Umbrella Rank: 513
529 B
2 yieldoptimizer.com
tag.yieldoptimizer.com — Cisco Umbrella Rank: 4598
972 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 593
1 KB
2 adblade.com
dmp.adblade.com — Cisco Umbrella Rank: 6564
458 B
2 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 501
2 KB
2 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 728
1 KB
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 488
1 KB
2 addthis.com
su.addthis.com — Cisco Umbrella Rank: 2413
x.dlx.addthis.com — Cisco Umbrella Rank: 1196
693 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1407
1 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 448
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 407
739 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
88 KB
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 2822
p1.parsely.com — Cisco Umbrella Rank: 2187
21 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
58 KB
2 memoinsights.com
elsa.memoinsights.com — Cisco Umbrella Rank: 25518
1 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2703
496 B
2 gstatic.com
fonts.gstatic.com
32 KB
2 pippio.com
pippio.com — Cisco Umbrella Rank: 734
717 B
2 trackonomics.net
cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 5430
fr-actions.trackonomics.net — Cisco Umbrella Rank: 9402
29 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 678
704 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 4070
625 B
1 conde.io
covers.conde.io — Cisco Umbrella Rank: 98103
414 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3161
248 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 10822
411 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 1502
430 B
1 mxptint.net
abp.mxptint.net — Cisco Umbrella Rank: 19809
675 B
1 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2305
305 B
1 trx-hub.com
trx-hub.com — Cisco Umbrella Rank: 6344
445 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 538
353 B
1 taboola.com
sync.taboola.com — Cisco Umbrella Rank: 1037
312 B
1 company-target.com
s.company-target.com — Cisco Umbrella Rank: 3550
419 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 2385
553 B
1 33across.com
dp2.33across.com — Cisco Umbrella Rank: 9200
500 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 909
362 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1453
181 B
1 smartadserver.com
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 5519
325 B
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 983
551 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
17 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 4117
14 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846
2 KB
1 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1569
157 B
1 getpublica.com
pbs.getpublica.com — Cisco Umbrella Rank: 22315
388 B
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 4108
390 B
1 memo.co
cdn.memo.co — Cisco Umbrella Rank: 31143
7 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 769
3 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2700
44 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1451
8 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 1400
595 B
1 vogue.com
www.vogue.com — Cisco Umbrella Rank: 28091
1 KB
1 vanityfair.com
www.vanityfair.com — Cisco Umbrella Rank: 25732
1 KB
1 them.us
www.them.us — Cisco Umbrella Rank: 33385
722 B
1 teenvogue.com
www.teenvogue.com — Cisco Umbrella Rank: 32210
1 KB
1 self.com
www.self.com — Cisco Umbrella Rank: 32024
1 KB
1 pitchfork.com
pitchfork.com — Cisco Umbrella Rank: 26482
1 KB
1 newyorker.com
www.newyorker.com — Cisco Umbrella Rank: 6111
1 KB
1 gq.com
www.gq.com — Cisco Umbrella Rank: 31196
1 KB
1 glamour.com
www.glamour.com — Cisco Umbrella Rank: 14537
1 KB
1 epicurious.com
www.epicurious.com — Cisco Umbrella Rank: 34747
1 KB
1 cntraveler.com
www.cntraveler.com — Cisco Umbrella Rank: 30450
1 KB
1 bonappetit.com
www.bonappetit.com — Cisco Umbrella Rank: 26858
1 KB
1 architecturaldigest.com
www.architecturaldigest.com — Cisco Umbrella Rank: 31182
1 KB
1 allure.com
www.allure.com — Cisco Umbrella Rank: 31909
1 KB
1 zqtk.net
segment-data.zqtk.net — Cisco Umbrella Rank: 8988
545 B
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1329
397 B
462 119
Domain Requested by
25 capture.condenastdigital.com www.wired.com
24 dpm.demdex.net 2 redirects www.wired.com
22 www.wired.com www.wired.com
17 cm.g.doubleclick.net 12 redirects www.wired.com
u.openx.net
eus.rubiconproject.com
16 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
16 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
u.openx.net
bh.contextweb.com
ssum-sec.casalemedia.com
eus.rubiconproject.com
us-u.openx.net
15 contextual.media.net www.wired.com
contextual.media.net
14 securepubads.g.doubleclick.net www.wired.com
securepubads.g.doubleclick.net
www.googletagservices.com
13 us-u.openx.net 3 redirects u.openx.net
www.wired.com
us-u.openx.net
13 tpc.googlesyndication.com www.wired.com
cdn.ampproject.org
securepubads.g.doubleclick.net
tpc.googlesyndication.com
11 ids.ad.gt 1 redirects www.wired.com
11 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
10 sync-tm.everesttech.net 10 redirects
10 pixel.tapad.com 6 redirects www.wired.com
us-u.openx.net
9 match.adsrvr.org 8 redirects www.wired.com
9 media.wired.com www.wired.com
7 idsync.rlcdn.com 3 redirects www.wired.com
condenast.demdex.net
us-u.openx.net
6 cs.media.net 2 redirects contextual.media.net
6 ib.adnxs.com 5 redirects
6 ups.analytics.yahoo.com 2 redirects us-u.openx.net
contextual.media.net
6 ssum-sec.casalemedia.com 1 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
6 token.rubiconproject.com 6 redirects
6 www.google.com 1 redirects securepubads.g.doubleclick.net
www.wired.com
tpc.googlesyndication.com
6 pixel.quantserve.com 2 redirects www.wired.com
6 cdn.cookielaw.org www.wired.com
cdn.cookielaw.org
5 px.owneriq.net 5 redirects
5 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
5 pr-bh.ybp.yahoo.com 1 redirects u.openx.net
ssum-sec.casalemedia.com
5 dp8hsntg6do36.cloudfront.net www.wired.com
d2c8v52ll5s99u.cloudfront.net
5 sync.mathtag.com 5 redirects
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 rtb.mfadsrvr.com 4 redirects
4 b1sync.zemanta.com 4 redirects
4 x.bidswitch.net 3 redirects contextual.media.net
4 medianet-match.dotomi.com 4 redirects
4 id.rlcdn.com 2 redirects contextual.media.net
4 bh.contextweb.com 1 redirects s.amazon-adsystem.com
bh.contextweb.com
4 eus.rubiconproject.com s.amazon-adsystem.com
eus.rubiconproject.com
www.wired.com
4 www.facebook.com www.wired.com
4 assets.bounceexchange.com tag.bounceexchange.com
assets.bounceexchange.com
4 px.ads.linkedin.com 3 redirects eus.rubiconproject.com
4 px.moatads.com www.wired.com
4 sb.scorecardresearch.com 2 redirects www.wired.com
4 analytics.tiktok.com www.wired.com
analytics.tiktok.com
4 connect.facebook.net www.wired.com
connect.facebook.net
d2c8v52ll5s99u.cloudfront.net
4 d2c8v52ll5s99u.cloudfront.net player.cnevids.com
d2c8v52ll5s99u.cloudfront.net
4 c2shb.ssp.yahoo.com www.wired.com
4 fastlane.rubiconproject.com www.wired.com
4 z.moatads.com www.wired.com
securepubads.g.doubleclick.net
d2c8v52ll5s99u.cloudfront.net
3 sync.crwdcntrl.net 3 redirects
3 c21lg-d.media.net contextual.media.net
3 odr.mookie1.com 3 redirects
3 pm.w55c.net 3 redirects
3 ad.turn.com 3 redirects
3 gum.criteo.com 1 redirects static.criteo.net
contextual.media.net
3 events.bouncex.net www.wired.com
3 www.google.ca www.wired.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 dwgyu36up6iuz.cloudfront.net www.wired.com
d2c8v52ll5s99u.cloudfront.net
3 image2.pubmatic.com 2 redirects
3 secure.adnxs.com 3 redirects
3 p.adsymptotic.com 1 redirects www.wired.com
3 imasdk.googleapis.com player.cnevids.com
imasdk.googleapis.com
3 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
3 www.googletagmanager.com www.wired.com
www.googletagmanager.com
3 player.cnevids.com www.wired.com
player.cnevids.com
3 js-sec.indexww.com www.wired.com
3 c.amazon-adsystem.com www.wired.com
c.amazon-adsystem.com
2 ib.mookie1.com 1 redirects
2 global.ib-ibi.com 2 redirects
2 sync.search.spotxchange.com 1 redirects
2 tag.yieldoptimizer.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 casale-match.dotomi.com 2 redirects
2 dmp.adblade.com contextual.media.net
2 stags.bluekai.com 2 redirects
2 dis.criteo.com contextual.media.net
2 p.rfihub.com 2 redirects
2 hbx.media.net contextual.media.net
2 cdn.indexww.com ssum-sec.casalemedia.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 match.prod.bidr.io 2 redirects
2 api.bounceexchange.com assets.bounceexchange.com
2 check.analytics.rlcdn.com www.wired.com
2 cm.adgrx.com 2 redirects
2 loadm.exelator.com 2 redirects
2 pulsepoint-match.dotomi.com 2 redirects
2 aa.agkn.com 2 redirects
2 analytics.google.com www.googletagmanager.com
2 id.hadron.ad.gt
2 eb2.3lift.com 2 redirects
2 pubads.g.doubleclick.net d2c8v52ll5s99u.cloudfront.net
imasdk.googleapis.com
2 www.googletagservices.com securepubads.g.doubleclick.net
2 static.criteo.net www.wired.com
static.criteo.net
2 u.openx.net 1 redirects s.amazon-adsystem.com
2 elsa.memoinsights.com cdn.memo.co
2 tr.outbrain.com amplify.outbrain.com
www.wired.com
2 condenast.demdex.net www.wired.com
2 script.hotjar.com static.hotjar.com
script.hotjar.com
2 api.sail-personalize.com ak.sail-horizon.com
2 fonts.gstatic.com fonts.googleapis.com
2 pixel.condenastdigital.com www.wired.com
2 fonts.googleapis.com securepubads.g.doubleclick.net
2 pippio.com 2 redirects
2 a.ad.gt www.googletagmanager.com
p.ad.gt
2 bidder.criteo.com www.wired.com
2 prebid.media.net www.wired.com
2 condenastus-d.openx.net www.wired.com
2 htlb.casalemedia.com www.wired.com
2 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
2 adservice.google.ca securepubads.g.doubleclick.net
2 mb.moatads.com z.moatads.com
2 geolocation.onetrust.com cdn.cookielaw.org
2 news.google.com www.wired.com
news.google.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 covers.conde.io 1 redirects
1 pixel.onaudience.com 1 redirects
1 dmp.v.fwmrm.net
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 aorta.clickagy.com 1 redirects
1 abp.mxptint.net 1 redirects
1 ads.scorecardresearch.com 1 redirects
1 fei.pro-market.net 1 redirects
1 trx-hub.com
1 fr-actions.trackonomics.net cdn-magiclinks.trackonomics.net
1 dfp.bouncex.net assets.bounceexchange.com
1 analytics.twitter.com
1 sync.taboola.com 1 redirects
1 s.company-target.com 1 redirects
1 r.casalemedia.com ssum-sec.casalemedia.com
1 idpix.media6degrees.com 1 redirects
1 api.rlcdn.com www.wired.com
1 mug.criteo.com
1 dp2.33across.com 1 redirects
1 x.dlx.addthis.com 1 redirects
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 su.addthis.com 1 redirects
1 p1.parsely.com www.wired.com
1 csync.loopme.me 1 redirects
1 d.adroll.com ssum-sec.casalemedia.com
1 load77.exelator.com www.wired.com
1 4d.condenastdigital.com pixel.condenastdigital.com
1 pixels.ad.gt p.ad.gt
1 ssbsync-us.smartadserver.com 1 redirects
1 pxl.qccerttest.com www.wired.com
1 ampcid.google.ca www.google-analytics.com
1 cdn.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 s0.2mdn.net imasdk.googleapis.com
1 p.ad.gt a.ad.gt
1 cdn.hadronid.net a.ad.gt
1 vars.hotjar.com static.hotjar.com
1 ampcid.google.com www.google-analytics.com
1 googleads.g.doubleclick.net www.wired.com
1 cm.everesttech.net 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 px4.ads.linkedin.com 1 redirects
1 www.linkedin.com 1 redirects
1 alb.reddit.com www.wired.com
1 pbs.getpublica.com player.cnevids.com
1 d1z2jf7jlzjs58.cloudfront.net www.wired.com
1 tags.rd.linksynergy.com 1 redirects
1 amplify.outbrain.com www.wired.com
1 cdn-magiclinks.trackonomics.net www.wired.com
1 static.hotjar.com www.wired.com
1 cdn.memo.co www.wired.com
1 snap.licdn.com www.wired.com
1 d.turn.com www.wired.com
1 tag.bounceexchange.com www.wired.com
1 ak.sail-horizon.com www.googletagmanager.com
1 www.redditstatic.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 geo.privacymanager.io ats.rlcdn.com
1 www.vogue.com www.wired.com
1 www.vanityfair.com www.wired.com
1 www.them.us www.wired.com
1 www.teenvogue.com www.wired.com
1 www.self.com www.wired.com
1 pitchfork.com www.wired.com
1 www.newyorker.com www.wired.com
1 www.gq.com www.wired.com
1 www.glamour.com www.wired.com
1 www.epicurious.com www.wired.com
1 www.cntraveler.com www.wired.com
1 www.bonappetit.com www.wired.com
1 www.architecturaldigest.com www.wired.com
1 www.allure.com www.wired.com
1 2215ed5f1bb5c1f19d3d08f3e16e9b9d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ats.rlcdn.com www.wired.com
1 infinityid.condenastdigital.com www.wired.com
1 journey.wired.com www.wired.com
1 segment-data.zqtk.net www.wired.com
1 polyfill.io www.wired.com
1 apis.google.com www.wired.com
462 197
Subject Issuer Validity Valid
condenast.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-02 -
2023-10-04		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2022-05-01 -
2023-05-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.news.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-03-08 -
2023-04-09		 a year crt.sh
*.zqtk.net
Amazon		 2022-07-18 -
2023-08-16		 a year crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
*.cnevids.com
Amazon		 2022-09-03 -
2023-10-01		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
conde.io
Amazon		 2022-05-31 -
2023-06-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.google.ca
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-22 -
2023-06-21		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.privacymanager.io
Amazon		 2022-08-26 -
2023-09-24		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
www.redditstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
ak.sail-horizon.com
Amazon		 2022-01-06 -
2023-02-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-06-29 -
2022-09-27		 3 months crt.sh
tag.bounceexchange.com
R3		 2022-07-28 -
2022-10-26		 3 months crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-02 -
2023-04-01		 a year crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2022-03-01 -
2023-03-01		 a year crt.sh
memo.co
Amazon		 2022-04-27 -
2023-05-26		 a year crt.sh
*.ad.gt
Amazon		 2022-05-10 -
2023-06-08		 a year crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.trackonomics.net
Go Daddy Secure Certificate Authority - G2		 2021-12-22 -
2023-01-23		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-03 -
2023-04-04		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.getpublica.com
Amazon		 2022-06-01 -
2023-06-30		 a year crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-03 -
2022-12-30		 6 months crt.sh
api.sail-personalize.com
Amazon		 2022-05-25 -
2023-06-23		 a year crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2022-08-07 -
2022-11-05		 3 months crt.sh
memoinsights.com
Amazon		 2022-04-27 -
2023-05-26		 a year crt.sh
*.hadronid.net
GTS CA 1P5		 2022-08-18 -
2022-11-16		 3 months crt.sh
ids.ad.gt
R3		 2022-07-22 -
2022-10-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-29 -
2022-11-21		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.parsely.com
Amazon		 2022-06-05 -
2023-07-04		 a year crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.contextweb.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-07 -
2023-05-08		 a year crt.sh
id.hadron.ad.gt
Amazon		 2022-08-24 -
2023-09-22		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
adroll.mgr.consensu.org
Amazon		 2022-08-11 -
2023-09-09		 a year crt.sh
analytics.rlcdn.com
Amazon		 2022-07-27 -
2023-08-25		 a year crt.sh
*.wunderkind.co
R3		 2022-08-13 -
2022-11-11		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-07-20 -
2023-07-19		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-24 -
2023-02-15		 6 months crt.sh
dmp.adblade.com
R3		 2022-09-02 -
2022-12-01		 3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.trx-hub.com
Amazon		 2022-02-20 -
2023-03-21		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh

This page contains 35 frames:

Primary Page: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Frame ID: 225E2D3D351B17D037E7954A18687F0E
Requests: 242 HTTP requests in this frame

Frame: https://2215ed5f1bb5c1f19d3d08f3e16e9b9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0E4BB3DE41E3120C1EAE39B475FEACED
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: A0731EA502BFBF67E45D4797D37BBCE2
Requests: 27 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012208242209000/amp4ads-v0.mjs
Frame ID: E9559304F3B420B71FE0E85C102E1D9A
Requests: 18 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Frame ID: 4B2849B47A0D3ECB8181457F077E2408
Requests: 1 HTTP requests in this frame

Frame: https://condenast.demdex.net/dest5.html?d_nsid=0
Frame ID: C006EBB1726778413547277FC6DC973B
Requests: 36 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Frame ID: 67630802428DB6C1E3477B36C62C1143
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.531.0_en.html
Frame ID: 4514C519065C6AB2682DD3287BABEE56
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEbj4G5Bua10n6M4GepILl0aBAUTqXicas7RHZY_usxgis1DPwwlXBo5s4M20qvNmdBfUO4D_v6U9XqVEqj9UY9dkvg6sGQtlBvGquS9tREuQyzliAowsPa-fcPUcQ6A5d8kYwg0MXPwqGjOr_1FNbivtqCwZ6f9QjmBrlVNazXGL6QPhkY49ELoT5y_38JsWbaFTbXieoFirAVgA3dhE42DhzuoF4cF7PopzCgxq5GYs3sHg_zGNSD2NUI9BUStc6L7DLFlvC_u36eI5zbV1QY4NavMMYcUEm2Mtq9QLxZB_ijWfgmdWAiCwCbsLLw0hdtc22pDUhgUzc5NG9Nw&sai=AMfl-YSHTKlPwRMUXdRpuUo0mQMpNnOMSuCrDq07caMVHX-Whf8aq_9L7__KK76Q3JwMFLo7Hp-xK1UMSxklmlZAQDSbjS0lHjRXOLofwYmSpItpIpuzU7hIYQhsXa0bbolTfyZW1ye-v783rVzO71XBmw&sig=Cg0ArKJSzAW95FHUwYm5EAE&uach_m=[UACH]&adurl=
Frame ID: EAB92331839E1B8CC60552D734B31935
Requests: 9 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Frame ID: 383534605528738BEF9972C1D3F1B8FE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuzltnDAdxkXqJadn2TZyBKMAD6lojUagiILAGgip5PANsJNHsEoPPertSJOQfLt_uSS5Ymy7D4XttVrhfTCM3TuzOw4WbeN9v8Jmyz6yJYqh5Uno_J0T5ox3434dWVHPBbRnSqQkfQVOtxn86yVPGZaUS9qxWcOztGL49VpwF5ciehv1zB9ZcJS8T893BU1iRU7BxWmtVikIOn6fCAfD7ZVm4BQmR-9vEdBM9Q69pe-U-cPh1HmootN-VWDNwE9iyERsgNo8dA7dODFJRCt70X14TaX2HcMPqhmrFX9XhEX-F7sxUWCz3uwbkvQlJ4AXdt4KMIHL3vOhpTF7NdA&sai=AMfl-YTBgTRiUvq6LCXugjKrmnNlCvVHyMKPax1w2sbuX7aFGZooNo24CBZRFFkkTO920T2wHsETTPbR6HElUGmqJjXlsn52VVXwzpX_0iujNDQr1W0DgaBCL3FAF_NRE0ahJQJCfSiXEgJyM0Kooetl_A&sig=Cg0ArKJSzDpmcEigkyMfEAE&uach_m=[UACH]&adurl=
Frame ID: FAB468FAE5349B2C1665AAC81E83DDA6
Requests: 8 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Frame ID: E08C88E57045CDAF3B1F6B039207BD0D
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 0BFE8111E5467F4D122D2421DE78B5AD
Requests: 11 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Frame ID: F93E8F25876B70A7E2F5837A7366C2D5
Requests: 4 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1yOWE4aHVwRTJ1TEsxdWRQSlVHeUpRQklER0wzY3RjUX5B
Frame ID: 5028A1F23010A718E8DE154651FE930B
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: C5386FA2F4C0F614465EDF915ABA40AB
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=27208953193559021&gdpr=0&gdpr_consent=
Frame ID: 66ADCB2D517C84B1B1382067108B26FE
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=1122792427392432315&ex=appnexus.com
Frame ID: 75E6E568F524F8F03B5BD0002CA612FD
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3034631852098996955838
Frame ID: C5199165799EBD537FE4A3EA9824E4E7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 13DFAF15A05B754E8F3D34CFDF2F9FC1
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 26002F65E4916FA962F66E6BAF8336CA
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.wired.com
Frame ID: 7E94B58F4B2DF9024E6FEE7EAD84CB26
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D689A19AEAF766E498CABC5D27E08094
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 4BDA595384ABF1AE2C7EC17DEBC83C43
Requests: 15 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Frame ID: 6F1C886AD4830C155046F47AD865BEAF
Requests: 7 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Frame ID: EFF27575CB2C35D5FEDE48EFB04BAA51
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 56058B5D420449DF24C07E18792C4FB1
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: E6061176E02C2922F13EC2669B5A45BD
Requests: 17 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 6F8888866239A5098C5B18219AD1106D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 896DDB26DFE44F0B14F7668BCD7FFCBE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B7A3329CB791A850C73A679ACEBFD257
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 87BC202E6C643FAEB93082F383B02E9D
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A0DCDC578E5C7B0C5DE39E6D89B22711
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3066078911455436000V10&type=rkt&refUrl=&vid=36062912723066078911455436000V10&ovsid=969751683052615373
Frame ID: BC64ABCA95A22FA423032D63DE5D974F
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3066078911455499000V10&type=rkt&refUrl=&vid=36062913773066078911455499000V10&ovsid=2810035081676627127
Frame ID: 02898F5E7C7E4E3DBF8A2E8B0ED29415
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Uber Hack’s Devastation Is Just Starting to Reveal Itself | WIREDMenuStory SavedCloseStory SavedCloseSearchFacebookTwitterEmailSave StoryFacebookTwitterEmailSave StoryTwitterFacebookTwitterPinterestYouTubeInstagramTiktok

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

462
Requests

76 %
HTTPS

31 %
IPv6

119
Domains

197
Subdomains

129
IPs

5
Countries

6807 kB
Transfer

19581 kB
Size

231
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 112
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035094&ns__t=1663606287884&ns_c=UTF-8&c8=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED&c7=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1663606287884&ns_c=UTF-8&c8=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED&c7=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&c9=
Request Chain 113
  • https://idsync.rlcdn.com/709387.gif?partner_uid=0a128167-d05b-4a5a-ae1f-67013865e3d9&gtmcb=98607530 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIumKxIwCiwIARCFvQkaJDBhMTI4MTY3LWQwNWItNGE1YS1hZTFmLTY3MDEzODY1ZTNkORAAGg0IkLyimQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=bd687ef6ff8a33dcb0d16af3d9986266fb0de504d7b4f092a859437dd7489b0c791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiZDY4N2VmNmZmOGEzM2RjYjBkMTZhZjNkOTk4NjI2NmZiMGRlNTA0ZDdiNGYwOTJhODU5NDM3ZGQ3NDg5YjBjNzkxNDI2YjU0MTdkY2UyMRAAGgwIkbyimQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiZDY4N2VmNmZmOGEzM2RjYjBkMTZhZjNkOTk4NjI2NmZiMGRlNTA0ZDdiNGYwOTJhODU5NDM3ZGQ3NDg5YjBjNzkxNDI2YjU0MTdkY2UyMRAAGgwIkbyimQYSBAgCEABCAEoA&google_gid=CAESEKfY99MGfXJbj3kSdGVsB2Y&google_cver=1 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=dc2faee4-9cca-4430-a93f-31a388e3d354
Request Chain 114
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=undefined HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_device_id=undefined
Request Chain 115
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=648&partner_device_id=0a128167-d05b-4a5a-ae1f-67013865e3d9 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=648&partner_device_id=0a128167-d05b-4a5a-ae1f-67013865e3d9 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=938f0985-f7db-410e-b217-c1c96e40dc47%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=938f0985-f7db-410e-b217-c1c96e40dc47%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0865b44e-ac90-4c50-9150-a860aeafacdf&ttd_puid=938f0985-f7db-410e-b217-c1c96e40dc47%2C
Request Chain 131
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Request Chain 142
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1663606288229&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204 HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1663606288229&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D434737%26time%3D1663606288229%26url%3Dhttps%253A%252F%252Fwww.wired.com%252Fstory%252Fuber-hack-mfa-phishing%252F%253Fhss_channel%253Dtw-1685619204%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1663606288229&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1663606288229&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&cookiesTest=true&liSync=true&e_ipv6=AQKb_Jr9WsgKUgAAAYNWqXMlmjGlFu2bNZn53HoeHbFUvWdghAZVaB6wGgrcm1xVKuwabOWAIw HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d376e468-6f52-43ba-8aff-569ccff843c5 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d376e468-6f52-43ba-8aff-569ccff843c5&_expected_cookie=bc6895072be6da1c8e1e7ea8db2d6bb9
Request Chain 150
  • https://cm.everesttech.net/cm/dd?d_uuid=22725597434185837671267853816245447519 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YyieEAAAAEXCvwNw
Request Chain 157
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 166
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001663606289-CCL9X331-CFI9&adnxs_id=$UID&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001663606289-CCL9X331-CFI9%26adnxs_id%3D%24UID%26gdpr%3D0 HTTP 302
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001663606289-CCL9X331-CFI9&adnxs_id=1122792427392432315&gdpr=0
Request Chain 167
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001663606289-CCL9X331-CFI9&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=0865b44e-ac90-4c50-9150-a860aeafacdf&id=AU1D-0100-001663606289-CCL9X331-CFI9
Request Chain 168
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001663606289-CCL9X331-CFI9 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001663606289-CCL9X331-CFI9 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=3F82CC2E-5652-4C90-8D87-EF1F7E368CE5&id=AU1D-0100-001663606289-CCL9X331-CFI9
Request Chain 169
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001663606289-CCL9X331-CFI9 HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001663606289-CCL9X331-CFI9&google_gid=CAESEMHASjf-ch9zpH_JVjxfJCA&google_cver=1&google_ula=450542624,0
Request Chain 170
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001663606289-CCL9X331-CFI9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2MzYwNjI4OS1DQ0w5WDMzMS1DRkk5
Request Chain 171
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001663606289-CCL9X331-CFI9%26auid%3DAU1D-0100-001663606289-CCL9X331-CFI9 HTTP 302
  • https://ids.ad.gt/api/v1/openx?openx_id=acb95575-c1ff-4a4b-b729-b89a26702619&id=AU1D-0100-001663606289-CCL9X331-CFI9&auid=AU1D-0100-001663606289-CCL9X331-CFI9
Request Chain 172
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001663606289-CCL9X331-CFI9&gdpr=0 HTTP 302
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001663606289-CCL9X331-CFI9&rub=L8908AYG-I-95TU&gdpr=0
Request Chain 173
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001663606289-CCL9X331-CFI9&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001663606289-CCL9X331-CFI9 HTTP 302
  • https://ids.ad.gt/api/v1/adb_match?adb=22725597434185837671267853816245447519&id=AU1D-0100-001663606289-CCL9X331-CFI9
Request Chain 174
  • https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3DAU1D-0100-001663606289-CCL9X331-CFI9 HTTP 302
  • https://ids.ad.gt/api/v1/mediamath_match?user_id=bb286328-9e11-4a00-80eb-6728c1b98f08&id=AU1D-0100-001663606289-CCL9X331-CFI9
Request Chain 221
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Request Chain 223
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint HTTP 302
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Request Chain 224
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1yOWE4aHVwRTJ1TEsxdWRQSlVHeUpRQklER0wzY3RjUX5B
Request Chain 226
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=27208953193559021&gdpr=0&gdpr_consent=
Request Chain 227
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=1122792427392432315&ex=appnexus.com
Request Chain 228
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3034631852098996955838
Request Chain 239
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=22725597434185837671267853816245447519 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=214710604279353554177
Request Chain 253
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=22725597434185837671267853816245447519&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d22725597434185837671267853816245447519 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=bb286328-9e11-4a00-80eb-6728c1b98f08&ddsuuid=22725597434185837671267853816245447519
Request Chain 273
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YyieEAAAAEXCvwNw
Request Chain 275
  • https://match.adsrvr.org/track/cmf/openx?oxid=85f94c10-4873-75b7-e4d2-acca310fe91d&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=0865b44e-ac90-4c50-9150-a860aeafacdf&ttd_puid=85f94c10-4873-75b7-e4d2-acca310fe91d&gdpr=0&gdpr_consent=
Request Chain 277
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEBruWuxryxewAFHdUHjdBo&google_cver=1
Request Chain 279
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=OFhkbkFqMC1heFNZSlNsTmQwbllWUQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEK_y1L8jFfh9vV1HAQ9I_aM&google_cver=1
Request Chain 280
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=4596cef52eed1495&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAF3tJa18e3-QNrh_d-AAAAAAA&expiration=1663692690&nuid=&is_secure=true
Request Chain 286
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=22725597434185837671267853816245447519 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=22725597434185837671267853816245447519&xl8blockcheck=1 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 287
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0865b44e-ac90-4c50-9150-a860aeafacdf&expiration=1666198290&gdpr=0&gdpr_consent=
Request Chain 288
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyieESwGjzJsCt6sceB0bwAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMUE5iKzdV1ZHce6NVq3jjo&google_cver=1
Request Chain 289
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyieESwGjzJsCt6sceB0bwAAALYAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF3rPIl_5tvAaCMq93cjdow&google_cver=1
Request Chain 291
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=4f56f0de-383b-11ed-9f2c-92a72e778839
Request Chain 293
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=278f06cf-0cbc-4692-9853-78a88a2034b3&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 294
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YyieESwGjzJsCt6sceB0bwAAALYAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YyieESwGjzJsCt6sceB0bwAAALYAAAIB
Request Chain 306
  • https://su.addthis.com/red/usync?pid=16&puid=22725597434185837671267853816245447519&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D420%26dpuuid%3D%7B%7Buid%7D%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=420&dpuuid=63289e1257152649
Request Chain 309
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=L8908AYG-I-95TU HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=L8908AYG-I-95TU&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Request Chain 310
  • https://idsync.rlcdn.com/365868.gif?partner_uid=22725597434185837671267853816245447519 HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=ad6a700ee5d543dc8e3bb8a2f1907a5e1fe632ae2f2797e5627c7541fd013fcbb0da87c991749652
Request Chain 315
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8908AYG-I-95TU&us_privacy=1---
Request Chain 316
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oGTBCOHAS9G2N0sVgE1SsQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oGTBCOHAS9G2N0sVgE1SsQ
Request Chain 317
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/7-A585sPuRa-yH7ZkMqmNA?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4516901600016806313
Request Chain 319
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0865b44e-ac90-4c50-9150-a860aeafacdf&gdpr=0&gdpr_consent=&expires=30
Request Chain 320
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5MDhBWUctSS05NVRV&us_privacy=1---
Request Chain 321
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGU1YmQ1ZWNmMjE3NDc5ODgzM2FlMWYxYzJhMDI2YmRmZmIwMjU4Zg&us_privacy=1---
Request Chain 322
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHOAcBcQIlUddYov-_m_fp0&google_cver=1
Request Chain 323
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=1122792427392432315
Request Chain 327
  • https://token.rubiconproject.com/token?pid=6404&puid=22725597434185837671267853816245447519&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=L8908AYG-I-95TU?gdpr=0
Request Chain 328
  • https://x.dlx.addthis.com/e/demdex_sync?na_exid=22725597434185837671267853816245447519&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022091916513000089314471900
Request Chain 329
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=22725597434185837671267853816245447519 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=938f0985-f7db-410e-b217-c1c96e40dc47
Request Chain 333
  • https://sb.scorecardresearch.com/c2/6035094/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 334
  • https://dp2.33across.com/ps/?pid=897&random=1444044294 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=601&dpuuid=117915488844135&random=1663606291
Request Chain 335
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=wired.com&sn=ChromeSyncframe&so=0&topUrl=www.wired.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=HAeDt3xOTTRLRVlrMVJoUzA3RTc4eXB4QlYrVEs5UXFxd1VQdWZzZGVUamxPeDVBVG03ck1zSnJaODBTZmQvNW5RcHorV0lNVnZuTkxQMXUwOWtBWms4MTZxbHdSb3RZR0lRcnBvYVJMUzI1dWNXeExSbnhUanhKNEVTS2hHcTFNR0c2cGF6OUxSbysrVlM1WUZSeXJadjNOU3R6NUdPeWlaN2RsNjdBekNEYVh0OWt3RnNQZ3V6SG85OFZEcm8rdVBtQlQzWmRSTjF2bmhESU9GMENLKzhSQkJSaG00anh6TEh3SmREdDc1R3pJWUVNREx0Njhzdm44ZFMyWEYrTnVQbEQvUTJZWDlXbmcxdUEyM0JVK2oycmJnUT09fA&cppv=2
Request Chain 337
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjI3MjU1OTc0MzQxODU4Mzc2NzEyNjc4NTM4MTYyNDU0NDc1MTk= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEN9gagKdjQzxV7KH6bXImJU&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 353
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=d03f3376-8534-43d7-bbab-2c39089488c5 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEB70x_GU3f8E6sUDEWKSmAw&google_cver=1
Request Chain 354
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1122792427392432315
Request Chain 356
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2620356559099565277&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 359
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=d03f3376-8534-43d7-bbab-2c39089488c5 HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=d03f3376-8534-43d7-bbab-2c39089488c5
Request Chain 360
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1122792427392432315
Request Chain 362
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2620356559099565277&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 364
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=22725597434185837671267853816245447519 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=992&dpuuid=1etogdlz8ff9z
Request Chain 368
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1122792427392432315
Request Chain 369
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAI7kk7GUTwAAA3i4Rwiyw&expiration=1664815891
Request Chain 370
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2620356559099565277
Request Chain 371
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyieESwGjzJsCt6sceB0bwAAALYAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF3rPIl_5tvAaCMq93cjdow&google_cver=1
Request Chain 372
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1122792427392432315
Request Chain 373
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D%28OIQ_UUID%29 HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7168926911353719032&uid=Q7168926911353719032&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7168926911353719032
Request Chain 374
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=N_9HATipRAks_RcMZfVYWmOpRl8s_EYPM_kscshJ
Request Chain 378
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3066078911455436000V10%26type%3Drkt%26refUrl%3D%26vid%3D36062912723066078911455436000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3066078911455436000V10&type=rkt&refUrl=&vid=36062912723066078911455436000V10&ovsid=969751683052615373
Request Chain 379
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455436000V10%26type%3Dcon%26refUrl%3D%26vid%3D36062912723066078911455436000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=37df63fa60ab1073&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455436000V10%26type%3Dcon%26refUrl%3D%26vid%3D36062912723066078911455436000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455436000V10&type=con&refUrl=&vid=36062912723066078911455436000V10&ovsid=AAAFt73pxI5HpQM8g9CIAAAAAAA&expiration=1663692691&is_secure=true
Request Chain 380
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455436000V10%26type%3Dmma%26refUrl%3D%26vid%3D36062912723066078911455436000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455436000V10&type=mma&refUrl=&vid=36062912723066078911455436000V10&ovsid=bb286328-9e11-4a00-80eb-6728c1b98f08
Request Chain 381
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA2NjA3ODkxMTQ1NTQzNjAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESELeT_-vcVQExKls12TauVek&google_cver=1
Request Chain 382
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455436000V10%26type%3Ddxu%26refUrl%3D%26vid%3D36062912723066078911455436000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455436000V10%26type%3Ddxu%26refUrl%3D%26vid%3D36062912723066078911455436000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455436000V10&type=dxu&refUrl=&vid=36062912723066078911455436000V10&ovsid=2o5M5bDn1OAjZx5
Request Chain 384
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=66881412-59c1-46bf-a183-3dcf075275a0&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10597532877091957749&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=938f0985-f7db-410e-b217-c1c96e40dc47&ssp=medianet&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10597532877091957749&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214710604279353554177&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10597532877091957749&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=66881412-59c1-46bf-a183-3dcf075275a0&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 385
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455436000V10%26type%3Dzem%26refUrl%3D%26vid%3D36062912723066078911455436000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=H6HHuLapgJgfqtClbFj6&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGZEEQ5KMMFYGOSTHMZYXIQ3MMJDGUNRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTMMBWGI4TCMRXGIZTANRWGA3TQOJRGE2DKNJUGM3DAMBQKYYTAJTWONUWIPJTGA3DMMBXHA4TCMJUGU2TIMZWGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGZEEQ5KMMFYGOSTHMZYXIQ3MMJDGUNRGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTMMBWGI4TCMRXGIZTANRWGA3TQOJRGE2DKNJUGM3DAMBQKYYTAJTWONUWIPJTGA3DMMBXHA4TCMJUGU2TIMZWGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=H6HHuLapgJgfqtClbFj6&refUrl=&type=zem&vid=36062912723066078911455436000V10&vsid=3066078911455436000V10
Request Chain 387
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3066078911455436000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3066078911455436000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=788018e2-8fbf-4829-8731-4792b1d409ce&cs=1
Request Chain 389
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0865b44e-ac90-4c50-9150-a860aeafacdf
Request Chain 390
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E HTTP 302
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066078911455499000V10
Request Chain 392
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bb286328-9e11-4a00-80eb-6728c1b98f08
Request Chain 393
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YyieEAAAAEXCvwNw
Request Chain 394
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=7d0c186ea38c1073&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF2BJQn8YaewMuwcC9AAAAAAA&expiration=1663692691&is_secure=true
Request Chain 395
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=fa0859e3-f2e5-42f6-b4da-0fe20f41681b-63289e13-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dfa0859e3-f2e5-42f6-b4da-0fe20f41681b-63289e13-4341%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Dfa0859e3-f2e5-42f6-b4da-0fe20f41681b-63289e13-4341%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=fa0859e3-f2e5-42f6-b4da-0fe20f41681b-63289e13-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Dfa0859e3-f2e5-42f6-b4da-0fe20f41681b-63289e13-4341%26partner_url%3Dhttps%253A%252F%252Fr.casalemedia.com%252Frum%253Fcm_dsp_id%253D64%2526external_user_id%253Dfa0859e3-f2e5-42f6-b4da-0fe20f41681b-63289e13-4341%2526gdpr%253D0%2526gdpr_consent%253D&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=fa0859e3-f2e5-42f6-b4da-0fe20f41681b-63289e13-4341&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26external_user_id%3Dfa0859e3-f2e5-42f6-b4da-0fe20f41681b-63289e13-4341%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=fa0859e3-f2e5-42f6-b4da-0fe20f41681b-63289e13-4341&gdpr=0&gdpr_consent=
Request Chain 397
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1679244691&external_user_id=5fee9ac0-f3ba-4a9a-9f55-e58d11b469bf
Request Chain 398
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YyieESwGjzJsCt6sceB0bwAA%26182 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=83367556-08b6-4889-8b31-6b69992765c1-tucta222393
Request Chain 399
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D%28OIQ_UUID%29 HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7168926911227477863&uid=Q7168926911227477863&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7168926911227477863
Request Chain 403
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3066078911455499000V10%26type%3Drkt%26refUrl%3D%26vid%3D36062913773066078911455499000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3066078911455499000V10&type=rkt&refUrl=&vid=36062913773066078911455499000V10&ovsid=2810035081676627127
Request Chain 408
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0865b44e-ac90-4c50-9150-a860aeafacdf
Request Chain 409
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E HTTP 302
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066078911455499000V10
Request Chain 410
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455499000V10%26type%3Dcon%26refUrl%3D%26vid%3D36062913773066078911455499000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=4c048a03f411086&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455499000V10%26type%3Dcon%26refUrl%3D%26vid%3D36062913773066078911455499000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455499000V10&type=con&refUrl=&vid=36062913773066078911455499000V10&ovsid=AAAF3tJa18e4OgNdURycAAAAAAA&expiration=1663692691&is_secure=true
Request Chain 411
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455499000V10%26type%3Dmma%26refUrl%3D%26vid%3D36062913773066078911455499000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455499000V10&type=mma&refUrl=&vid=36062913773066078911455499000V10&ovsid=bb286328-9e11-4a00-80eb-6728c1b98f08
Request Chain 412
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA2NjA3ODkxMTQ1NTQ5OTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESELeT_-vcVQExKls12TauVek&google_cver=1
Request Chain 413
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455499000V10%26type%3Ddxu%26refUrl%3D%26vid%3D36062913773066078911455499000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455499000V10&type=dxu&refUrl=&vid=36062913773066078911455499000V10&ovsid=2o5M5bDn1OAjZx5
Request Chain 414
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455499000V10%26type%3Dzem%26refUrl%3D%26vid%3D36062913773066078911455499000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=7fZh_lu2uftkXTZw_Gp5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJXMZNGQX3MOUZHKZTUNNMFIWTXL5DXANJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTMMBWGI4TCMZXG4ZTANRWGA3TQOJRGE2DKNJUHE4TAMBQKYYTAJTWONUWIPJTGA3DMMBXHA4TCMJUGU2TIOJZGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJXMZNGQX3MOUZHKZTUNNMFIWTXL5DXANJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUZTMMBWGI4TCMZXG4ZTANRWGA3TQOJRGE2DKNJUHE4TAMBQKYYTAJTWONUWIPJTGA3DMMBXHA4TCMJUGU2TIOJZGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=7fZh_lu2uftkXTZw_Gp5&refUrl=&type=zem&vid=36062913773066078911455499000V10&vsid=3066078911455499000V10
Request Chain 415
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3066078911455499000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3066078911455499000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=788018e2-8fbf-4829-8731-4792b1d409ce&cs=1
Request Chain 420
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=bikQZmF_E251K0BrPCMPPTp_ETh1KhFoai8Hm6_P
Request Chain 427
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233 HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?tc=980593675&t=i&p=2233 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2027900517539
Request Chain 428
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=22725597434185837671267853816245447519 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=-2555933347110631904
Request Chain 429
  • https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID) HTTP 302
  • https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7168926911227477863
Request Chain 430
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=22725597434185837671267853816245447519&rn=1663606288192&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D22725597434185837671267853816245447519 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=22725597434185837671267853816245447519
Request Chain 432
  • https://abp.mxptint.net/sn.ashx HTTP 302
  • https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_F6767223_7FD9C7DD&redir=https://abp.mxptint.net/sn.ashx?ak=1
Request Chain 433
  • https://aorta.clickagy.com/pixel.gif?ch=124&cm=22725597434185837671267853816245447519&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:29289150156ddd0f20cad19a6bd3acfc
Request Chain 434
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=22725597434185837671267853816245447519 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=22725597434185837671267853816245447519
Request Chain 435
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=22725597434185837671267853816245447519?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=d8e39c0c78840b30837b9ac0b6697373
Request Chain 439
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXlpZUVBQUFBRVhDdndOdw==
Request Chain 441
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YyieEAAAAEXCvwNw&expires=90
Request Chain 444
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YyieEAAAAEXCvwNw
Request Chain 447
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YyieEAAAAEXCvwNw
Request Chain 448
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YyieEAAAAEXCvwNw
Request Chain 449
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YyieEAAAAEXCvwNw
Request Chain 450
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YyieEAAAAEXCvwNw&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YyieEAAAAEXCvwNw&img=1&__user_check__=1&sync_id=511e96df-383b-11ed-bb08-19b3047f0403
Request Chain 451
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YyieEAAAAEXCvwNw&t=2592000&o=0
Request Chain 453
  • https://pixel.onaudience.com/?partner=130&mapped=22725597434185837671267853816245447519&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m HTTP 302
  • https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
Request Chain 454
  • https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=22725597434185837671267853816245447519 HTTP 302
  • https://ib.mookie1.com/image.sbix?go=244346&pid=268&xid=22725597434185837671267853816245447519 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=285689&dpuuid=22725597434185837671267853816245447519&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D HTTP 302
  • https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=22725597434185837671267853816245447519 HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=22725597434185837671267853816245447519
Request Chain 457
  • https://covers.conde.io/images_covers/cover_wired_600.jpg HTTP 302
  • https://media.wired.com/photos/632486938990652479ff3876/master/w_600,c_limit/WIRED_3009_500x680.jpg

462 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.wired.com/story/uber-hack-mfa-phishing/ 		862 KB
184 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
926edfb3d6a36c6b9778be83956679ee82cd99779a844c68e2b841f4d22b7b7f
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
none
age
0
apple-news-services-handled
false
apple-news-services-host
www.wired.com
apple-news-services-parsed-url
/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
apple-news-services-request-url
/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
cache-control
no-cache
content-encoding
gzip
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
content-type
text/html; charset=utf-8
date
Mon, 19 Sep 2022 16:51:26 GMT
payment
free
strict-transport-security
max-age=31536000; preload
vary
accept-encoding, cn-experiments, X-UA-Device, Verso, bypass-verso-payment
verso
true
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-esi
on
x-served-by
cache-yul12827-YUL
x-timer
S1663606285.495987,VS0,VE544
x-ua-device
desktop
Uber-Hack-Security-GettyImages-1238322525.jpg
media.wired.com/photos/6324bd9ac4d3ebc9237bc60e/master/w_1600,c_limit/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/6324bd9ac4d3ebc9237bc60e/master/w_1600,c_limit/Uber-Hack-Security-GettyImages-1238322525.jpg
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
905ea556d01332e5b556febce1b8c55cd81d6d984859cf797eaf9137d2c6dd8a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:26 GMT
Connection
keep-alive
Age
242076
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=2025351 idim=2400x1599 ifmt=jpeg ofsz=86170 odim=1600x1066 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-iad-kcgs7200034-IAD, cache-yul12822-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663606286.131171,VS0,VE1
Etag
"Zf3Ga7AtlcSrCX3z4Sv5em7IAOodnSuVb3HfFmwZLao"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
86170
timing-allow-origin
*
X-Cache-Hits
1, 4
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 16:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
7BKk7WQU1Z9EDMZmf1T6Vg==
age
6553
vary
Accept-Encoding
content-length
7151
x-ms-lease-status
unlocked
last-modified
Thu, 15 Sep 2022 18:22:15 GMT
server
cloudflare
etag
0x8DA974737287FBC
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5bd43f01-f01e-006a-3736-c9844d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74d3d3784f597148-YUL
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 16:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ERttG9+iQk1LCPjR495NRw==
age
6540
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fdfee482-401e-011a-4343-28b1dc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
74d3d3784f5c7148-YUL
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a479b211f35206e9f4d8eb83aa63aaa7c76f00f86c30d589631b32c3fc42042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27884
x-xss-protection
0
server
sffe
etag
"1338 / 82 of 1000 / last-modified: 1663585712"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 19 Sep 2022 16:51:26 GMT
moatheader.js
z.moatads.com/condenastprebidheader987326845656/ 		217 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.169.173 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-169-173.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a27d8289678c53095dc81f3d8060612f679daf0f5cceb89b5a42866631f932f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 19:15:04 GMT
server
AmazonS3
x-amz-request-id
AGGTVW0305CH0G86
etag
"a1d19a14ae8fef31099c7c24d069e027"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=57035
accept-ranges
bytes
content-length
78248
x-amz-id-2
lVEX4dEluvM2WqxPsQD/mdjRYRnXGHw3+dpT8ctLE5xlrCuEPYAacHHvoIGhb5cv9mRpwKPJtIM=
apstag.js
c.amazon-adsystem.com/aax2/ 		167 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 19 Sep 2022 16:40:14 GMT
via
1.1 3dcb635971b5d310e8941cdb963aff70.cloudfront.net (CloudFront), 1.1 0e456968e63d1e7575028bb48aa8e96a.cloudfront.net (CloudFront)
last-modified
Thu, 15 Sep 2022 20:15:32 GMT
server
AmazonS3
age
673
etag
W/"0b4d277527066dd35dd7c0288cb596b4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
IAD89-C3, PHL50-C1
content-encoding
gzip
x-amz-cf-id
LZ3ZdRQnBFSSSTIhlrEWpC2mgabVjQ-D1MTA-dq6cyv3S0VBSRVhEQ==
prebid.min.js
www.wired.com/hotzones/esi/wired/ 		273 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/hotzones/esi/wired/prebid.min.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f9f4ab30d5ad26fb21fac14245a63c41deb74cbcd51d6b9000acd6437c1ab5f9
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
via
1.1 varnish
vary
accept-encoding, cn-experiments, Verso, bypass-verso-payment
age
35169
x-cache
HIT
hz-zone
1
content-encoding
gzip
content-length
88184
x-served-by
cache-yul12827-YUL
strict-transport-security
max-age=31536000; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
apple-news-services-host
www.wired.com
x-cache-hits
113
183973-93942139695505.js
js-sec.indexww.com/ht/p/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.112.10.99 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-10-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Sep 2022 16:35:17 GMT
Server
Apache
ETag
"904c7a-ada8-5e90a4bfccffd"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2877
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
14812
Expires
Mon, 19 Sep 2022 17:39:23 GMT
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0da425eaadbec3853cae0b85493ea7ad6934972097b4f59d2a05dbb130585444
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20361
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
date
Mon, 19 Sep 2022 16:51:26 GMT
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
etag
"40c22a9ccbd70870"
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 19 Sep 2022 16:51:26 GMT
swg.js
news.google.com/swg/js/v1/ 		147 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab7227f2ae21f2daf452863dfa171d2f5c902bf6f12deecd773ef6cb6e06d710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:06:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2670
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46294
x-xss-protection
0
last-modified
Wed, 14 Sep 2022 20:41:49 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 16:56:56 GMT
logo-header.a7598835a549cb7d5ce024ef0710935927a034f9.svg
www.wired.com/verso/static/wired/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wired.com/verso/static/wired/assets/logo-header.a7598835a549cb7d5ce024ef0710935927a034f9.svg
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d097e69ff47df9414a0ec07dfc70401084f4599617045a3a3edc7661ff76f3f
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
via
1.1 varnish
age
4664164
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/wired/assets/logo-header.a7598835a549cb7d5ce024ef0710935927a034f9.svg
last-modified
Wed, 27 Jul 2022 16:35:32 GMT
verso
true
content-length
1266
x-amz-id-2
j2kVuyzYbpMghON/nPLnVg/anbupECeRyjBnr4H7RK87zuwb9QwL+1tC7En1i/XW03LwbAHedpE=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606286.098567,VS0,VE1
apple-news-services-request-url
/verso/static/wired/assets/logo-header.a7598835a549cb7d5ce024ef0710935927a034f9.svg
etag
"ce65105f89c50c0f92e35be389684c24"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
PWSTMJNCG3AM274C
access-control-allow-origin
*
expires
Thu, 27 Jul 2023 17:15:21 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
image/svg+xml
apple-news-services-host
www.wired.com
x-cache-hits
282
Lily%20Hay%20Newman%20copy.jpg
media.wired.com/photos/5acba3f40810d969021d9ed3/1:1/w_240,c_limit/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/5acba3f40810d969021d9ed3/1:1/w_240,c_limit/Lily%20Hay%20Newman%20copy.jpg
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1a2805cb40491a1e86d6f29f756e5e46eb48773f7ad1c1e6527c605f9ec7d235

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:26 GMT
Connection
keep-alive
Age
242077
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=564816 idim=2200x2328 ifmt=jpeg ofsz=3202 odim=240x240 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-iad-kjyo7100155-IAD, cache-yul12834-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663606286.130829,VS0,VE2
Etag
"UnsJcHEgc9lZj+uCZIsKyFISCIwzOzH1Ux8V4d53TLY"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
3202
timing-allow-origin
*
X-Cache-Hits
1, 1
logo-reverse.548f3a7478ee71f618044082aa222dd05f31249c.svg
www.wired.com/verso/static/wired/assets/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.wired.com/verso/static/wired/assets/logo-reverse.548f3a7478ee71f618044082aa222dd05f31249c.svg
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
af29cacfb5125f85da0f1557bb56456abcc1556dbd3094bb56e569890348c984
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
via
1.1 varnish
age
4664165
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/wired/assets/logo-reverse.548f3a7478ee71f618044082aa222dd05f31249c.svg
last-modified
Wed, 27 Jul 2022 16:35:32 GMT
verso
true
content-length
1436
x-amz-id-2
kaEl2yrZFrJqcI4ZUP4k3zb1O3ueVEdzwfwpb+o98s37lBTL5lebpmevdw/wuQ7bSvaVV76kCxI=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606286.098575,VS0,VE1
apple-news-services-request-url
/verso/static/wired/assets/logo-reverse.548f3a7478ee71f618044082aa222dd05f31249c.svg
etag
"2cba2fa9380ed2b50927ed9d520aaa3c"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
PWSJP8EYCY7XKASE
access-control-allow-origin
*
expires
Thu, 27 Jul 2023 17:15:21 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
image/svg+xml
apple-news-services-host
www.wired.com
x-cache-hits
302
BreveText-Book.woff
www.wired.com/verso/static/assets/fonts/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/BreveText-Book.woff
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b9daef61d4b711f1d28c3eef6bd8d522b8df518e833767512ad79502cc605dbd
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
via
1.1 varnish
age
1156374
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/BreveText-Book.woff
last-modified
Tue, 06 Sep 2022 07:37:35 GMT
verso
true
content-length
35492
x-amz-id-2
ltvjNdVtFTykTNNS2TA/76SGhhkbfspmJHtzysq9/j8UwMBGcEigte8GUncJnyhQKZZmi6b3jx0=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606286.099991,VS0,VE0
apple-news-services-request-url
/verso/static/assets/fonts/BreveText-Book.woff
etag
"97629378bc029d817ccbb382c7245bd6"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
R8N6KX8F8S5XKHR5
access-control-allow-origin
*
expires
Wed, 06 Sep 2023 07:38:31 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff
apple-news-services-host
www.wired.com
x-cache-hits
202
WiredMono-Bold.woff
www.wired.com/verso/static/assets/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/WiredMono-Bold.woff
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26ed5f6aa822d65b6ea7df8d13f1a217d7a933376a824b7ef52af0e6f64f1a44
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
via
1.1 varnish
age
4664163
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/WiredMono-Bold.woff
last-modified
Wed, 27 Jul 2022 16:34:50 GMT
verso
true
content-length
21196
x-amz-id-2
2jQGIdbCPBvtka5oAke8S/3io9UZOQwPw3UfEsJulf6bwCMWO/xS9oS/1mEhlapaGP1Y8dfrfU0=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606286.102205,VS0,VE1
apple-news-services-request-url
/verso/static/assets/fonts/WiredMono-Bold.woff
etag
"9bae9bc16cf9e407e25b7c9c4ae30e1f"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
J9FT19WC5X48N3K9
access-control-allow-origin
*
expires
Thu, 27 Jul 2023 17:15:22 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff
apple-news-services-host
www.wired.com
x-cache-hits
202
Apercu-Bold-Pro.woff2
www.wired.com/verso/static/assets/fonts/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/Apercu-Bold-Pro.woff2
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
47a6d427b9f549f52ec7103a6ad5ce45c0f69e29b740eb88be8dfa053db21441
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
via
1.1 varnish
age
4159785
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/Apercu-Bold-Pro.woff2
last-modified
Tue, 02 Aug 2022 13:07:52 GMT
verso
true
content-length
46660
x-amz-id-2
W/qu8seH9H+zDkQcvimF8gszVPHyhzR8CR+pZKZr1dYpydT3rKcSxKbvs94DPBXAZqkS0wgZI/8=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606286.102192,VS0,VE0
apple-news-services-request-url
/verso/static/assets/fonts/Apercu-Bold-Pro.woff2
etag
"ea96e87226e7edc6d46a59d76e2055f5"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
N5RV2HENSK6DQ4MF
access-control-allow-origin
*
expires
Wed, 02 Aug 2023 13:21:40 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff2
apple-news-services-host
www.wired.com
x-cache-hits
194
WiredMono-Regular.woff2
www.wired.com/verso/static/assets/fonts/ 		18 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/WiredMono-Regular.woff2
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c8c9128b649afff93f89f77eb2aa5a4bbbb1443bebc5156d0f697780c8beaa26
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
via
1.1 varnish
age
4664164
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/WiredMono-Regular.woff2
last-modified
Wed, 27 Jul 2022 16:34:50 GMT
verso
true
content-length
18912
x-amz-id-2
2yzk0ViMQe5hMtj9pQq8tQbNnwht/T1rZKG8wbZjlqoZSHmAbUQ8PujaPcCCd1u/NxGnuLhruuo=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606286.102181,VS0,VE0
apple-news-services-request-url
/verso/static/assets/fonts/WiredMono-Regular.woff2
etag
"e755d282ae1120887b3b1d207bb930ce"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
J9FRRTV8N1XPJH49
access-control-allow-origin
*
expires
Thu, 27 Jul 2023 17:15:22 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff2
apple-news-services-host
www.wired.com
x-cache-hits
204
ProximaNova-Regular.woff
www.wired.com/verso/static/assets/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/ProximaNova-Regular.woff
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9e0843dbf1dc0d65a75182a82b945a9373557932e61934c27679c357f20c33a9
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
via
1.1 varnish
age
4664165
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/ProximaNova-Regular.woff
last-modified
Wed, 27 Jul 2022 16:34:46 GMT
verso
true
content-length
27408
x-amz-id-2
vK94WrNrlvehyqCQKzKsXzi3ilvvMTiWyxNcuPbi93PmlrKF1957xvRh9yRQsu/kOSGFyOKt/dc=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606286.161812,VS0,VE1
apple-news-services-request-url
/verso/static/assets/fonts/ProximaNova-Regular.woff
etag
"57acd3677d276ad405bb6838d2b120d5"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
J9FMJ99WCDAJN8XT
access-control-allow-origin
*
expires
Thu, 27 Jul 2023 17:15:22 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff
apple-news-services-host
www.wired.com
x-cache-hits
156
ProximaNova-Bold.woff2
www.wired.com/verso/static/assets/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/ProximaNova-Bold.woff2
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6a4dac260dffc284594d633859fb508b2fcfade38b61c8af9cd55eb23adf9e89
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
via
1.1 varnish
age
1156837
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/ProximaNova-Bold.woff2
last-modified
Tue, 06 Sep 2022 07:28:04 GMT
verso
true
content-length
22500
x-amz-id-2
hgxLIkXWpUJ+kTtIU4P1h2I2x0qBgYBMwnRHdBp9vk79EU7LGgBAE1QeLGlxe2Ux+4mVW1P7ZRU=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606286.162290,VS0,VE0
apple-news-services-request-url
/verso/static/assets/fonts/ProximaNova-Bold.woff2
etag
"2ee806e52a1e28138bd67a5113c99949"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
DH0T36T20PPT8C81
access-control-allow-origin
*
expires
Wed, 06 Sep 2023 07:30:48 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff2
apple-news-services-host
www.wired.com
x-cache-hits
203
BreveText-BookItalic.woff
www.wired.com/verso/static/assets/fonts/ 		35 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/BreveText-BookItalic.woff
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c34a9420de5b381d4f2459193c70e4d84d5aaa0928a67907a57e2a9e9d3a8852
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
via
1.1 varnish
age
4664164
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/BreveText-BookItalic.woff
last-modified
Wed, 27 Jul 2022 16:34:37 GMT
verso
true
content-length
35744
x-amz-id-2
nRWUMTr4NsxEz+vzS3IawebJ7M73RoD5AKpjSzo4c8/gvOZadsnEOBAFXD5Ic9FOLa2H/JQDC4Y=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606286.162267,VS0,VE1
apple-news-services-request-url
/verso/static/assets/fonts/BreveText-BookItalic.woff
etag
"f8b4eded3c32119b3384de37a8c158a6"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
J9FHWHNW8VP1YPNT
access-control-allow-origin
*
expires
Thu, 27 Jul 2023 17:15:22 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff
apple-news-services-host
www.wired.com
x-cache-hits
101
polyfill.min.js
polyfill.io/v3/ 		72 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?version=3.103.0&features=Object.assign%2CIntersectionObserver%2CPromise%2Cfetch%2CIntl.Locale%2CIntl.getCanonicalLocales%2CIntl.ListFormat%2CIntl.ListFormat.%7Elocale.en-GB%2CIntl.ListFormat.%7Elocale.en-US%2CIntl.ListFormat.%7Elocale.en-IN%2CIntl.ListFormat.%7Elocale.fr%2CIntl.ListFormat.%7Elocale.es
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
content-encoding
br
last-modified
Wed, 14 Sep 2022 15:11:15 GMT
age
0
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser
chrome/105.0.0
server-timing
cache-yul12830, PASS, fastly;desc="Edge time";dur=15
accept-ranges
bytes
content-length
74
chunk.vendors~presenter-account-bookmarks~presenter-account-linking~presenter-account-sign-in-help~present~4ef59780.99def57522c2fd1f557f.js
www.wired.com/verso/static/ 		2 MB
499 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/chunk.vendors~presenter-account-bookmarks~presenter-account-linking~presenter-account-sign-in-help~present~4ef59780.99def57522c2fd1f557f.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cce9d31edf1c7ac059b6f913d03411925ce3d17d21a36e4e97e4dfb19b54b3ce
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
content-encoding
gzip
age
21101
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/chunk.vendors~presenter-account-bookmarks~presenter-account-linking~presenter-account-sign-in-help~present~4ef59780.99def57522c2fd1f557f.js
last-modified
Mon, 19 Sep 2022 10:45:18 GMT
verso
true
content-length
510273
x-amz-id-2
kIYTkbUeBH3t+6xU1SDL83YiOp//u6a/LMWMUUnX/VX25rXH+fAhgK1Tp5ajizsWj2xICB4j2IM=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606286.220748,VS0,VE2
apple-news-services-request-url
/verso/static/chunk.vendors~presenter-account-bookmarks~presenter-account-linking~presenter-account-sign-in-help~present~4ef59780.99def57522c2fd1f557f.js
etag
W/"fe4af04adf50a874c0ac9dd0a33193cb"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
P73S2V03E37P3CN2
via
1.1 varnish
expires
Tue, 19 Sep 2023 10:59:45 GMT
cache-control
max-age=86400
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/javascript
apple-news-services-host
www.wired.com
x-cache-hits
1
chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
www.wired.com/verso/static/ 		2 MB
472 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b01d4ba963be16f491485ac46d5aa89bf52e45fc64fad558aba54b43ce4ca024
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
content-encoding
gzip
age
10116
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
last-modified
Mon, 19 Sep 2022 13:50:50 GMT
verso
true
content-length
482287
x-amz-id-2
HmpQKskS9FEVoxT2LsP+MYj8+HMYbgm1y6xJTqnq7VzwXVf3bBgejtHstSOuPaRCwJw7ghE0C/E=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606286.220738,VS0,VE2
apple-news-services-request-url
/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
etag
W/"f0b5a427d0f80e941b5c93781a18d16b"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
91V74DBZMKV5KABF
via
1.1 varnish
expires
Tue, 19 Sep 2023 14:02:50 GMT
cache-control
max-age=86400
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/javascript
apple-news-services-host
www.wired.com
x-cache-hits
1
presenter-articles.207b6de91f611b0aaad4.js
www.wired.com/verso/static/ 		264 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/presenter-articles.207b6de91f611b0aaad4.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7419908540048c23afc58230effbbd6231be763ee633bf747ff7d30be3785d17
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
content-encoding
gzip
age
21101
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/presenter-articles.207b6de91f611b0aaad4.js
last-modified
Mon, 19 Sep 2022 10:57:26 GMT
verso
true
content-length
81557
x-amz-id-2
T0R4GxRQ59Ft+dhBGSyYatumoO0rvM8rZnUXh+f43J44eJUmgSkMcIJl/5MXFCQ61OEFgLwDmSI=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606286.220737,VS0,VE1
apple-news-services-request-url
/verso/static/presenter-articles.207b6de91f611b0aaad4.js
etag
W/"5c608b93209255f187cba0f5582ca2d3"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
P73WMMT9ETK92Q0G
via
1.1 varnish
expires
Tue, 19 Sep 2023 10:59:45 GMT
cache-control
max-age=86400
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/javascript
apple-news-services-host
www.wired.com
x-cache-hits
87
condenast-amp
segment-data.zqtk.net/ 		330 B
545 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://segment-data.zqtk.net/condenast-amp?url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.43.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-43-37.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fc2db2df2b87542f660243d567303059843e8ac6f8a680daec5984a0d7ba0998

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:26 GMT
Content-Encoding
gzip
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://www.wired.com
Cache-Control
max-age=82895
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
Tue, 20 Sep 2022 15:53:02 GMT
ads.js
www.wired.com/hotzones/src/ 		0
83 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/hotzones/src/ads.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
via
1.1 varnish
age
37211
x-served-by
cache-yul12827-YUL
vary
cn-experiments, Verso, bypass-verso-payment
x-cache
HIT
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
hz-zone
1
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
strict-transport-security
max-age=31536000; preload
accept-ranges
bytes
apple-news-services-host
www.wired.com
content-length
0
x-cache-hits
136
pixelpropagate.js
www.wired.com/hotzones/src/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/hotzones/src/pixelpropagate.js?cb=10244
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4de3f44f9af02f0a9ac1366998ed8d04b85caee3bccd4552c04edd8dcd926bee
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
via
1.1 varnish
vary
accept-encoding, cn-experiments, Verso, bypass-verso-payment
age
72009
x-cache
HIT
hz-zone
1
content-encoding
gzip
content-length
1188
x-served-by
cache-yul12827-YUL
strict-transport-security
max-age=31536000; preload
content-type
application/javascript; charset=utf-8
cache-control
max-age=86400
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
apple-news-services-host
www.wired.com
x-cache-hits
225
user-context
www.wired.com/ 		465 B
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/user-context?referrer=&verso=true&location=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6b0f24d267fac3bd4905048bf2e384650a040a010094475a2ff2b090ed8bf883
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
via
1.1 varnish
x-content-type-options
nosniff
x-cache
MISS
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
content-encoding
gzip
vary
origin, Accept-Encoding
x-xss-protection
1; mode=block
x-served-by
cache-yul12827-YUL
expires
0
server
nginx/1.15.8
x-frame-options
DENY
x-download-options
noopen
strict-transport-security
max-age=31536000; preload
content-type
application/javascript; charset=utf-8
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
none
timing-allow-origin
*
apple-news-services-host
user-context.condenastdigital.com
x-cache-hits
0
build-81a8a2d4b6012a28cee66c2306ead313.js
journey.wired.com/ 		270 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://journey.wired.com/build-81a8a2d4b6012a28cee66c2306ead313.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7259aaf1b41374f0bfc5da7db2520de524612671731ffc96bd6b4ec2e69d7465

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:26 GMT
Content-Encoding
gzip
Age
478594
X-Cache
HIT
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Content-Length
44317
x-amz-id-2
0k3yQj5u4oEBj8ls74QAogvdYZTqIsTRkuPC0bgbMUPzm+23BZE7fZhy2TMgsNapfHEJ/sW5GQw=
X-Served-By
cache-yul12834-YUL
timing-allow-origin
*
Last-Modified
Wed, 14 Sep 2022 03:53:56 GMT
Server
AmazonS3
Cache-Control
public, max-age=31536000
X-Timer
S1663606286.300097,VS0,VE0
ETag
"81a8a2d4b6012a28cee66c2306ead313"
Vary
Accept-Encoding
x-amz-request-id
S6AR8MDCVKKY8M6C
Via
1.1 varnish
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
X-Cache-Hits
149
ProximaNova-RegularItalic.woff
www.wired.com/verso/static/assets/fonts/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/ProximaNova-RegularItalic.woff
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8392b864ce606bf8ec20cf749f148dd7134d770200dd81df9b7adbc33a88978e
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
via
1.1 varnish
age
4664164
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/ProximaNova-RegularItalic.woff
last-modified
Wed, 27 Jul 2022 16:34:46 GMT
verso
true
content-length
27564
x-amz-id-2
KA8a5ZxDRuewxyqPMujB5g6qiwuzLLYId5gLVqxq5OdxZZXYadIhqWMtvy9yG9ZSiwmapNkTX4Y=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606286.268225,VS0,VE1
apple-news-services-request-url
/verso/static/assets/fonts/ProximaNova-RegularItalic.woff
etag
"37e0e76d0baa901390de58544942384d"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
J9FMZXZAJN3BPKFS
access-control-allow-origin
*
expires
Thu, 27 Jul 2023 17:15:22 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff
apple-news-services-host
www.wired.com
x-cache-hits
203
WiredMono-Light.woff
www.wired.com/verso/static/assets/fonts/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/WiredMono-Light.woff
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7ff758ced20d4139eb5f580cfc93d1161ed5e19a4a2d4020728143855d17adeb
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
via
1.1 varnish
age
2972790
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/WiredMono-Light.woff
last-modified
Tue, 16 Aug 2022 07:04:05 GMT
verso
true
content-length
21256
x-amz-id-2
peinfJYozpcZ94fj4iqSp6lwreRQjG6G9wX4aBR2j+9niTlhBsYnGUbORhzTs5v5TwsjDz7PYac=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606286.496100,VS0,VE0
apple-news-services-request-url
/verso/static/assets/fonts/WiredMono-Light.woff
etag
"86ae3ff7d521e7ad53923c387fddc7b8"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
YTR9694X7VZXB9NZ
access-control-allow-origin
*
expires
Wed, 16 Aug 2023 07:04:57 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff
apple-news-services-host
www.wired.com
x-cache-hits
100
93ddfe0c-4b21-4ad5-8191-612d2a67aad3.json
cdn.cookielaw.org/consent/93ddfe0c-4b21-4ad5-8191-612d2a67aad3/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/93ddfe0c-4b21-4ad5-8191-612d2a67aad3/93ddfe0c-4b21-4ad5-8191-612d2a67aad3.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c9b4ae05fb5b2e0a0f6b8ba4f3e2fd3669261fbb1decbbb9d9238feb65878e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 16:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
OMmRMe049FxX2T7UwIPk4g==
age
2119
vary
Accept-Encoding
content-length
1665
x-ms-lease-status
unlocked
last-modified
Wed, 24 Aug 2022 14:59:58 GMT
server
cloudflare
etag
0x8DA85E15030EC7A
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
15697b69-a01e-0132-28ca-b7c663000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74d3d379cfd3ecfa-YUL
expires
Mon, 19 Sep 2022 20:51:26 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		190 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb59848b4e6672fb3b94f7ce6ee8c7f6916c0ea6110c79e1384d9a71e8ebbf1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
cloudflare
cf-ray
74d3d379eb0e4bd6-YUL
date
Mon, 19 Sep 2022 16:51:26 GMT
vary
Accept-Encoding
content-type
text/javascript
v2
mb.moatads.com/yi/ 		416 B
591 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wzyHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-0muc80RvHCbFpA%3D%3D&sc=1&os=1-MQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&pcode=condenastprebidheader987326845656&rx=431404640926&callback=MoatNadoAllJsonpRequest_35266287
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.5.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-5-69.compute-1.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
98d3441c2fe76d760da2adaaff46eb151eaebd9a0fbc898f0cdfe6aff02710f6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"6f06409def61a0447ddc187e983d43a8d94bd73f"
content-length
416
content-type
text/html; charset=UTF-8
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:05:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6457
x-xss-protection
0
last-modified
Wed, 12 Jan 2022 22:09:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 16:55:41 GMT
pubads_impl_2022091301.js
securepubads.g.doubleclick.net/gpt/ 		376 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 05:39:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
299515
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131297
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 08:35:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 16 Sep 2023 05:39:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		355 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.wired.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6d10209938eec5a9fe4ff26d46f0fcd46d5f08c64acdbad2b0d49731f0ed305
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
162
x-xss-protection
0
expires
Mon, 19 Sep 2022 16:51:26 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		802 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3035&u=https%3A%2F%2Fwww.wired.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
Server /
Resource Hash
823e186d74636c4d48883a6badb1fc5399bf9bad10143289d20330cdbf7f4f22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:25 GMT
via
1.1 0e456968e63d1e7575028bb48aa8e96a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
802
x-amz-cf-id
57eVL88YHo1R5EMiZ9L9iTzmfnb6DpjkxeWkucAesFEpaxaOinjyWA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.205.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-205-195.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:40:45 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
25842
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 19 Sep 2022 09:37:07 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
via
1.1 e1d636b234c38932eb25194cb146dbcc.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
PHL50-C1
content-type
application/javascript
x-amz-cf-id
zq4FdXtstqh2FD-j3QwmjGhX8JlffJll_jGCsCB1FkiXT14V-edpMw==
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		181 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d754e05bc2acdfe544b477f31c057921708a43b9868402c1ae574c5c614dc528
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:26 GMT
content-encoding
gzip
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
74d3d37a7cecca47-YUL
access-control-allow-headers
Content-Type
wired.js
player.cnevids.com/interlude/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/interlude/wired.js?verso=true&onReady=CNE_onReady_16636062868810&hasExcludedEmbed=false&embeddedVideos=&rightRail=true&interludeOverrideId=5f2178a1bcdfff5e2a4786ac
Requested by
Host: www.wired.com
URL: https://www.wired.com/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-21.phl50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
619fe63e60464a4fee071a5931bd474b4cafbe619f1d2cb27c241f6bc06897bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Amz-Cf-Pop
PHL50-C1
X-Cache
Miss from cloudfront
Status
200 OK
Connection
keep-alive
Content-Length
10668
X-XSS-Protection
1; mode=block
X-Request-Id
7859a92b-7c50-4ea9-bfc1-172918eaaee4
X-Runtime
0.005645
X-Backend-Node
10.110.121.61
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
ETag
W/"58755b82528ba6fbeb10b00969ce157e"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
Cache-Control
max-age=0, private, must-revalidate
X-Amz-Cf-Id
Zp-52s1Hc671wpKSvofDk6NtVyuc_0OR2JVz9NjUIDp2G9IxVGTRWQ==
gtm.js
www.googletagmanager.com/ 		589 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5HBJC2K&l=dataLayer
Requested by
Host: www.wired.com
URL: https://www.wired.com/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
875297c2f3914e9d9152c3c986e6d62244586ea6c4f41a03c9a621fa9d1759e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158256
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 16:08:04 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Sep 2022 16:51:27 GMT
beacon
infinityid.condenastdigital.com/infinityid/ 		35 B
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://infinityid.condenastdigital.com/infinityid/beacon?id=0a128167-d05b-4a5a-ae1f-67013865e3d9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.85.209.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-85-209-9.compute-1.amazonaws.com
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Server
nginx/1.15.8
vary
origin
Content-Type
image/gif
cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
accept-ranges
bytes
Content-Length
35
expires
0
ats.js
ats.rlcdn.com/ 		109 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-23.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
via
1.1 f2d96237236476e7356cfe5344feb776.cloudfront.net (CloudFront)
etag
"148e21f812b555a13b2a9c6b616141f4"
age
56082
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
58acf9e97c03c481f490be71338f7f57
content-length
112112
last-modified
Tue, 17 May 2022 11:35:33 GMT
server
AmazonS3
date
Mon, 19 Sep 2022 01:16:46 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
cache-control
must-revalidate,public,max-age=86400
x-amz-cf-pop
JFK50-P8
accept-ranges
bytes
content-type
application/x-javascript
x-amz-cf-id
MSEwicqMXlO_oIKuiSXg6NWSTj-0_bZUn2oTLu85q70kqSoaVy9HNA==
undefined
media.wired.com/photos/6324f56136c33c0247a2f098/16:9/w_640,h_450,c_limit/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/6324f56136c33c0247a2f098/16:9/w_640,h_450,c_limit/undefined
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0de94ae1e4dc98c4dfc2e55b93faf202250122afe52b82d724ced0b3e120db9f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Connection
keep-alive
Age
239610
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=485025 idim=2400x1800 ifmt=jpeg ofsz=5138 odim=640x360 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-iad-kcgs7200176-IAD, cache-yul12822-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663606287.361594,VS0,VE3
Etag
"LAWWlYWFARpBBUU6JEUp3ZwteyMAJuXH4MNZRY9kGN8"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
5138
timing-allow-origin
*
X-Cache-Hits
1, 58
undefined
media.wired.com/photos/6324633ceecde8c117e7f401/16:9/w_640,h_450,c_limit/ 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/6324633ceecde8c117e7f401/16:9/w_640,h_450,c_limit/undefined
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3ae474e9227986bfaa6b83411f707e953993c7b8058abcbe0870ad330a98cffb

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Connection
keep-alive
Age
277185
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=3556789 idim=2400x1600 ifmt=jpeg ofsz=53610 odim=640x360 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-fra19164-FRA, cache-yul12834-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663606287.363168,VS0,VE3
Etag
"TbNwfP9VEtkAvMJB8X7PdoCpCx8L8nwLSz3PA9M6XWQ"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
53610
timing-allow-origin
*
X-Cache-Hits
1, 1
undefined
media.wired.com/photos/63250632eecde8c117e7f467/16:9/w_640,h_450,c_limit/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/63250632eecde8c117e7f467/16:9/w_640,h_450,c_limit/undefined
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4cc892362e5eda041f4dc9e7cee0407c2df380d8fe65804b6799d93239a55b22

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Connection
keep-alive
Age
235320
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=579902 idim=2400x1800 ifmt=jpeg ofsz=10150 odim=640x360 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-iad-kjyo7100113-IAD, cache-yul12822-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663606287.378483,VS0,VE1
Etag
"7FY2vg4Tt5gwfvWadWkQ7PemstC6Xtc1KNNupIQ3tcQ"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
10150
timing-allow-origin
*
X-Cache-Hits
1, 61
undefined
media.wired.com/photos/5ed0830175fe02f511141a7a/16:9/w_640,h_450,c_limit/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/5ed0830175fe02f511141a7a/16:9/w_640,h_450,c_limit/undefined
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
73d0b3ad6191c9bd1da09afa330eef03cde53d36063d669c0715194b5648f709

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Connection
keep-alive
Age
554793
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=85505 idim=682x511 ifmt=jpeg ofsz=8756 odim=640x360 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-iad-kiad7000118-IAD, cache-yul12825-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663606287.388199,VS0,VE1
Etag
"WdoWwBPJZbFfhM4eINtaFvab2U6L7/Wr6XebwCv0XeE"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
8756
timing-allow-origin
*
X-Cache-Hits
1, 3
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.35.0/ 		360 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
bDp57sS049dDkRqCL4m53Q==
age
6548
vary
Accept-Encoding
content-length
87115
x-ms-lease-status
unlocked
last-modified
Mon, 06 Jun 2022 06:21:06 GMT
server
cloudflare
etag
0x8DA4784BD4AE529
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
74e8856d-c01e-0004-086f-792d64000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74d3d38018dc7148-YUL
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.wired.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wired.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		612 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1512123897959010&correlator=2483420307513779&hxva=1&scor=4299610263625563&eid=44742767&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&us_privacy=1---&iu_parts=3379%2Cconde.wired%2Cinterstitial%2Csecurity%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&adks=3614482195&sfv=1-0-38&ists=1&fsapi=false&prev_scp=pos%3Dinterstitial%26ctx_slot_type%3Dout_of_page%26ctx_slot_rn%3D0%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Dout_of_page_0%26slot_name%3Dinterstitial_1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%252Cgv_death_injury%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0%26env_device_type%3Ddesktop%26ctx_template%3Dmt_article_two_column%26content_type%3Darticle%26ctx_page_channel%3Dsecurity%26ctx_page_sub_channel%3Dnational-security%26sub_sub_channel%3D%26env_server%3Dproduction%26ctx_cns_version%3D6.62.7%26ctx_page_slug%3Duber-hack-mfa-phishing%26cnt_copilotid%3D632496798990652479ff3877%26cnt_platform%3Dverso%26cnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%26fastly_geo%3Dca%26pageview_id%3D3138407518%26usr_bkt_eva%3D24%26usr_bkt_ses%3D29%26usr_bkt_pv%3D89%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26usr_segments%3Dco.w2238%26cn_metrics%3Dcmr_high%26vnd_prx_segments%3D121100%252C131100%252C131127%252C230004%252C230017%252C230103%252C230133%252C230163%252C230016%252C230160%252C603525%252C300003%252C210001%252C240000%252C240002%252C240003%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240015%252C240018%252C240019%252Cmiovit%252Ceuwba9%252Czlqtg4%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_entities%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_keywords%3Duber%252Chacker%252Cauthentication%252Cattacker%252Cbreach%252Csystem%252Cnotification%252Caccess%252Czatko%252Ccybersecurity%252Cattack%252Chack_devastation%252Cresearcher%252Csecurity_engineer%252Cservice%252Ctwitter%252Cthursday_evening%252Ccompany%252Cthe_new_york_times%252Ccedric_owens%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D0a128167-d05b-4a5a-ae1f-67013865e3d9&ppid=0a128167d05b4a5aae1f67013865e3d9&sc=1&cookie_enabled=1&abxe=1&dt=1663606287461&lmt=1663606287&dlt=1663606286049&idt=1326&adxs=0&adys=56&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&frm=20&vis=1&psz=0x0&msz=0x0&fws=0&ohw=0&ga_vid=137948537.1663606287&ga_sid=1663606287&ga_hid=1770785891&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b381f6277e8bbc4ed06dad6bf38864994e1d5854b8525ca69391d61ed423018
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		402 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1512123897959010&correlator=2483420307513779&hxva=1&scor=4299610263625563&eid=44742767&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&us_privacy=1---&iu_parts=3379%2Cconde.wired.native%2Caside%2Csecurity%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=320x50%7C2x2&fluid=height&ifi=2&adks=1253013061&sfv=1-0-38&fsapi=false&prev_scp=pos%3Daside%26ctx_slot_type%3Daside%26ctx_slot_rn%3D0%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Daside_0%26slot_name%3Daside_1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%252Cgv_death_injury%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0%26env_device_type%3Ddesktop%26ctx_template%3Dmt_article_two_column%26content_type%3Darticle%26ctx_page_channel%3Dsecurity%26ctx_page_sub_channel%3Dnational-security%26sub_sub_channel%3D%26env_server%3Dproduction%26ctx_cns_version%3D6.62.7%26ctx_page_slug%3Duber-hack-mfa-phishing%26cnt_copilotid%3D632496798990652479ff3877%26cnt_platform%3Dverso%26cnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%26fastly_geo%3Dca%26pageview_id%3D3138407518%26usr_bkt_eva%3D24%26usr_bkt_ses%3D29%26usr_bkt_pv%3D89%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26usr_segments%3Dco.w2238%26cn_metrics%3Dcmr_high%26vnd_prx_segments%3D121100%252C131100%252C131127%252C230004%252C230017%252C230103%252C230133%252C230163%252C230016%252C230160%252C603525%252C300003%252C210001%252C240000%252C240002%252C240003%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240015%252C240018%252C240019%252Cmiovit%252Ceuwba9%252Czlqtg4%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_entities%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_keywords%3Duber%252Chacker%252Cauthentication%252Cattacker%252Cbreach%252Csystem%252Cnotification%252Caccess%252Czatko%252Ccybersecurity%252Cattack%252Chack_devastation%252Cresearcher%252Csecurity_engineer%252Cservice%252Ctwitter%252Cthursday_evening%252Ccompany%252Cthe_new_york_times%252Ccedric_owens%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D0a128167-d05b-4a5a-ae1f-67013865e3d9&ppid=0a128167d05b4a5aae1f67013865e3d9&sc=1&cookie_enabled=1&abxe=1&dt=1663606287469&lmt=1663606287&dlt=1663606286049&idt=1326&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&frm=20&vis=1&psz=0x0&msz=0x0&fws=640&ohw=0&ga_vid=137948537.1663606287&ga_sid=1663606287&ga_hid=1770785891&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
978bbe1959cfcf71c06c1fd758f89d72319bc3928d5716450ec5665568ff35a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1512123897959010&correlator=2483420307513779&hxva=1&scor=4299610263625563&eid=44742767&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&us_privacy=1---&iu_parts=3379%2Cconde.wired.native%2Cin-content%2Csecurity%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=320x50&fluid=height&ifi=3&adks=3600696306&sfv=1-0-38&fsapi=false&prev_scp=pos%3Din-content%26ctx_slot_type%3Din_content%26ctx_slot_rn%3D0%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Din_content_0%26slot_name%3Din_content_1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%252Cgv_death_injury%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0%26env_device_type%3Ddesktop%26ctx_template%3Dmt_article_two_column%26content_type%3Darticle%26ctx_page_channel%3Dsecurity%26ctx_page_sub_channel%3Dnational-security%26sub_sub_channel%3D%26env_server%3Dproduction%26ctx_cns_version%3D6.62.7%26ctx_page_slug%3Duber-hack-mfa-phishing%26cnt_copilotid%3D632496798990652479ff3877%26cnt_platform%3Dverso%26cnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%26fastly_geo%3Dca%26pageview_id%3D3138407518%26usr_bkt_eva%3D24%26usr_bkt_ses%3D29%26usr_bkt_pv%3D89%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26usr_segments%3Dco.w2238%26cn_metrics%3Dcmr_high%26vnd_prx_segments%3D121100%252C131100%252C131127%252C230004%252C230017%252C230103%252C230133%252C230163%252C230016%252C230160%252C603525%252C300003%252C210001%252C240000%252C240002%252C240003%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240015%252C240018%252C240019%252Cmiovit%252Ceuwba9%252Czlqtg4%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_entities%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_keywords%3Duber%252Chacker%252Cauthentication%252Cattacker%252Cbreach%252Csystem%252Cnotification%252Caccess%252Czatko%252Ccybersecurity%252Cattack%252Chack_devastation%252Cresearcher%252Csecurity_engineer%252Cservice%252Ctwitter%252Cthursday_evening%252Ccompany%252Cthe_new_york_times%252Ccedric_owens%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D0a128167-d05b-4a5a-ae1f-67013865e3d9&ppid=0a128167d05b4a5aae1f67013865e3d9&sc=1&cookie_enabled=1&abxe=1&dt=1663606287472&lmt=1663606287&dlt=1663606286049&idt=1326&adxs=262&adys=3006&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&frm=20&vis=1&psz=575x0&msz=575x0&fws=0&ohw=0&ga_vid=137948537.1663606287&ga_sid=1663606287&ga_hid=1770785891&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e300b777a70dda0d0c686ecfd02658b5bb80e6b380a225ee704d94402852c5dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11261
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wired.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		409 B
238 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1512123897959010&correlator=2483420307513779&hxva=1&scor=4299610263625563&eid=44742767&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&us_privacy=1---&iu_parts=3379%2Cconde.wired.native%2Cread-more%2Csecurity%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=320x50&fluid=height&ifi=4&adks=4283934905&sfv=1-0-38&fsapi=false&prev_scp=pos%3Dread-more%26ctx_slot_type%3Dread_more%26ctx_slot_rn%3D0%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Dread_more_0%26slot_name%3Dread_more_1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%252Cgv_death_injury%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26amznbid%3D0%26amznp%3D0%26env_device_type%3Ddesktop%26ctx_template%3Dmt_article_two_column%26content_type%3Darticle%26ctx_page_channel%3Dsecurity%26ctx_page_sub_channel%3Dnational-security%26sub_sub_channel%3D%26env_server%3Dproduction%26ctx_cns_version%3D6.62.7%26ctx_page_slug%3Duber-hack-mfa-phishing%26cnt_copilotid%3D632496798990652479ff3877%26cnt_platform%3Dverso%26cnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%26fastly_geo%3Dca%26pageview_id%3D3138407518%26usr_bkt_eva%3D24%26usr_bkt_ses%3D29%26usr_bkt_pv%3D89%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26usr_segments%3Dco.w2238%26cn_metrics%3Dcmr_high%26vnd_prx_segments%3D121100%252C131100%252C131127%252C230004%252C230017%252C230103%252C230133%252C230163%252C230016%252C230160%252C603525%252C300003%252C210001%252C240000%252C240002%252C240003%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240015%252C240018%252C240019%252Cmiovit%252Ceuwba9%252Czlqtg4%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_entities%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_keywords%3Duber%252Chacker%252Cauthentication%252Cattacker%252Cbreach%252Csystem%252Cnotification%252Caccess%252Czatko%252Ccybersecurity%252Cattack%252Chack_devastation%252Cresearcher%252Csecurity_engineer%252Cservice%252Ctwitter%252Cthursday_evening%252Ccompany%252Cthe_new_york_times%252Ccedric_owens%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D0a128167-d05b-4a5a-ae1f-67013865e3d9&ppid=0a128167d05b4a5aae1f67013865e3d9&sc=1&cookie_enabled=1&abxe=1&dt=1663606287475&lmt=1663606287&dlt=1663606286049&idt=1326&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=137948537.1663606287&ga_sid=1663606287&ga_hid=1770785891&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e84906c82c5e653707516be213495ec78568e324c345687bf76fdcdf8d2f8d42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
208
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2215ed5f1bb5c1f19d3d08f3e16e9b9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0E4B 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2215ed5f1bb5c1f19d3d08f3e16e9b9d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:807::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 16:51:27 GMT
expires
Tue, 19 Sep 2023 16:51:27 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
5f2178a1bcdfff5e2a4786ac.js
player.cnevids.com/script/video/ 		68 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/script/video/5f2178a1bcdfff5e2a4786ac.js?autoplay=1&muted=1&continuousPlay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=copilotIdOverride&recStrategy=copilotIdOverride&showPlaylistBar=false&isRightRail=true&onIframeReady=onIframeReady16636062874960
Requested by
Host: www.wired.com
URL: https://www.wired.com/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-21.phl50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
2e8a1f45a3760d8c6bdb8b4d2d55ac3532f06ac81bacb6731a30ede548e6cc99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Amz-Cf-Pop
PHL50-C1
X-Cache
Miss from cloudfront
Status
200 OK
Connection
keep-alive
Content-Length
22112
X-XSS-Protection
1; mode=block
X-Request-Id
6ed742c4-3249-49f3-a95e-7caf66f1d2eb
X-Runtime
0.004498
X-Backend-Node
10.110.79.96
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
ETag
W/"dd8507215b926dac02124ecc4121370d"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 d1fe44bb64238a84cc5fc2e3dbc947c6.cloudfront.net (CloudFront)
Cache-Control
max-age=0, private, must-revalidate
X-Amz-Cf-Id
Rj1HuIZvQJwLPWGXibD4sl1Qf_ySlB4gAhmdxaXU1dIiJ5JI-Lu4-w==
beacon
www.allure.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.allure.com/infinityid/beacon?id=0a128167-d05b-4a5a-ae1f-67013865e3d9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Via
1.1 varnish
Vary
origin, cn-experiments, Verso
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
35
X-Served-By
cache-yul12831-YUL
Server
nginx/1.15.8
X-Timer
S1663606288.612537,VS0,VE20
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
expires
0
beacon
www.architecturaldigest.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.architecturaldigest.com/infinityid/beacon?id=0a128167-d05b-4a5a-ae1f-67013865e3d9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Via
1.1 varnish
Server
nginx/1.15.8
Connection
keep-alive
Vary
origin
X-Cache
MISS
Content-Type
image/gif
expires
0
Cache-Control
no-cache
X-Cache-Hits
0
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security
max-age=7776000; preload
accept-ranges
bytes
Content-Length
35
X-Served-By
cache-yul12832-YUL
beacon
www.bonappetit.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bonappetit.com/infinityid/beacon?id=0a128167-d05b-4a5a-ae1f-67013865e3d9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-src https: data: blob:; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Via
1.1 varnish
Vary
origin, cn-experiments, Verso
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
35
X-Served-By
cache-yul12832-YUL
Server
nginx/1.15.8
X-Timer
S1663606288.612279,VS0,VE18
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; frame-src https: data: blob:; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
expires
0
beacon
www.cntraveler.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.cntraveler.com/infinityid/beacon?id=0a128167-d05b-4a5a-ae1f-67013865e3d9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Via
1.1 varnish
Vary
origin, cn-experiments, Verso
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
35
X-Served-By
cache-yul12828-YUL
Server
nginx/1.15.8
X-Timer
S1663606288.612237,VS0,VE20
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
expires
0
beacon
www.epicurious.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.epicurious.com/infinityid/beacon?id=0a128167-d05b-4a5a-ae1f-67013865e3d9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Via
1.1 varnish
Vary
origin, cn-experiments, Verso
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
35
X-Served-By
cache-yul12832-YUL
Server
nginx/1.15.8
X-Timer
S1663606288.612939,VS0,VE22
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
expires
0
beacon
www.glamour.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.glamour.com/infinityid/beacon?id=0a128167-d05b-4a5a-ae1f-67013865e3d9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
via
1.1 varnish, 1.1 varnish
vary
origin, cn-experiments, Verso, accept-encoding
x-cae-version
14
transfer-encoding
chunked
x-cache
MISS, MISS
x-cache-hits
0, 0
Connection
keep-alive
content-encoding
gzip
x-served-by
cache-yul12821-YUL
server
nginx/1.15.8
x-timer
S1663606288.582987,VS0,VE18
date
Mon, 19 Sep 2022 16:51:27 GMT
strict-transport-security
max-age=7776000; preload
content-type
image/gif
cache-control
no-cache
accept-ranges
none
expires
0
beacon
www.gq.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gq.com/infinityid/beacon?id=0a128167-d05b-4a5a-ae1f-67013865e3d9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Via
1.1 varnish
X-Cache
MISS
X-UA-Device
desktop
X-Cache-Hits
0
Connection
keep-alive
Content-Length
35
X-Served-By
cache-yul12832-YUL
Verso
false
Server
nginx/1.15.8
X-Timer
S1663606288.611926,VS0,VE18
Vary
origin, cn-experiments, Verso
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
expires
0
beacon
www.newyorker.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.newyorker.com/infinityid/beacon?id=0a128167-d05b-4a5a-ae1f-67013865e3d9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=86400; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Via
1.1 varnish
Connection
keep-alive
Vary
origin
X-Cache
MISS
Content-Type
image/gif
expires
0
Cache-Control
no-cache
X-Cache-Hits
0
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security
max-age=86400; preload
accept-ranges
bytes
Content-Length
35
X-Served-By
cache-yul12826-YUL
beacon
pitchfork.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pitchfork.com/infinityid/beacon?id=0a128167-d05b-4a5a-ae1f-67013865e3d9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
35
X-Served-By
cache-yul12829-YUL
Verso
false
Server
nginx/1.15.8
X-Timer
S1663606288.613087,VS0,VE18
Vary
Accept-Encoding, X-Format, Verso
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
expires
0
beacon
www.self.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.self.com/infinityid/beacon?id=0a128167-d05b-4a5a-ae1f-67013865e3d9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Vary
origin, cn-experiments, Verso
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
35
X-Served-By
cache-yul12832-YUL
Server
nginx/1.15.8
X-Timer
S1663606288.612775,VS0,VE16
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
X-FC-Vary-Parameters
acceptencoding
expires
0
beacon
www.teenvogue.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.teenvogue.com/infinityid/beacon?id=0a128167-d05b-4a5a-ae1f-67013865e3d9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
Content-Length
35
X-Served-By
cache-yul12822-YUL
X-Fastly-Backend
XID_BEACON
Server
nginx/1.15.8
X-Timer
S1663606288.680117,VS0,VE18
Vary
origin, cn-experiments, Verso
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
expires
0
beacon
www.them.us/infinityid/ 		35 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.them.us/infinityid/beacon?id=0a128167-d05b-4a5a-ae1f-67013865e3d9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Via
1.1 varnish
Server
nginx/1.15.8
Vary
origin, Accept-Encoding, cn-experiments, Verso
X-Cache
MISS
Content-Type
image/gif
expires
0
Cache-Control
no-cache
transfer-encoding
chunked
X-Cache-Hits
0
Connection
keep-alive
accept-ranges
none
content-encoding
gzip
X-Served-By
cache-yul12831-YUL
beacon
www.vanityfair.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vanityfair.com/infinityid/beacon?id=0a128167-d05b-4a5a-ae1f-67013865e3d9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Via
1.1 varnish
Vary
origin, Accept-Encoding, cn-experiments, Verso
transfer-encoding
chunked
X-Cache
MISS
X-Cache-Hits
0
Connection
keep-alive
content-encoding
gzip
X-Served-By
cache-yul12822-YUL
Server
nginx/1.15.8
X-Timer
S1663606288.691347,VS0,VE22
Strict-Transport-Security
max-age=7776000; preload
Content-Type
image/gif
Cache-Control
no-cache
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
none
apple-news-services-host
infinityid.condenastdigital.com
expires
0
beacon
www.vogue.com/infinityid/ 		35 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.vogue.com/infinityid/beacon?id=0a128167-d05b-4a5a-ae1f-67013865e3d9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
Strict-Transport-Security max-age=7776000; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Server
nginx/1.15.8
Varnish-X-Cache
MISS
Connection
keep-alive
Vary
origin, cn-experiments, Verso
X-Cache
MISS
Content-Type
image/gif
expires
0
Cache-Control
no-cache
X-Cache-Hits
0
Content-Security-Policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: data: blob: android-webview-video-poster:; media-src https: data: blob:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; upgrade-insecure-requests
Strict-Transport-Security
max-age=7776000; preload
accept-ranges
bytes
Content-Length
35
X-Served-By
cache-yul12830-YUL
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		182 B
620 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3035&u=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&pid=qCxdeVrvheTev&cb=0&ws=1600x1200&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22hero_0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22hero%2Fdesktop%22%7D%5D&pj=%7B%22si_section%22%3A%22security%22%2C%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.202.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-202-36.phl50.r.cloudfront.net
Software
Server /
Resource Hash
2497f94d8a997612d5da2ad1d85dc3e430771037e23c2d9c9a89379686ceccac
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
via
1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-amz-rid
ZHR57ZMSZR2BT51YVHZ2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
182
x-amz-cf-id
3odAGDU6Ffn1iZZesy-cMQf87BYAsnSUmUy2nv2ByaoZJFdv6Js5tg==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		328 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=306872&zone_id=1548440&size_id=2&alt_size_ids=57&us_privacy=1---&eid_pubcid.org=56557349-e1f4-4a40-be04-64225528dae0%5E1&rf=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&tg_i.cnt_tags=security%2Chacking%2Cvulnerabilities%2Cuber%2Cnational-security&tk_flint=pbjs_lite_v7.11.0&x_source.tid=4b7b56d0-e976-4a00-9956-d0c01e9893a9&l_pb_bid_id=2a9099108ae549&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6036559634150296
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
9b848b6e24a1363ceb7f1c2977907d7f428de3800e78e99750a685a7ab77488c

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:27 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.wired.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
328
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		328 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=306872&zone_id=1548442&size_id=2&alt_size_ids=57&us_privacy=1---&eid_pubcid.org=56557349-e1f4-4a40-be04-64225528dae0%5E1&rf=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&tg_i.cnt_tags=security%2Chacking%2Cvulnerabilities%2Cuber%2Cnational-security&tk_flint=pbjs_lite_v7.11.0&x_source.tid=4b7b56d0-e976-4a00-9956-d0c01e9893a9&l_pb_bid_id=3a043302f64141&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2665962369660293
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6dc15f4d0238e20fb7ff8185473525676be7d1508bba328d9a15647ed4086d9a

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/json
content-length
328
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=376149&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224af23c94cd2d9c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fcnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cnt_tags%22%3A%5B%22security%22%2C%22hacking%22%2C%22vulnerabilities%22%2C%22uber%22%2C%22national-security%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%22%2C%22tmax%22%3A1000%2C%22syncsPerBidder%22%3A5%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22adunitcode%22%3A%22hero_728x90_970x250%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2255a0c8c6cdd55f%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22376149%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22376148%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%224b7b56d0-e976-4a00-9956-d0c01e9893a9%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2256557349-e1f4-4a40-be04-64225528dae0%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b53bb213180c667c37a87e1f5f714bb0987010e0bb313ebc64d91e12bc1095d

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UXUElsZpl5Axu3FIWxnGZ54gd2X%2BbbidsuAOpN9T%2FOAi4DobJX6EK5S2SbW9R%2FHvpBsir%2BENqFPcZXi5bxP83ukeS2SuV63IQARtsi5yHM2vUWcgMUZdi4gcTXcS4BKxH4wsrIPW"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.wired.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74d3d381ba3fa1f0-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969ce00175757040bb70b6b4600016&pos=8a9691380175757044fd70c63cbf008a&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
77c8af108b0be890fe899a91fed24451f7023bc2d4f604bde91adbec3fc07504

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969ce00175757040bb70b6b4600016&pos=8a969ce00175757040bb70c63daf0091&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
bede4ac4db1899cbab141cbcd263738ef7cbeceba3bc5c550e4935b0e9979d5a

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
content-length
62
arj
condenastus-d.openx.net/w/1.0/ 		189 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4b7b56d0-e976-4a00-9956-d0c01e9893a9%2C4b7b56d0-e976-4a00-9956-d0c01e9893a9&nocache=1663606287575&us_privacy=1---&pubcid=56557349-e1f4-4a40-be04-64225528dae0&aus=728x90%2C970x250%7C728x90%2C970x250&divids=hero_728x90_970x250%2Chero_728x90_970x250&aucs=%2C&auid=541000862%2C541000867&aumfs=50%2C50
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
20a46cf7a603d7447d90ad966f38149cf1366922cf84e66d16b2f81fe4c1ad02

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.wired.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
11e1a2fbb9d6e508117b8428b2fa612f11dd7e2e603040c98320630c49337732

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
cdb
bidder.criteo.com/ 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=63298064317&lsavail=1
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
gtm.js
www.googletagmanager.com/ 		160 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PPXGGXD&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HBJC2K&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a1d57e666f64ce544a2e4c21ed005c110ccd9e575e77f9b7e3ae3c62560a96c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53390
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 16:08:04 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 19 Sep 2022 16:51:27 GMT
/
geo.privacymanager.io/ 		30 B
595 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-67.phl50.r.cloudfront.net
Software
/
Resource Hash
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 07:37:17 GMT
via
1.1 e71ab653feb8332f51edf19089ecf9fc.cloudfront.net (CloudFront), 1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
age
33250
x-amzn-requestid
ccd0dc89-08df-41e4-92c6-a9868b09852d
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-63281c2d-191eba8b43b42fe42533577e;Sampled=0
x-cache
Hit from cloudfront
x-amz-cf-pop
IAD55-P4, PHL50-C1
x-amz-apigw-id
YslXGFuljoEFdoQ=
content-length
30
x-amz-cf-id
878hxMIfL0gegRyC9R42zlbGPd9vcFHsywLibeXacrMBuIbk_Kj5bA==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
en.json
cdn.cookielaw.org/consent/93ddfe0c-4b21-4ad5-8191-612d2a67aad3/d54ccda1-0379-484b-aa35-899451706118/ 		125 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/93ddfe0c-4b21-4ad5-8191-612d2a67aad3/d54ccda1-0379-484b-aa35-899451706118/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
20c078d1c46cc6adb228e8f2d75abac84332c702edccab59242023740c77e191
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
SOSMZk1kMy+QaEgC6xn4VQ==
age
2145
vary
Accept-Encoding
content-length
23491
x-ms-lease-status
unlocked
last-modified
Wed, 24 Aug 2022 15:00:07 GMT
server
cloudflare
etag
0x8DA85E155A780C2
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2f9bffb1-401e-00bf-36ca-b7cc90000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
74d3d3820b82ecfa-YUL
expires
Mon, 19 Sep 2022 20:51:27 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		182 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3035&u=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&pid=qCxdeVrvheTev&cb=1&ws=1600x1200&v=22.9.81452&t=1000&slots=%5B%7B%22sd%22%3A%22rail_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22rail%2Fdesktop%22%7D%5D&pj=%7B%22si_section%22%3A%22security%22%2C%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.202.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-202-36.phl50.r.cloudfront.net
Software
Server /
Resource Hash
f22c32205a7417f8c00ddadfe7a17931f1d5f1e20a38f61b695c12d4d4e61a8e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
via
1.1 2f0b2738cc23726bda17eb28418ee9c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
PHL50-C1
x-amz-rid
C7PAYPJXCD8Y8X68Q5TZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
182
x-amz-cf-id
LzQdbCJVsFUsbKxGSNVNXZd1iyMg7KHUEDiHhhdeyg4nCIZJ5O3Vtw==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		329 B
653 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=306872&zone_id=1548468&size_id=15&alt_size_ids=10&us_privacy=1---&eid_pubcid.org=56557349-e1f4-4a40-be04-64225528dae0%5E1&rf=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&tg_i.cnt_tags=security%2Chacking%2Cvulnerabilities%2Cuber%2Cnational-security&tk_flint=pbjs_lite_v7.11.0&x_source.tid=de9d3469-a9eb-464d-8827-addb4dbd4f35&l_pb_bid_id=224699946706a44&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.04714604616692131
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7ea1f07fd8ab3925b142fd1ef3d6019a8c524b403fa6496d8a47bd9c3d452e10

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/json
content-length
329
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		329 B
880 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=306872&zone_id=1548470&size_id=15&alt_size_ids=10&us_privacy=1---&eid_pubcid.org=56557349-e1f4-4a40-be04-64225528dae0%5E1&rf=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&tg_i.cnt_tags=security%2Chacking%2Cvulnerabilities%2Cuber%2Cnational-security&tk_flint=pbjs_lite_v7.11.0&x_source.tid=de9d3469-a9eb-464d-8827-addb4dbd4f35&l_pb_bid_id=23b9ed95b0fbc94&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7723244746546858
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a64bf88cc5b195e9dcfa2f0f9b91f6701a61014fcb63c863f942037efbe12c82

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:27 GMT
server
nginx/1.21.4
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-type
application/json
content-length
329
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
538 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=376181&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2224b047aa9e67a9b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fcnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cnt_tags%22%3A%5B%22security%22%2C%22hacking%22%2C%22vulnerabilities%22%2C%22uber%22%2C%22national-security%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%227.11.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%22%2C%22tmax%22%3A1000%2C%22syncsPerBidder%22%3A5%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%2C%22adunitcode%22%3A%22rail_300x250_300x600%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222587474b1ddae19%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22376181%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22376179%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22tid%22%3A%22de9d3469-a9eb-464d-8827-addb4dbd4f35%22%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2256557349-e1f4-4a40-be04-64225528dae0%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6dc98bf69312306b49f4162e7bfd2668a9bb8700721334af0f764a288d53551

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:27 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxZzmJCdIMlliuFB2ZyAymC5P7vh4arMdJyFGM0jYmpj8zUUvu6WbtDSMepZNFWgJJswQAYCyjbzXxu6XxYG1PycL9NcWkyCjQhtl%2Budhd2ajeLppWxPNRlXxuWpLcvfIuPDQBaN"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.wired.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74d3d3827bf25467-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969ce00175757040bb70b6b4600016&pos=8a96958101757570497f70c64b5f008e&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
11bab176b893eb98ccbbfc29a9c1218a488dccc6bb5dc418fa357b371dc4b94d

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969ce00175757040bb70b6b4600016&pos=8a9691380175757044fd70c64c5c008f&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.230.217.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-230-217-116.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
4f571cc958dd8c67b837663a3501369104a33a31356abc19c8d22953492e4cae

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
content-length
62
arj
condenastus-d.openx.net/w/1.0/ 		190 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=de9d3469-a9eb-464d-8827-addb4dbd4f35%2Cde9d3469-a9eb-464d-8827-addb4dbd4f35&nocache=1663606287727&us_privacy=1---&pubcid=56557349-e1f4-4a40-be04-64225528dae0&aus=300x250%2C300x600%7C300x250%2C300x600&divids=rail_300x250_300x600%2Crail_300x250_300x600&aucs=%2C&auid=541000882%2C541000850&aumfs=50%2C50
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
8a1e9480bb0dbc954c947a34b76dd34c499b325d9cdd1993c18bceac30b5b184

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.wired.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		26 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1db92a04541fb3a6c72ccdee7adde1b894da5df11b7c275fbf3f77eff5ff7baf

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
cdb
bidder.criteo.com/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=7.11.0&cb=2778217882&lsavail=1
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
embed-api.json
player.cnevids.com/ 		10 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/embed-api.json?videoId=5f2178a1bcdfff5e2a4786ac&interludeOverride=true&playerType=interlude&embedLocation=wired
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5f2178a1bcdfff5e2a4786ac.js?autoplay=1&muted=1&continuousPlay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=copilotIdOverride&recStrategy=copilotIdOverride&showPlaylistBar=false&isRightRail=true&onIframeReady=onIframeReady16636062874960
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-21.phl50.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
74c0911329aa791933bf7fce4a6260ee7e542a83adb28a09a71454cf38ebb663
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Amz-Cf-Pop
PHL50-C1
X-Cache
Miss from cloudfront
Status
200 OK
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
3486
X-XSS-Protection
1; mode=block
X-Request-Id
9c00cbd3-847d-43e6-ad93-2656b5472412
X-Runtime
0.012929
X-Backend-Node
10.110.76.58
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
ETag
W/"881c0d0b4a62bd3321ebd1dbdd5a2ed7"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control
max-age=300, public
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
TmmmalNpGYuVpgDBcsrQtYdOup-6wk9AihohgS2XapxvH6IFFejcog==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A073 		377 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5f2178a1bcdfff5e2a4786ac.js?autoplay=1&muted=1&continuousPlay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=copilotIdOverride&recStrategy=copilotIdOverride&showPlaylistBar=false&isRightRail=true&onIframeReady=onIframeReady16636062874960
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27e83793f50bb31fc8e9fd687a90b7472f979f925993f597db551450c423487a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128538
x-xss-protection
0
expires
Mon, 19 Sep 2022 16:51:27 GMT
gpt_proxy.js
imasdk.googleapis.com/js/sdkloader/ 		83 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5f2178a1bcdfff5e2a4786ac.js?autoplay=1&muted=1&continuousPlay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=copilotIdOverride&recStrategy=copilotIdOverride&showPlaylistBar=false&isRightRail=true&onIframeReady=onIframeReady16636062874960
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1df3371f650083389e7b8913c038c3d3695cc92776c8a72d4f4bec5673e17046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:50:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
77
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30905
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 16:22:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Mon, 19 Sep 2022 17:05:10 GMT
player-style-ad5233f92eb6f9be19d0.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame A073 		90 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/player-style-ad5233f92eb6f9be19d0.css
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5f2178a1bcdfff5e2a4786ac.js?autoplay=1&muted=1&continuousPlay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=copilotIdOverride&recStrategy=copilotIdOverride&showPlaylistBar=false&isRightRail=true&onIframeReady=onIframeReady16636062874960
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-104.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1412791fc3e8ede20785df7b4856ac7452464af2e797beb0859adb07771fdc84

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Fri, 02 Sep 2022 18:47:27 GMT
Content-Encoding
gzip
Age
1461841
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
12947
Last-Modified
Fri, 02 Sep 2022 18:44:44 GMT
Server
AmazonS3
ETag
"ea430c2406991ae5498deee90d363e49"
x-amz-version-id
2cg9.WiNIDIrJGZmK_WaO3At3S9.Q45s
Via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Content-Type
text/css; charset=utf-8
X-Amz-Cf-Id
qawNGi949-_z7skeTwFx35QERFh3GVZTz872gURKOPeYJCnlDLI5-g==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
main-5cc57c23969657d0534a.js
d2c8v52ll5s99u.cloudfront.net/player/ Frame A073 		853 KB
232 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5f2178a1bcdfff5e2a4786ac.js?autoplay=1&muted=1&continuousPlay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=copilotIdOverride&recStrategy=copilotIdOverride&showPlaylistBar=false&isRightRail=true&onIframeReady=onIframeReady16636062874960
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-104.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b80a8fc491f973cc7bce5e3e8bf7992c52208c4bc516909d9fd84c6285750c2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Wed, 14 Sep 2022 15:48:42 GMT
Content-Encoding
gzip
Age
435766
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
237176
Last-Modified
Tue, 13 Sep 2022 20:44:22 GMT
Server
AmazonS3
ETag
"741d57fce2781edd3ffefb3ea21e900a"
x-amz-version-id
EnvaWNADioVYZ6_aICw93l_85_Bm1hYQ
Via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Content-Type
application/javascript; charset=utf-8
X-Amz-Cf-Id
1KeMeNftnIr70-N22lIuWT9dNC9S2BTU3dpHfizbDE_fJC6Vpk0h5g==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
id
dpm.demdex.net/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F7093025512D2B690A490D44%40AdobeOrg&d_nsid=0&ts=1663606287874
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
6443346d3ca5b02677df3fa93127f7f22bd92a789509b3ac91f24fb3a04faa5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v038-03d288e41.edge-usw2.demdex.com 10 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
KLDgAjWtSyM=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.wired.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
2197
Expires
Thu, 01 Jan 1970 00:00:00 UTC
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HBJC2K&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 26 Sep 2022 16:51:27 GMT
pixel.js
www.redditstatic.com/ads/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HBJC2K&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::396 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
via
1.1 varnish, 1.1 varnish
last-modified
Tue, 19 Jul 2022 22:48:09 GMT
server
snooserv
etag
"95212d33cfff78ad59f5af5b20c48c53"
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
accept-ranges
bytes
content-encoding
gzip
content-length
7722
spm.v1.min.js
ak.sail-horizon.com/spm/ 		124 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HBJC2K&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.93.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-93-62.jfk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:50:54 GMT
content-encoding
gzip
last-modified
Thu, 15 Sep 2022 23:20:31 GMT
server
AmazonS3
age
34
etag
W/"97dd801dd26ae0172c7875245d92f506"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 da882a3066261fe68bc0e26348bba540.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
JFK50-P8
x-amz-cf-id
QDNJTrnaNVgIzVJmknuoKdd30o3ETz1LvdzCOib8reCeVhgee9i4Ig==
fbevents.js
connect.facebook.net/en_US/ 		101 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
AtRi5RKADOWaDx+oSeU1xFzsxB82Ws2BkUsmvBhCQm+UPZzbwqQy+UMApHJgrzPHtjZQclj87y4erlBm8DU2UQ==
x-fb-trip-id
1425083115
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 16:51:27 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
i.js
tag.bounceexchange.com/2825/ 		297 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/2825/i.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
9789b825e807e510109a01f5a0c39c2681915b166e8e2c02a6e2f47195af2597

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:49:41 GMT
content-encoding
gzip
age
106
x-envoy-upstream-service-time
8
x-region
us-central1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
130449
access-control-allow-origin
*
server
istio-envoy
etag
6472b84c70adcc
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
via
1.1 google
cache-control
public,max-age=60
timing-allow-origin
*
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect
PageName=national%20security,SiteID=Wired,CampaignID=1802C,Channel=website,CreativeID=security,Placement=undefined
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MjE1L3QvMA/kv/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MjE1L3QvMA/kv/PageName=national%20security,SiteID=Wired,CampaignID=1802C,Channel=website,CreativeID=security,Placement=undefined
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:5000::17df:9c20 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 20:23:36 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=43085
accept-ranges
bytes
content-length
3063
memo.js
cdn.memo.co/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.memo.co/js/memo.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-63.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d7b91ed4a7804e22b94e4873af273def73469e80b740bd9787e287003058868

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
dIwRVCKiXrZkA8Vq0TRLD0Yyqjiw5iXT
content-encoding
gzip
etag
W/"09a117df3977ec5a869191fcea2ac408"
last-modified
Wed, 04 May 2022 18:49:53 GMT
server
AmazonS3
x-amz-cf-pop
PHL50-C1
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 4e2a7874b5959279490dd3b94b18a312.cloudfront.net (CloudFront)
cache-control
no-cache
date
Mon, 19 Sep 2022 16:51:29 GMT
x-amz-cf-id
rEZ--ZpRNWRf5EDnC14Xx72mDpNdjXyi0is3dcMdjWx_cD8qaWkR0g==
57
a.ad.gt/api/v1/u/matches/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/57
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HBJC2K&l=dataLayer
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.191.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-191-126.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
11d7996a73bfdf5edf01ad6be9ef3b8a09a19c5ac6dea198df588b67a951c40f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
nginx/1.20.0
content-type
application/javascript
hotjar-1537182.js
static.hotjar.com/c/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1537182.js?sv=6
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-65.phl50.r.cloudfront.net
Software
/
Resource Hash
420b5e854a4e139957a8bc1698d89c5560c5c4847b965e5ffea20757a5e896b4
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:50:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
53
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=604800; includeSubDomains
access-control-allow-origin
*
x-cache-hit
1
etag
W/b2a3f7c1388c9cbd647d52c7ba1aaf99
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 a3553fd14d7dc73d33a5426ee64abf1c.cloudfront.net (CloudFront)
cache-control
max-age=60
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
d6q_Sk-lhhtEjBPoW4gLH4d50CQ7iYLDvyFx7dGMhDghoh4iFSLePw==
events.js
analytics.tiktok.com/i18n/pixel/ 		126 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1IQID9FKFK1PHD4UBH0&lib=ttq
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.26 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b99178c5da6ff4d7f612c2c76c390f0a6485f16d87214aca7bca276aaebb86

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id
341b7a3.7824d31f
date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a184-51-148-158.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-40-19-26.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-parent-response-time
36,23.40.19.26
server-timing
cdn-cache; desc=MISS, edge; dur=25, origin; dur=11, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
20220919165128E126DADA19F029C2E4F9
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,184.51.148.158
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0decb096a21aed5e407059b6408ec521d2d7ba4a4c3d1b4925949cc238a8344b759a3d91d26c2f358a1f2183b73013d616bfea55aaa4f4e149c018153cb3cead944959d1c0fb7227e6407e81fca376b61c96
expires
Mon, 19 Sep 2022 16:51:28 GMT
condenast_eujdmc753_wired.js
cdn-magiclinks.trackonomics.net/client/static/v2/ 		96 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/condenast_eujdmc753_wired.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21ea:9600:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
0cb52e90ef1b6d486d5ae330bf1b1823fb6c32c77b530ed462322582a95003a5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 12:05:50 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 16:02:08 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
age
17138
etag
W/"17fdc-5ddb90c503c8a"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-pop
EWR50-C1
x-amz-cf-id
LhEqy6lL8mbtO1tpCPeUh0cvMWIFyI5O2DXvAHErJbo4xbm3dRZ4og==
via
1.1 9c1465c390ec70cc0036cf15c3a531d8.cloudfront.net (CloudFront)
obtp.js
amplify.outbrain.com/cp/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.112.11.48 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-11-48.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:28 GMT
Content-Encoding
gzip
Last-Modified
Tue, 21 Jun 2022 14:06:31 GMT
Server
AkamaiNetStorage
ETag
"51de2e10510f823326f9b30ea6068a2a:1655820557.452892"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3249
Expires
Mon, 19 Sep 2022 17:11:28 GMT
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.35.0/assets/ 		21 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Mon, 19 Sep 2022 16:51:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
/wtHD+oYY7dZRzCx50GZrQ==
age
14281
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Mon, 06 Jun 2022 06:21:12 GMT
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
9b71877d-601e-0064-088a-796846000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
74d3d3837da6ecfa-YUL
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035094&ns__t=1663606287884&ns_c=UTF-8&c8=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED&c7=https%3...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1663606287884&ns_c=UTF-8&c8=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED&c7=https%...
0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1663606287884&ns_c=UTF-8&c8=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED&c7=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&c9=
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Server
13.224.214.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-23.phl50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:28 GMT
via
1.1 613a9db04d23967014b7c42269dc1c12.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
VNShgeOBLwqKQ-IvgLuaBai3Q8eWMt65L7h1AerkfFiX_eUoLHEg_A==
x-cache
Miss from cloudfront

Redirect headers

location
/b2?c1=2&c2=6035094&ns__t=1663606287884&ns_c=UTF-8&c8=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED&c7=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&c9=
date
Mon, 19 Sep 2022 16:51:28 GMT
via
1.1 613a9db04d23967014b7c42269dc1c12.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
0
x-amz-cf-id
a6JEXE-xTtvwGn4tFgHRVPyzoN3C-rv3kuvc1Q9397B6S1qeA9UlYw==
x-cache
Miss from cloudfront
458249.gif
idsync.rlcdn.com/
Redirect Chain
  • https://idsync.rlcdn.com/709387.gif?partner_uid=0a128167-d05b-4a5a-ae1f-67013865e3d9&gtmcb=98607530
  • https://idsync.rlcdn.com/1000.gif?memo=CIumKxIwCiwIARCFvQkaJDBhMTI4MTY3LWQwNWItNGE1YS1hZTFmLTY3MDEzODY1ZTNkORAAGg0IkLyimQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=bd687ef6ff8a33dcb0d16af3d9986266fb0de504d7b4f092a859437dd7489b0c791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBiZDY4N2VmNmZmOGEzM2RjYjBkMTZhZjNkOTk4NjI2NmZiMGRlNTA0ZDdiNGYwOTJhODU5NDM3ZGQ3NDg5YjBjNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBiZDY4N2VmNmZmOGEzM2RjYjBkMTZhZjNkOTk4NjI2NmZiMGRlNTA0ZDdiNGYwOTJhODU5NDM3ZGQ3NDg5YjBjNzkxNDI2YjU0MTdkY2UyMRAAGgwIkbyimQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=dc2faee4-9cca-4430-a93f-31a388e3d354
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=dc2faee4-9cca-4430-a93f-31a388e3d354
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:30 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=dc2faee4-9cca-4430-a93f-31a388e3d354
date
Mon, 19 Sep 2022 16:51:29 GMT
via
1.1 google
x-samesite
secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
111
content-type
text/html; charset=utf-8
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=undefined
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_device_id=undefined
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_device_id=undefined
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:28 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_device_id=undefined
date
Mon, 19 Sep 2022 16:51:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=648&partner_device_id=0a128167-d05b-4a5a-ae1f-67013865e3d9
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=648&partner_device_id=0a128167-d05b-4a5a-ae1f-67013865e3d9
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=938f0985-f7db-410e-b217-c1c96e40dc47%252C&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=938f0985-f7db-410e-b217-c1c96e40dc47%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0865b44e-ac90-4c50-9150-a860aeafacdf&ttd_puid=938f0985-f7db-410e-b217-c1c96e40dc47%2C
95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0865b44e-ac90-4c50-9150-a860aeafacdf&ttd_puid=938f0985-f7db-410e-b217-c1c96e40dc47%2C
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H3
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:29 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0865b44e-ac90-4c50-9150-a860aeafacdf&ttd_puid=938f0985-f7db-410e-b217-c1c96e40dc47%2C
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
353
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012208242209000/ Frame E955 		220 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
98a2bc2afc0f4cab2b795ad4073bcb8fb4093f2ef1df15ea4f616864416bc7a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
603693
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61572
x-xss-protection
0
server
sffe
date
Mon, 12 Sep 2022 17:09:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d3316a1477ddceef"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 12 Sep 2023 17:09:55 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012208242209000/v0/ Frame E955 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b40b457fa316cee42f8a4bc97d77182cc54120e33ffbb8a812c05836501134a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
566771
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5202
x-xss-protection
0
server
sffe
date
Tue, 13 Sep 2022 03:25:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"29c50428a02dcb23"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Sep 2023 03:25:17 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012208242209000/v0/ Frame E955 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf2d49f967e0112be0eb0cab4103cdec4cbf10f49810197750ecea6fbe2ba116
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28820
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 15:01:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d86c26a7f6daf516"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 15:01:39 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012208242209000/v0/ Frame E955 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
476756d5ca23f4bc0086789ce0af7a810be71053bbfa8ea98aed92cc14f123dc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6589
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1907
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 15:01:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f652edf411126f67"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 15:01:39 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012208242209000/v0/ Frame E955 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208242209000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:821::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
659e88497037086f548b785858e67802177b50f906e65ab77c6985841b370cf9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
6590
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
date
Mon, 19 Sep 2022 15:01:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1a39bbdc45509c4d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Sep 2023 15:01:38 GMT
css
fonts.googleapis.com/ Frame E955 		6 KB
745 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 15:20:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 19 Sep 2022 16:51:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Sep 2022 16:51:28 GMT
css
fonts.googleapis.com/ Frame E955 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 15:01:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 19 Sep 2022 16:51:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 19 Sep 2022 16:51:28 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/8791227504416744796/ Frame E955 		112 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8791227504416744796/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qmreDCp7eRqpy1kb01o4USYXih3oA
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02489ae657df8d2ea01ad71f7365f3b63371182e66334a8243a7d20c5b122abb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:10:26 GMT
x-content-type-options
nosniff
age
2462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115009
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 10:12:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Sep 2023 16:10:26 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame E955 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CRoMND54oY4WyIdmvqMwP_ry4oASO2ue9bMCnjtGKELCQHxABIPSDuRtg_eiigfADoAHQqLu6AsgBBuACAKgDAcgDCqoE0AJP0OrlTYxzdEyaY8GC85Ux3zwAmZZ58NawCVz6EcU_0WanM6FmwYmZLtmyhTsqVZEIN2XPgX6ZexqDkfr0m-N44siI4jU2_gLxz9KHQZdJ-zGOhC5hfgPsRY_WbNpUWObCH87_3oXygwgYzn8c1Xjl-QxFOqfuxhdIdZXzBV2PzpgLEI-zV-wAKt3RMgTOAUOWvjzEkPJk5hBw1w0Zw1vaFdP9jfyZyNN3Lu41fkPYmHDAlmhuXme9FA5Ezd9l7g5Tl7g1wyEn-1YssylWVVAIBPzFDMmesGB4sL-ticdy2nvlxLzbLDZvkojQ1VUQcoub8p_HDutYvo8avUQQ4tuxWCAeQOutfeEI-R8w7nO0TRNRsChyCOtfD4M7V2FAq8KVus1VQ6qGxVTa_VDmVOHKIPwGZXMivDCSG4JvFbAMLGOvfMIJPMEl0BddVDzHPd_ABInCs6GDBOAEAZIFBAgEGAGSBQQIBRgEoAY3gAe9uovPAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEMjRJ9IIDwiAYRABGF0yAooCOgKAQIAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi0zODQ0ODc3ODYzMzAzNzM5GN-gEA&sigh=F8ik6Y2_rZM&uach_m=[UACH]&template_id=492
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E955 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 17:44:07 GMT
x-content-type-options
nosniff
server
cafe
age
83241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 19 Sep 2022 17:44:07 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E955 		295 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 18:14:52 GMT
x-content-type-options
nosniff
server
cafe
age
81396
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 19 Sep 2022 18:14:52 GMT
truncated
/ Frame E955 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cf667dfc34ebc5bd19d11921c71c9aaefd7a5886581064ba7e3bb5dc23cbcc2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CONDENAST_PREBID_HEADER1&hp=1&zMoatAdUnit1=conde.wired.native&zMoatAdUnit2=in-content&zMoatAdUnit3=security&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1663606286355&de=368453360370&rx=431404640926&m=0&ar=5aeef158bee-clean&iw=f9dac89&q=1&cb=0&cu=1663606286355&ll=2&lm=0&ln=0&em=0&en=0&d=4660981638%3A2443012271%3A5276770044%3A138301071698&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&id=1&ii=4&bo=conde.wired.native&bd=1&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=condenastprebidheader987326845656&fd=1&it=500&pe=1%3A671%3A671%3A0%3A792&fs=200157&na=519252776&cs=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.169.173 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-169-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:28 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 16:51:28 GMT
p-Jjy-Cyr1NZGRz.gif
pixel.quantserve.com/pixel/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Jjy-Cyr1NZGRz.gif?labels=_campaign.media.Advertiser%20ID.4660981638.Campaign%20ID.2443012271.Line%20Item%20ID.programmatic
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HBJC2K&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1556
date
Mon, 19 Sep 2022 16:25:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 19 Sep 2022 18:25:32 GMT
iu3
s.amazon-adsystem.com/ Frame 4B28
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
311 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
2cd22835802a19a7da38b3d108b18762642f5436e3ff2623637d7cfe568cc273
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
311
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 19 Sep 2022 16:51:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
8DNF6JGW2HYVW2QGG4Z1

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 19 Sep 2022 16:51:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
QB6SYD0PA6R84Q460RCR
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		930 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.85.150.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-150-80.iad89.r.cloudfront.net
Software
nginx /
Resource Hash
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 13:30:21 GMT
Via
1.1 e89d95d090c0c86ecc7b8930e434625c.cloudfront.net (CloudFront)
Age
12067
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
930
Pragma
public
Last-Modified
Wed, 06 May 2020 20:19:48 GMT
Server
nginx
ETag
"5eb31be4-3a2"
Content-Type
application/javascript
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
IAD89-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
R-LiF5g7EhAlqVNylRmvgq8MeaiGzE1XorXXARw0fz5Jcfp1dJct-w==
Expires
Tue, 20 Sep 2022 13:30:21 GMT
wired.config.js
pixel.condenastdigital.com/config/v2/production/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.condenastdigital.com/config/v2/production/wired.config.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9112b16c0bd02d574944dbfe8200cda4f233856de27ec693da793a78f656ec6d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:28 GMT
Content-Encoding
gzip
Age
375843
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
1315
x-amz-id-2
s+vz0x5p8CMzveNi/jHYI3qDOJLbBaBREJHYnbkbbvGleZBgp3ss1MzrxLMhaRS+6DqLdwq2jXM=
X-Served-By
cache-iad-kcgs7200109-IAD, cache-yul12826-YUL
Access-Control-Allow-Origin
*
Last-Modified
Thu, 15 Sep 2022 08:27:19 GMT
Server
AmazonS3
X-Timer
S1663606288.175180,VS0,VE0
ETag
"e77462bd78fdd12c591b2497ab50560f"
Vary
Accept-Encoding
x-amz-request-id
NR1QM880KCS1Y9WJ
Via
1.1 varnish, 1.1 varnish
Expires
Thu, 15 Sep 2022 14:27:25 GMT
Cache-Control
no-cache, public, max-age=604800
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
1, 119
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=www.wired.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wired.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1512123897959010&correlator=2483420307513779&hxva=1&scor=4299610263625563&eid=44742767&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&us_privacy=1---&iu_parts=3379%2Cconde.wired%2Chero%2Csecurity%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C970x250%7C970x90%7C9x1%7C10x1&ifi=5&adks=2032318971&sfv=1-0-38&fsapi=false&prev_scp=pos%3Dhero%26ctx_slot_type%3Dhero%26ctx_slot_rn%3D0%26feature-flags%3Dsticky-eligible%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Dhero_0%26slot_name%3Dhero_1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%252Cgv_death_injury%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Dmt_article_two_column%26content_type%3Darticle%26ctx_page_channel%3Dsecurity%26ctx_page_sub_channel%3Dnational-security%26sub_sub_channel%3D%26env_server%3Dproduction%26ctx_cns_version%3D6.62.7%26ctx_page_slug%3Duber-hack-mfa-phishing%26cnt_copilotid%3D632496798990652479ff3877%26cnt_platform%3Dverso%26cnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%26fastly_geo%3Dca%26pageview_id%3D3138407518%26usr_bkt_eva%3D24%26usr_bkt_ses%3D29%26usr_bkt_pv%3D89%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26usr_segments%3Dco.w2238%26cn_metrics%3Dcmr_high%26vnd_prx_segments%3D121100%252C131100%252C131127%252C230004%252C230017%252C230103%252C230133%252C230163%252C230016%252C230160%252C603525%252C300003%252C210001%252C240000%252C240002%252C240003%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240015%252C240018%252C240019%252Cmiovit%252Ceuwba9%252Czlqtg4%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_entities%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_keywords%3Duber%252Chacker%252Cauthentication%252Cattacker%252Cbreach%252Csystem%252Cnotification%252Caccess%252Czatko%252Ccybersecurity%252Cattack%252Chack_devastation%252Cresearcher%252Csecurity_engineer%252Cservice%252Ctwitter%252Cthursday_evening%252Ccompany%252Cthe_new_york_times%252Ccedric_owens%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D0a128167-d05b-4a5a-ae1f-67013865e3d9&ppid=0a128167d05b4a5aae1f67013865e3d9&sc=1&cookie=ID%3D454cc35988ac7860%3AT%3D1663606287%3AS%3DALNI_Ma4Tj8mzb15B9PDXXeOX5NFAaB4PQ&abxe=1&dt=1663606288124&lmt=1663606288&dlt=1663606286049&idt=1326&adxs=436&adys=56&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&frm=20&vis=1&psz=1600x0&msz=1600x0&fws=0&ohw=0&ga_vid=137948537.1663606287&ga_sid=1663606287&ga_hid=1770785891&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f21f63816a4476e413ec45d5842ccfaf58ed881bcfc69a613e980937db963b95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11746
x-xss-protection
0
google-lineitem-id
6063859676
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138397959600
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1512123897959010&correlator=2483420307513779&hxva=1&scor=4299610263625563&eid=44742767&output=ldjh&gdfp_req=1&vrg=2022091301&ptt=17&impl=fifs&us_privacy=1---&iu_parts=3379%2Cconde.wired%2Crail%2Csecurity%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600&ifi=6&adks=3607248659&sfv=1-0-38&fsapi=false&prev_scp=pos%3Drail%26ctx_slot_type%3Drail%26ctx_slot_rn%3D0%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Drail_0%26slot_name%3Drail_1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.08%26hb_adid%3D41f7e0041b6837b%26hb_bidder%3Dmedianet&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%252Cgv_death_injury%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Dmt_article_two_column%26content_type%3Darticle%26ctx_page_channel%3Dsecurity%26ctx_page_sub_channel%3Dnational-security%26sub_sub_channel%3D%26env_server%3Dproduction%26ctx_cns_version%3D6.62.7%26ctx_page_slug%3Duber-hack-mfa-phishing%26cnt_copilotid%3D632496798990652479ff3877%26cnt_platform%3Dverso%26cnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%26fastly_geo%3Dca%26pageview_id%3D3138407518%26usr_bkt_eva%3D24%26usr_bkt_ses%3D29%26usr_bkt_pv%3D89%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26usr_segments%3Dco.w2238%26cn_metrics%3Dcmr_high%26vnd_prx_segments%3D121100%252C131100%252C131127%252C230004%252C230017%252C230103%252C230133%252C230163%252C230016%252C230160%252C603525%252C300003%252C210001%252C240000%252C240002%252C240003%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240015%252C240018%252C240019%252Cmiovit%252Ceuwba9%252Czlqtg4%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_entities%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_keywords%3Duber%252Chacker%252Cauthentication%252Cattacker%252Cbreach%252Csystem%252Cnotification%252Caccess%252Czatko%252Ccybersecurity%252Cattack%252Chack_devastation%252Cresearcher%252Csecurity_engineer%252Cservice%252Ctwitter%252Cthursday_evening%252Ccompany%252Cthe_new_york_times%252Ccedric_owens%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D0a128167-d05b-4a5a-ae1f-67013865e3d9&ppid=0a128167d05b4a5aae1f67013865e3d9&sc=1&cookie=ID%3D454cc35988ac7860%3AT%3D1663606287%3AS%3DALNI_Ma4Tj8mzb15B9PDXXeOX5NFAaB4PQ&abxe=1&dt=1663606288138&lmt=1663606288&dlt=1663606286049&idt=1326&adxs=1067&adys=1512&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&frm=20&vis=1&psz=300x0&msz=300x0&fws=512&ohw=0&ga_vid=137948537.1663606287&ga_sid=1663606287&ga_hid=1770785891&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81eb841ca287ddd6ec5ff27e9d178f18b4c6f989170387d17a649ed3e15f94fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11801
x-xss-protection
0
google-lineitem-id
6114177034
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138405064680
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E955 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 16 Sep 2022 10:24:38 GMT
x-content-type-options
nosniff
age
282410
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Sep 2023 10:24:38 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E955 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 12:50:57 GMT
x-content-type-options
nosniff
age
532831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Sep 2023 12:50:57 GMT
s2s-hb
pbs.getpublica.com/v1/ 		2 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.getpublica.com/v1/s2s-hb?site_id=2564&format=json&app_name=CNEVIDEO&adserver=gam&slot_count=1&site_name=wired&content_episode=5&content_length=684&content_season=Season%201&content_id=5f2178a1bcdfff5e2a4786ac&content_title=Internet%20Expert%20Debunks%20Cybersecurity%20Myths&content_series=Mythbusting&content_language=en&content_category=Security%2CScience%20%26%20Tech--Security&content_keywords=cybersecurity%2Ccybersecurity%20expert%2Ccomputer%20hacker%2Chackers%2Chacker%20security%2Cencryption%2Cgoogle%20read%20gmail%2Chackers%20computer%20camera%2Ccomputer%20camera%20hacker%2Chacker%20camera%2Cwired%20hacker%2Chacking%20expert%2Ccyber%20security%2Ccomputer%20security%2Cnetwork%20security%2Cnetwork%20security%20hacker%2Cwired%20network%20security%2Ccomputer%20hackers%2Chackers%20computer%2Csecurity%20wired%2Cwired%20eva%20galperin%2Ceva%20galperin%2Ceva%20galperin%20cybersecurity&site_page=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&cb=4121921
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5f2178a1bcdfff5e2a4786ac.js?autoplay=1&muted=1&continuousPlay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&interludeOverride=true&onReady=setupInterlude1&playerType=interlude&recAlgorithm=copilotIdOverride&recStrategy=copilotIdOverride&showPlaylistBar=false&isRightRail=true&onIframeReady=onIframeReady16636062874960
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.70.130.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-70-130-122.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:28 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.wired.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Content-Length
26
Expires
0
rp.gif
alb.reddit.com/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1663606288215&id=t2_bn0mvswd&event=PageVisit&m.itemCount=&m.value=&m.valueDecimal=&m.currency=&m.transactionId=&m.customEventName=&m.products=&uuid=acc5c1b7-289e-49fa-a591-d04d7f671acb&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_02c59ad6
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:28 GMT
via
1.1 varnish
server
Varnish
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1663606288229&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1663606288229&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D434737%26time%3D1663606288229%26url%3Dhttps%253A%252F%252Fwww.wired.com%252Fstory...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1663606288229&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&cookiesTest=true&liSyn...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1663606288229&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&cookiesTest=true&liSy...
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d376e468-6f52-43ba-8aff-569ccff843c5
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d376e468-6f52-43ba-8aff-569ccff843c5&_expected_cookie=bc6895072be6da1c8e1e7ea8...
43 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d376e468-6f52-43ba-8aff-569ccff843c5&_expected_cookie=bc6895072be6da1c8e1e7ea8db2d6bb9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Mon, 19 Sep 2022 16:51:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74d3d390cdefa205-YYZ
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=d376e468-6f52-43ba-8aff-569ccff843c5&_expected_cookie=bc6895072be6da1c8e1e7ea8db2d6bb9
date
Mon, 19 Sep 2022 16:51:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74d3d38f2ab6a205-YYZ
content-length
0
rules-p-Jjy-Cyr1NZGRz.js
rules.quantcount.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Jjy-Cyr1NZGRz.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20ed:1e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0760a0a454d26128b9f9bee6f99df65853ac0d5c14f498ff5b5c012ac9d715cc

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:21:02 GMT
content-encoding
gzip
age
1827
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Sat, 27 Aug 2022 20:02:33 GMT
server
AmazonS3
etag
W/"e0deb87adc08650ebda7362e7c6f9508"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 4ddb123c20d2dccf25d1f2d151f23b02.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
u1yhQ-4b2uxwzYrLE3_Txa-aNOwyMDO8SbV1apR0OPF1Huq4DTs9Dg==
simple
api.sail-personalize.com/v1/personalize/ 		288 B
496 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=hss_channel%3Dtw-1685619204
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
e4631e18d1b48ef0398a5ae755803782de2a504a54be4eaa8ed2719670f5bc22

Request headers

x-lib-version
v1.0.1
accept-language
en-CA,en;q=0.9
authorization
Bearer 96cc6d73eeadca5c51a196378f9bf3d1
content-type
application/json
accept
application/json
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
x-referring-url
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
195
allowedmethods
GET,OPTIONS
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0&page=hss_channel%3Dtw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.40.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.wired.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.wired.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Mon, 19 Sep 2022 16:51:28 GMT
228464857488266
connect.facebook.net/signals/config/ 		485 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/228464857488266?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4e4be7f1cefaba47033a1a41389a9879bd973c9dfc1c441bb4bffa02400a2f88
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
146211
x-xss-protection
0
pragma
public
x-fb-debug
NNadeV3Qv+G8NBX0TlKkTIIW/G8sYN9RJiAt8VJSLiYpR2tHknHb9tcnRYr3OcE2soQyZabIr19769QywAfeGQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 16:51:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
main_89ceea329a99e3935afd4105c6694d4b.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		343 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/main_89ceea329a99e3935afd4105c6694d4b.br.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/2825/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
42141e3a6ee96e76b31d9d103d3fffab2227c7afe68405010c68541c30ae6e0c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 14:57:02 GMT
content-encoding
br
age
352466
x-guploader-uploadid
ADPycdslR0ngN2vJj5eW9be9Il27pgYTtzedgvli8gIusx9H9UvFQCENOL4Jo_MNpAw61bpHiduCRrTtHAwrYGgPTvvXVeQCdYAW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69243
last-modified
Thu, 15 Sep 2022 14:56:54 GMT
server
UploadServer
etag
"c32f9f14e7f91ee34253c456319d8162"
x-goog-hash
crc32c=bS3Ykw==, md5=wy+fFOf5HuNCU8RWMZ2BYg==
x-goog-generation
1663253814104898
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
69243
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 15 Sep 2023 14:57:02 GMT
modules.d00377d3a043900eb4ef.js
script.hotjar.com/ 		252 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.d00377d3a043900eb4ef.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1537182.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-90.phl50.r.cloudfront.net
Software
/
Resource Hash
f520d200f5d04a2bc40f94c843eb0c2611ffcf103109f6758d81740c8f3b516a
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 13:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
445341
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=604800; includeSubDomains
content-length
65532
access-control-allow-origin
*
last-modified
Wed, 14 Sep 2022 13:08:33 GMT
etag
"74e062f975f5935c93ae5aff80efbd87"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
9rU53QTyAk4ECrz9YV9_YtaE1FE7R8QcbX0ssV0NNMotDcnpc_otdg==
dest5.html
condenast.demdex.net/ Frame C006 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://condenast.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.109.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-109-212.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-usw2-1-v038-0f86ff699.edge-usw2.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
vPCswTEwS0A=
content-encoding
gzip
date
Mon, 19 Sep 2022 16:51:28 GMT
last-modified
Mon, 19 Sep 2022 08:54:00 GMT
vary
accept-encoding
ibs:dpid=411&dpuuid=YyieEAAAAEXCvwNw
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=22725597434185837671267853816245447519
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YyieEAAAAEXCvwNw
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YyieEAAAAEXCvwNw
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-092f6af1a.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
LuHHWaJERrc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YyieEAAAAEXCvwNw
Date
Mon, 19 Sep 2022 16:51:28 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00c1076881eb5352ee07e7589585aa30bb
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
gzip
X-TraceId
75ed18d347a1d65a49342b8417e67bab
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00c1076881eb5352ee07e7589585aa30bb&obApiVersion=1.1&obtpVersion=1.8.2&name=PAGE_VIEW&dl=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&optOut=false&bust=08740188223222103&referrer=
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:28 GMT
Cache-Control
no-cache
X-TraceId
6d2ba7b587e0f694e3c8b28eb81a16da
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
3421c301-d6a7-4bac-b675-e041279de1de
https://www.wired.com/ Frame A073 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.wired.com/3421c301-d6a7-4bac-b675-e041279de1de
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1IQID9FKFK1PHD4UBH0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.26 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id
3fadd56.7824d446
date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a184-51-148-150.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-40-19-26.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-parent-response-time
15,23.40.19.26
server-timing
cdn-cache; desc=MISS, edge; dur=2, origin; dur=13, inner; dur=3
pragma
no-cache
server
nginx
x-tt-logid
2022091916512839A56E6252A233DFCA1E
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
13,184.51.148.150
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0decb096a21aed5e407059b6408ec521d2d72315ccae7feb945a886382821ddb530fd3eb2f7c01a466ab399ad617607aca6cfec431e547599e4419730fd62b441c6e7a19ac6e7c38b978416759fe90f08c6e
expires
Mon, 19 Sep 2022 16:51:28 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		881 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C1IQID9FKFK1PHD4UBH0&hostname=www.wired.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1IQID9FKFK1PHD4UBH0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.26 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
66113d720f4bbd28846d83b6e1696785479dcfe046e57e6187182429a2e19994

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-akamai-request-id
5f603797.7824d46f
date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a104-126-116-76.deploy.akamaitechnologies.com (AkamaiGHost/10.9.4-44125806) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-40-19-26.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-parent-response-time
15,23.40.19.26
server-timing
cdn-cache; desc=MISS, edge; dur=5, origin; dur=11, inner; dur=3
content-length
358
pragma
no-cache
server
nginx
x-tt-logid
202209191651282782D860D53D91C811A1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
11,104.126.116.76
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0dec9c43b4e5ee79b4bf3edcf614035a3617ed4afceaf6d7033c25972a90214fa4e88b55867829325c0ee6b44c1a47c3078c87e1b7877f4ca7622ee23882513582b424ef250629a36f508e45ea81f5ca76b3
expires
Mon, 19 Sep 2022 16:51:28 GMT
n
elsa.memoinsights.com/ 		310 B
915 B 		Script
General
Check archive.org
Download Go to
Full URL
https://elsa.memoinsights.com/n?pid=5c058a6070cdcc676efa61c4&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&date=2022-09-16T21%3A35%3A11.388Z&title=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&channels=tags&authors=Lily%20Hay%20Newman&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&cb=MEMO.API.callbacks.cbmvloycpwon&v=v3.0.6
Requested by
Host: cdn.memo.co
URL: https://cdn.memo.co/js/memo.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.85.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-85-17.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
09ae8688aa2523485866a39a8a471425f093a71921e8f4663c79e4443ebe48a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
gzip
server
istio-envoy
content-type
application/javascript
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
217
x-request-id
4bd06ca9ded5cb271fe233ae512d627e
si
googleads.g.doubleclick.net/pagead/drt/ Frame E955
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

date
Mon, 19 Sep 2022 16:51:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:04:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2834
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 19 Sep 2022 17:04:14 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.wired.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/8791227504416744796/ Frame E955 		112 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8791227504416744796/downsize_200k_v1?sqp=4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8&rs=AOga4qmreDCp7eRqpy1kb01o4USYXih3oA
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208242209000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02489ae657df8d2ea01ad71f7365f3b63371182e66334a8243a7d20c5b122abb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:10:26 GMT
x-content-type-options
nosniff
age
2462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115009
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 10:12:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Sep 2023 16:10:26 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E955 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208242209000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 17:44:07 GMT
x-content-type-options
nosniff
server
cafe
age
83241
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 19 Sep 2022 17:44:07 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E955 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208242209000/amp4ads-v0.mjs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Sun, 18 Sep 2022 18:14:52 GMT
x-content-type-options
nosniff
server
cafe
age
81396
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 19 Sep 2022 18:14:52 GMT
box-69edcc3187336f9b0a3fbb4c73be9fe6.html
vars.hotjar.com/ Frame 6763 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1537182.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.128.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-128-58.jfk50.r.cloudfront.net
Software
/
Resource Hash
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
1064060
cache-control
max-age=31536000
content-encoding
br
content-length
1044
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 07 Sep 2022 09:17:08 GMT
etag
"f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified
Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security
max-age=604800; includeSubDomains
vary
Accept-Encoding
via
1.1 6d9771d39a0475d92b50bdd9caae11c2.cloudfront.net (CloudFront)
x-amz-cf-id
7xNgfQQsBSgCNlW92tbYszghYGI2U7S0YuROwzcOKxPj1hz9BUJITA==
x-amz-cf-pop
JFK50-P4
x-cache
Hit from cloudfront
x-robots-tag
none
hadron.js
cdn.hadronid.net/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?partner_id=57&sync=1&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/57
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:49e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c409ce9996191eed195e4864d7f28d25ab2b09331b26a86a364fe6c39652a0e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4866
cf-polished
origSize=67673
x-amz-request-id
J55K5FCSV4BEXT54
x-amz-id-2
8Sa/i/3omyET693ZaPcJerg9AtRH04cTBypFr3NXjBtiF+Eu0qzNRHpBKJ+1l76nMHrWJp8Z8CA=
last-modified
Wed, 14 Sep 2022 11:28:37 GMT
server
cloudflare
etag
W/"c1e02d20b59c5e6be99052938e83c4db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2BdNg7VUh%2BnPRlwguOuGhI%2BDhF8sxxtj1cifeWIf7x9v7IJV6u5Qr2W9Xch9pZWTrB1OE8XSMgl%2BqO2QoYEjIh8iRlXQDR03fr4b%2Bld2%2BbtycQDJb4BcYUj3Gafs2SOSEI7s%2BxK7YCmqrJ81BhI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600
cf-ray
74d3d3880deb4bd6-YUL
cf-bgj
minify
57
p.ad.gt/api/v1/p/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/57
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.10.58 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-10-58.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
db17b76020ac9ac2f859b55338c32255277124c9c3dae380c1bebda7242d4ff9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 16:29:44 GMT
server
nginx/1.20.0
etag
W/"1663604984.0-43373-2545748540"
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=43200
expires
Tue, 20 Sep 2022 04:51:28 GMT
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=AU1D-0100-001663606289-CCL9X331-CFI9&adnxs_id=$UID&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3DAU1D-0100-001663606289-CCL9X331-CFI9%26adnxs_id%3D%24UID%26gdpr%3D0
  • https://ids.ad.gt/api/v1/match?id=AU1D-0100-001663606289-CCL9X331-CFI9&adnxs_id=1122792427392432315&gdpr=0
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001663606289-CCL9X331-CFI9&adnxs_id=1122792427392432315&gdpr=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:29 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 04:51:29 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:28 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
7c2df69a-f2cf-49b8-9287-f8e7289094d4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ids.ad.gt/api/v1/match?id=AU1D-0100-001663606289-CCL9X331-CFI9&adnxs_id=1122792427392432315&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&ttd_puid=AU1D-0100-001663606289-CCL9X331-CFI9&gdpr=0
  • https://ids.ad.gt/api/v1/t_match?tdid=0865b44e-ac90-4c50-9150-a860aeafacdf&id=AU1D-0100-001663606289-CCL9X331-CFI9
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=0865b44e-ac90-4c50-9150-a860aeafacdf&id=AU1D-0100-001663606289-CCL9X331-CFI9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:29 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 04:51:29 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:28 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=0865b44e-ac90-4c50-9150-a860aeafacdf&id=AU1D-0100-001663606289-CCL9X331-CFI9
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001663606289-CCL9X331-CFI9
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3DAU1D-0100-001663606289-CCL9X331-CFI9
  • https://ids.ad.gt/api/v1/pbm_match?pbm=3F82CC2E-5652-4C90-8D87-EF1F7E368CE5&id=AU1D-0100-001663606289-CCL9X331-CFI9
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=3F82CC2E-5652-4C90-8D87-EF1F7E368CE5&id=AU1D-0100-001663606289-CCL9X331-CFI9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:29 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 04:51:29 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=3F82CC2E-5652-4C90-8D87-EF1F7E368CE5&id=AU1D-0100-001663606289-CCL9X331-CFI9
date
Mon, 19 Sep 2022 16:51:28 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=AU1D-0100-001663606289-CCL9X331-CFI9
  • https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001663606289-CCL9X331-CFI9&google_gid=CAESEMHASjf-ch9zpH_JVjxfJCA&google_cver=1&google_ula=450542624,0
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001663606289-CCL9X331-CFI9&google_gid=CAESEMHASjf-ch9zpH_JVjxfJCA&google_cver=1&google_ula=450542624,0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:29 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 04:51:29 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ids.ad.gt/api/v1/g_match?id=AU1D-0100-001663606289-CCL9X331-CFI9&google_gid=CAESEMHASjf-ch9zpH_JVjxfJCA&google_cver=1&google_ula=450542624,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=AU1D-0100-001663606289-CCL9X331-CFI9
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2MzYwNjI4OS1DQ0w5WDMzMS1DRkk5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2MzYwNjI4OS1DQ0w5WDMzMS1DRkk5
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H3
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=QVUxRC0wMTAwLTAwMTY2MzYwNjI4OS1DQ0w5WDMzMS1DRkk5
Date
Mon, 19 Sep 2022 16:51:28 GMT
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Length
473
Content-Type
text/html; charset=utf-8
openx
ids.ad.gt/api/v1/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3DAU1D-0100-001663606289-CCL9X331-CFI9%26auid%3DAU...
  • https://ids.ad.gt/api/v1/openx?openx_id=acb95575-c1ff-4a4b-b729-b89a26702619&id=AU1D-0100-001663606289-CCL9X331-CFI9&auid=AU1D-0100-001663606289-CCL9X331-CFI9
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/openx?openx_id=acb95575-c1ff-4a4b-b729-b89a26702619&id=AU1D-0100-001663606289-CCL9X331-CFI9&auid=AU1D-0100-001663606289-CCL9X331-CFI9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:29 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 04:51:29 GMT

Redirect headers

date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ids.ad.gt/api/v1/openx?openx_id=acb95575-c1ff-4a4b-b729-b89a26702619&id=AU1D-0100-001663606289-CCL9X331-CFI9&auid=AU1D-0100-001663606289-CCL9X331-CFI9
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
rub_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://token.rubiconproject.com/token?pid=50242&puid=AU1D-0100-001663606289-CCL9X331-CFI9&gdpr=0
  • https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001663606289-CCL9X331-CFI9&rub=L8908AYG-I-95TU&gdpr=0
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001663606289-CCL9X331-CFI9&rub=L8908AYG-I-95TU&gdpr=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:29 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 04:51:29 GMT

Redirect headers

Location
https://ids.ad.gt/api/v1/rub_match?id=AU1D-0100-001663606289-CCL9X331-CFI9&rub=L8908AYG-I-95TU&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
adb_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=AU1D-0100-001663606289-CCL9X331-CFI9&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3DAU1D-0100-001663606289-CCL9X3...
  • https://ids.ad.gt/api/v1/adb_match?adb=22725597434185837671267853816245447519&id=AU1D-0100-001663606289-CCL9X331-CFI9
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/adb_match?adb=22725597434185837671267853816245447519&id=AU1D-0100-001663606289-CCL9X331-CFI9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:29 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 04:51:29 GMT

Redirect headers

DCS
dcs-prod-usw2-1-v038-0946b6071.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
5lwkuRSJQsQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://ids.ad.gt/api/v1/adb_match?adb=22725597434185837671267853816245447519&id=AU1D-0100-001663606289-CCL9X331-CFI9
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
mediamath_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3DAU1D-0100-001663606289-CCL9X331-CFI9
  • https://ids.ad.gt/api/v1/mediamath_match?user_id=bb286328-9e11-4a00-80eb-6728c1b98f08&id=AU1D-0100-001663606289-CCL9X331-CFI9
43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/mediamath_match?user_id=bb286328-9e11-4a00-80eb-6728c1b98f08&id=AU1D-0100-001663606289-CCL9X331-CFI9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:29 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 04:51:29 GMT

Redirect headers

Date
Mon, 19 Sep 2022 16:51:29 GMT
Server
MT3 4505 5b23575 master ord-pixel-x48 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ids.ad.gt/api/v1/mediamath_match?user_id=bb286328-9e11-4a00-80eb-6728c1b98f08&id=AU1D-0100-001663606289-CCL9X331-CFI9
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 16:51:28 GMT
ip_match
ids.ad.gt/api/v1/ 		0
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/ip_match?id=AU1D-0100-001663606289-CCL9X331-CFI9
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:29 GMT
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&app=playerservice&cCh=videos%2Fshow&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&pID=&sID=&uId=&xid=0a128167-d05b-4a5a-ae1f-67013865e3d9&_ts=2022-09-19T16%3A51%3A28.600Z&_c=error&_t=PrebidError&dim1=%7B%22errorData%22%3A%7B%22body%22%3A%5B%5D%7D%7D&dim3=Empty
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
sf-ui-display-medium-webfont.woff2
d2c8v52ll5s99u.cloudfront.net/assets/fonts/ Frame A073 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-ad5233f92eb6f9be19d0.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-104.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

Referer
https://d2c8v52ll5s99u.cloudfront.net/player/player-style-ad5233f92eb6f9be19d0.css
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
ETag
"7d18db04f980971f2a9c5026bbc34bed"
X-Amz-Cf-Pop
PHL50-C1
X-Cache
RefreshHit from cloudfront
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
29632
Access-Control-Allow-Origin
*
Last-Modified
Mon, 26 Jun 2017 15:24:42 GMT
Server
AmazonS3
Date
Mon, 19 Sep 2022 16:51:29 GMT
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff2
Via
1.1 64aebd154b6045af00c94ad9d2ff49f2.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
Accept-Ranges
bytes
X-Amz-Cf-Id
i1uuxXz2Pw214n4xZhEr025AVDuC5ik9VNhyIuBN-srALBNnOzw_GQ==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
bridge3.531.0_en.html
imasdk.googleapis.com/js/core/ Frame 4514 		638 KB
207 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.531.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::200a Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88d739f667b9df4d11c027da7b5a61816b796d2d9e217c87100fd48daff232e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
358411
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
211701
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Thu, 15 Sep 2022 13:17:57 GMT
expires
Fri, 15 Sep 2023 13:17:57 GMT
last-modified
Thu, 15 Sep 2022 13:10:36 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame A073 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2006 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Sep 2022 16:51:29 GMT
fbevents.js
connect.facebook.net/en_US/ Frame A073 		101 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26839
x-xss-protection
0
pragma
public
x-fb-debug
AtRi5RKADOWaDx+oSeU1xFzsxB82Ws2BkUsmvBhCQm+UPZzbwqQy+UMApHJgrzPHtjZQclj87y4erlBm8DU2UQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 16:51:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
comscore-min.js
d2c8v52ll5s99u.cloudfront.net/player/ Frame A073 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/comscore-min.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-104.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 24 May 2017 18:19:15 GMT
Server
AmazonS3
Age
107
ETag
W/"054acb6fbd2b2a6c1ac561705bffb0cc"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 4f7671bb51952e26d4af9f468d98bc84.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Mon, 19 Sep 2022 16:49:43 GMT
X-Amz-Cf-Pop
PHL50-C1
X-Amz-Cf-Id
D-fNoNik6zqb4sygBCiCBuybCYk9Fy89BKfoiM1MnwzetMsL6aQP9Q==
destination
www.googletagmanager.com/gtag/ 		174 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-P1P55J3LNW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5HBJC2K&l=dataLayer
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2008 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b83b502fcb066ff59711d2e82d691421a44a0216e2a442545e3232a32a739604
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65464
x-xss-protection
0
expires
Mon, 19 Sep 2022 16:51:28 GMT
track
capture.condenastdigital.com/ Frame A073 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-09-19T16%3A51%3A28.604Z&_c=&_t=Player%20Requested&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ Frame A073 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-09-19T16%3A51%3A28.728Z&_c=initial&_t=gptData&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&dim1=%7B%22adBlocked%22%3Afalse%2C%22adUnits%22%3A%5B%223379%2Fconde.wired%2Finterstitial%2Fsecurity%2Farticle%2F1%22%2C%223379%2Fconde.wired%2Fhero%2Fsecurity%2Farticle%2F1%22%2C%223379%2Fconde.wired%2Frail%2Fsecurity%2Farticle%2F1%22%2C%223379%2Fconde.wired%2Frail%2Fsecurity%2Farticle%2F2%22%2C%223379%2Fconde.wired%2Fmid-content%2Fsecurity%2Farticle%2F1%22%2C%223379%2Fconde.wired%2Ffooter%2Fsecurity%2Farticle%2F1%22%2C%223379%2Fconde.wired.native%2Faside%2Fsecurity%2Farticle%2F1%22%2C%223379%2Fconde.wired.native%2Fin-content%2Fsecurity%2Farticle%2F1%22%2C%223379%2Fconde.wired.native%2Fread-more%2Fsecurity%2Farticle%2F1%22%5D%2C%22embedLocation%22%3A%22wired%22%2C%22error%22%3A%22%22%2C%22lineItems%22%3A%5B%5D%2C%22publicaEnabled%22%3Afalse%2C%22videoId%22%3A%225f2178a1bcdfff5e2a4786ac%22%7D
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
wired_expert-debunks-cybersecurity-myths.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_wired.png,fl_progressive,g_face,h_450,q_80,w_800/v1596029984/ Frame A073 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_wired.png,fl_progressive,g_face,h_450,q_80,w_800/v1596029984/wired_expert-debunks-cybersecurity-myths.jpg
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-192.phl50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
bb0137567a729cf712624be4ad3500fd341216cc1c9b1faaa451c13d0e899d0b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 64aebd154b6045af00c94ad9d2ff49f2.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
267
X-Cache
Hit from cloudfront
Date
Mon, 19 Sep 2022 16:47:32 GMT
Connection
keep-alive
Content-Length
80073
Last-Modified
Wed, 29 Jul 2020 16:05:27 GMT
Server
Cloudinary
ETag
"f4354f9f8ea51260019fa3df286e428a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control
public, no-transform, max-age=300
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
MF2rhCEhHYDKnf9VsEpxDvRLep5fIa9Kd9E2q8tbNC8QejtJz5du_Q==
sparrow.min.js
pixel.condenastdigital.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.condenastdigital.com/sparrow.min.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/verso/static/chunk.presenter-account-bookmarks~presenter-account-sign-in-help~presenter-articles~presenter-cartoons~pre~bbd46615.d83bc738d5989a410ac9.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cff3ff7513a42187f914df965c0006c8756f549dc13ffb64540767042902a748

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:29 GMT
Content-Encoding
gzip
Age
389539
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
13370
x-amz-id-2
SENHVCtuomdm2Mm3mqd2d5TaZvXtN7y+tX3NqyQzcJZGMI1w5AhAFIHf5woKpMNeAi2X6kBHmcY=
X-Served-By
cache-bwi5179-BWI, cache-yul12826-YUL
Access-Control-Allow-Origin
*
Last-Modified
Mon, 18 Oct 2021 11:33:31 GMT
Server
AmazonS3
X-Timer
S1663606289.289237,VS0,VE0
ETag
"e6b88c6f7c41eb887a206c62c62867a9"
Vary
Accept-Encoding
x-amz-request-id
17RDPM5XDG8GCCK8
Via
1.1 varnish, 1.1 varnish
Expires
Wed, 20 Oct 2021 22:46:55 GMT
Cache-Control
no-cache, public, max-age=604800
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
2, 33554
publishertag.prebid.123.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.123.js
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:29 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:03 GMT
server
nginx
etag
W/"6271101f-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 16:51:29 GMT
p.js
cdn.parsely.com/keys/wired.com/ 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/wired.com/p.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.201.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-201-38.phl50.r.cloudfront.net
Software
nginx /
Resource Hash
e4312f2f537cbd6e153d8426ab167e1537c2aa53c8be4f62f05de9e666155d13

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
public
date
Mon, 19 Sep 2022 08:31:03 GMT
content-encoding
gzip
last-modified
Mon, 17 Jan 2022 22:10:23 GMT
server
nginx
age
30026
etag
W/"61e5e94f-e009"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 613a9db04d23967014b7c42269dc1c12.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-pop
PHL50-C1
x-amz-cf-id
4ssxuKlwm7JBYiKgKGHETYFORJZ2DUVVyykEU5HglUHEotAXSovUKA==
expires
Tue, 20 Sep 2022 08:31:03 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EAB9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEbj4G5Bua10n6M4GepILl0aBAUTqXicas7RHZY_usxgis1DPwwlXBo5s4M20qvNmdBfUO4D_v6U9XqVEqj9UY9dkvg6sGQtlBvGquS9tREuQyzliAowsPa-fcPUcQ6A5d8kYwg0MXPwqGjOr_1FNbivtqCwZ6f9QjmBrlVNazXGL6QPhkY49ELoT5y_38JsWbaFTbXieoFirAVgA3dhE42DhzuoF4cF7PopzCgxq5GYs3sHg_zGNSD2NUI9BUStc6L7DLFlvC_u36eI5zbV1QY4NavMMYcUEm2Mtq9QLxZB_ijWfgmdWAiCwCbsLLw0hdtc22pDUhgUzc5NG9Nw&sai=AMfl-YSHTKlPwRMUXdRpuUo0mQMpNnOMSuCrDq07caMVHX-Whf8aq_9L7__KK76Q3JwMFLo7Hp-xK1UMSxklmlZAQDSbjS0lHjRXOLofwYmSpItpIpuzU7hIYQhsXa0bbolTfyZW1ye-v783rVzO71XBmw&sig=Cg0ArKJSzAW95FHUwYm5EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame EAB9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:47:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
216
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 16:47:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EAB9 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 16:51:28 GMT
moatad.js
z.moatads.com/condenastdfp9588492144/ Frame EAB9 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastdfp9588492144/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.169.173 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-169-173.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0766fb4d61c35d9430ae4d586c07f54b8896b44e26ea5ff8e956bc8510977ee7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:28 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 19:16:07 GMT
server
AmazonS3
x-amz-request-id
RYKNP40RG7358RQ3
etag
"40266e5dba91a04d6dd2c15f2da22c95"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=56991
accept-ranges
bytes
content-length
118003
x-amz-id-2
SodtFStEHvcqaDKmVLKkZkffbAo9qChe/8vaXA+WQkOEKZH1ZvdPxFCVGnE+k5UKg0Cg922giNk=
10232530115121911219
tpc.googlesyndication.com/simgad/ Frame EAB9 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10232530115121911219
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd239cbc31f0976120b6649fe926ccd9f043e8155452b986658ed4bfdcd3471e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Tue, 13 Sep 2022 21:49:50 GMT
x-content-type-options
nosniff
age
500498
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
165676
x-xss-protection
0
last-modified
Thu, 17 Oct 2019 15:26:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Sep 2023 21:49:50 GMT
l
www.google.com/ads/measurement/ Frame EAB9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTZrBlxofR5iyOcvKpEN5-3B8YAk-3FfAXkeI6tJKDQZdBi5h3iee8HKr_stjZYQgZDciaGZIIBQL8UXpR8pJtga78zZg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
p-Jjy-Cyr1NZGRz.gif
pixel.quantserve.com/pixel/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Jjy-Cyr1NZGRz.gif?labels=_campaign.media.Advertiser%20ID.4552798968.Campaign%20ID.3049479530.Line%20Item%20ID.6063859676
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:29 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
17bff89c-bd5e-4418-9a8f-4f512254c851thumbs.mp4
dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/ Frame A073 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/17bff89c-bd5e-4418-9a8f-4f512254c851thumbs.mp4
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-93.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 19 Sep 2022 08:58:03 GMT
Via
1.1 8a0d00c8697029a8a8411a2a06403ade.cloudfront.net (CloudFront)
Last-Modified
Thu, 20 Aug 2020 21:28:00 GMT
Server
AmazonS3
Age
28407
ETag
"1820a1bf25676b1808aaaf9bd9f09bfa"
X-Cache
Hit from cloudfront
Content-Type
video/mp4
Content-Range
bytes 0-1892644/1892645
Connection
keep-alive
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Content-Length
1892645
X-Amz-Cf-Id
1S2o-TvX1KEa76JtWTln0vm8ZIgZNqgbJwoHMwES02RWJxUnYvwlqg==
17bff89c-bd5e-4418-9a8f-4f512254c851thumbs.mp4
dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/ Frame A073 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/17bff89c-bd5e-4418-9a8f-4f512254c851thumbs.mp4
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-93.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Range
bytes=0-

Response headers

Date
Mon, 19 Sep 2022 08:58:03 GMT
Via
1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
Last-Modified
Thu, 20 Aug 2020 21:28:00 GMT
Server
AmazonS3
Age
28407
ETag
"1820a1bf25676b1808aaaf9bd9f09bfa"
X-Cache
Hit from cloudfront
Content-Type
video/mp4
Content-Range
bytes 0-1892644/1892645
Connection
keep-alive
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Content-Length
1892645
X-Amz-Cf-Id
MJPFmqb1lNwPT4soEGUYWQeT1oZemLun-LNlKzTCpqh-Ce26fnXWYQ==
track
capture.condenastdigital.com/ Frame A073 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-09-19T16%3A51%3A28.946Z&_c=Player%20Event&_t=Player%20Loaded&app=playerservice&cBr=wired&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.wired.com%2Fvideo%2Fwatch%2Fexpert-debunks-cybersecurity-myths&cId=5f2178a1bcdfff5e2a4786ac&cKe=cybersecurity%2Ccybersecurity%20expert%2Ccomputer%20hacker%2Chackers%2Chacker%20security%2Cencryption%2Cgoogle%20read%20gmail%2Chackers%20computer%20camera%2Ccomputer%20camera%20hacker%2Chacker%20camera%2Cwired%20hacker%2Chacking%20expert%2Ccyber%20security%2Ccomputer%20security%2Cnetwork%20security%2Cnetwork%20security%20hacker%2Cwired%20network%20security%2Ccomputer%20hackers%2Chackers%20computer%2Csecurity%20wired%2Cwired%20eva%20galperin%2Ceva%20galperin%2Ceva%20galperin%20cybersecurity&cPd=2020-07-29T16%3A00%3A00%2B00%3A00&cTi=Internet%20Expert%20Debunks%20Cybersecurity%20Myths&mDu=684&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&pWw=370&pWh=208.125&xid=0a128167-d05b-4a5a-ae1f-67013865e3d9&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2265a12bc%22%2C%22guid%22%3A%222856c9c3-b4fb-2391-ab6c-7446baec1ca0%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Atrue%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A1221.53125%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22copilotIdOverride%22%2C%22recStrategy%22%3A%22copilotIdOverride%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22disableVastPrefetch%22%3Afalse%2C%22disableVideoPrebid%22%3Afalse%2C%22isRightRail%22%3Atrue%2C%22tabStatus%22%3A%22active%22%2C%22muted%22%3Atrue%2C%22versoContentType%22%3A%22article%22%2C%22videoEmbedPosition%22%3A%22%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3Anull%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=a61a3c7a-01d9-4175-8ab8-7171949de605&contentType=article
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
truncated
/ Frame EAB9 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28ffb5ea569b04f95899c8ef8347d9e5fa36b2680f2f0204fce9d00fff086f86

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
17bff89c-bd5e-4418-9a8f-4f512254c851manifest-ios.m3u8
dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/ Frame A073 		918 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/17bff89c-bd5e-4418-9a8f-4f512254c851manifest-ios.m3u8?videoIndex=0&requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-93.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c87318fef7fcccd15255393146bbaa4ee04652789f1fe500e66367e63eb5f84e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 08:58:03 GMT
Via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
Vary
Accept-Encoding,Origin
Age
28407
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
918
Last-Modified
Thu, 20 Aug 2020 21:25:40 GMT
Server
AmazonS3
ETag
"5829596d56ca8bf69dffc4686d9bc98b"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
X-Amz-Cf-Id
tdhc77OGbwudWjaxq4QFyZ_a_bsrjrzHTM6JAtzn_L03tSfjrTG_7Q==
pr
s.amazon-adsystem.com/v3/ Frame 3835 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
400c4ac48ef958f68885c0e6b8aed771c94f519756df98a70c0acf9fa76b53b5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
2158
Content-Type
text/html;charset=ISO-8859-1
Date
Mon, 19 Sep 2022 16:51:28 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
F2H0RNE94N72X4D3BCZV
view
securepubads.g.doubleclick.net/pcs/ Frame FAB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstuzltnDAdxkXqJadn2TZyBKMAD6lojUagiILAGgip5PANsJNHsEoPPertSJOQfLt_uSS5Ymy7D4XttVrhfTCM3TuzOw4WbeN9v8Jmyz6yJYqh5Uno_J0T5ox3434dWVHPBbRnSqQkfQVOtxn86yVPGZaUS9qxWcOztGL49VpwF5ciehv1zB9ZcJS8T893BU1iRU7BxWmtVikIOn6fCAfD7ZVm4BQmR-9vEdBM9Q69pe-U-cPh1HmootN-VWDNwE9iyERsgNo8dA7dODFJRCt70X14TaX2HcMPqhmrFX9XhEX-F7sxUWCz3uwbkvQlJ4AXdt4KMIHL3vOhpTF7NdA&sai=AMfl-YTBgTRiUvq6LCXugjKrmnNlCvVHyMKPax1w2sbuX7aFGZooNo24CBZRFFkkTO920T2wHsETTPbR6HElUGmqJjXlsn52VVXwzpX_0iujNDQr1W0DgaBCL3FAF_NRE0ahJQJCfSiXEgJyM0Kooetl_A&sig=Cg0ArKJSzDpmcEigkyMfEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame FAB4 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:47:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
217
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 03 Oct 2022 16:47:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FAB4 		141 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44609
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1663155654979086"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 16:51:29 GMT
moatad.js
z.moatads.com/condenastdfp9588492144/ Frame FAB4 		344 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastdfp9588492144/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.169.173 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-169-173.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0766fb4d61c35d9430ae4d586c07f54b8896b44e26ea5ff8e956bc8510977ee7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:29 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 19:16:07 GMT
server
AmazonS3
x-amz-request-id
RYKNP40RG7358RQ3
etag
"40266e5dba91a04d6dd2c15f2da22c95"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=56990
accept-ranges
bytes
content-length
118003
x-amz-id-2
SodtFStEHvcqaDKmVLKkZkffbAo9qChe/8vaXA+WQkOEKZH1ZvdPxFCVGnE+k5UKg0Cg922giNk=
4659236258147346820
tpc.googlesyndication.com/simgad/ Frame FAB4 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/4659236258147346820
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2b85272d85497adf0ce10db07ceb134201005f56861b447b68f6973906b333e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 11:40:01 GMT
x-content-type-options
nosniff
age
18688
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115243
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 08:25:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Sep 2023 11:40:01 GMT
l
www.google.com/ads/measurement/ Frame FAB4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmCcSe8MWHsjC0Mb-AsrNNl_2PeYjggGYSZNkbp_vwxekDWlw401ctzhgkUhDlNXC0DEwEBjyd_U-Ss7i4cPalcVsdew
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
p-Jjy-Cyr1NZGRz.gif
pixel.quantserve.com/pixel/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Jjy-Cyr1NZGRz.gif?labels=_campaign.media.Advertiser%20ID.4552798968.Campaign%20ID.3085193247.Line%20Item%20ID.6114177034
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:29 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
truncated
/ Frame FAB4 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd78f33dbc5d687cd776a1d39393be4d3f7f1be334612ce6f5852937a4b4175a

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type
image/png
e929f167-a6e1-451f-bb6a-1d5c06dacfb6
https://www.wired.com/ Frame A073 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.wired.com/e929f167-a6e1-451f-bb6a-1d5c06dacfb6
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
20e74b9a708a64d7a66a3e3a0aa57ce43513e1e19d0b2cde757260d5a1da2457

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
4973
Content-Type
application/javascript
1c17ba9f-b135-4056-bc53-bfd835b78d82
https://www.wired.com/ Frame A073 		68 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.wired.com/1c17ba9f-b135-4056-bc53-bfd835b78d82
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
246f4254dc2c80b2aa63d488a6aca92b3d7e29c4bc60efbd0f3e8397a63c9fd2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
70012
Content-Type
application/javascript
5ef79a42-97b0-4535-830c-c348580c27e1
https://www.wired.com/ Frame A073 		68 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.wired.com/5ef79a42-97b0-4535-830c-c348580c27e1
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
246f4254dc2c80b2aa63d488a6aca92b3d7e29c4bc60efbd0f3e8397a63c9fd2

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Length
70012
Content-Type
application/javascript
publisher:getClientId
ampcid.google.ca/v1/ 		3 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 16:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.wired.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
pixel
pxl.qccerttest.com/ 		35 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=857421440;fpan=1;fpa=P0-1004448029-1663606289083;pbc=56557349-e1f4-4a40-be04-64225528dae0;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;us_privacy=1---;d=wired.com;dst=0;et=1663606289082;tzo=0;url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204;ogl=description.An%20alleged%20teen%20hacker%20claims%20to%20have%20gained%20deep%20access%20to%20the%20company%E2%80%99s%20system%2Cimage.https%3A%2F%2Fmedia%252Ewired%252Ecom%2Fphotos%2F6324bd9ac4d3ebc9237bc60e%2F191%3A100%2Fw_1280%252Cc_limit%2FU%2Csite_name.WIRED%2Ctitle.The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%2Ctype.article%2Curl.https%3A%2F%2Fwww%252Ewired%252Ecom%2Fstory%2Fuber-hack-mfa-phishing%2F
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21dd:b200:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 06:12:54 GMT
via
1.1 b759e26bde22770788987f2078515d9a.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
38316
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
EWR53-C2
accept-ranges
bytes
x-amz-cf-id
DtCVkk3EH-wV5NWfVi7RkcG54f3jX1sW3kLDCW08XCM0YEkZ6L2Dmg==
pixel;r=1933741046;labels=Culture.Wired.security.national%20security;source=gtm;rf=0;a=p-Jjy-Cyr1NZGRz;url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1933741046;labels=Culture.Wired.security.national%20security;source=gtm;rf=0;a=p-Jjy-Cyr1NZGRz;url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204;uht=2;fpan=0;fpa=P0-1004448029-1663606289083;pbc=56557349-e1f4-4a40-be04-64225528dae0;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;us_privacy=1---;ref=;d=wired.com;dst=0;et=1663606289090;tzo=0;ogl=description.An%20alleged%20teen%20hacker%20claims%20to%20have%20gained%20deep%20access%20to%20the%20company%E2%80%99s%20system%2Cimage.https%3A%2F%2Fmedia%252Ewired%252Ecom%2Fphotos%2F6324bd9ac4d3ebc9237bc60e%2F191%3A100%2Fw_1280%252Cc_limit%2FU%2Csite_name.WIRED%2Ctitle.The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%2Ctype.article%2Curl.https%3A%2F%2Fwww%252Ewired%252Ecom%2Fstory%2Fuber-hack-mfa-phishing%2F;ses=55d6cf73-2db6-4ff7-ae39-f7daa5a1e259
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:a021:b886:81cc:55cf , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:29 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
analytics.tiktok.com/api/v2/ 		0
687 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1IQID9FKFK1PHD4UBH0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.248.26 Edison, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-49-248-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
212b129.7824d66b
date
Mon, 19 Sep 2022 16:51:29 GMT
x-cache-remote
TCP_MISS from a184-51-148-173.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-40-19-26.deploy.akamaitechnologies.com (AkamaiGHost/10.9.3-43949849) (-)
x-parent-response-time
32,23.40.19.26
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=26, inner; dur=15
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20220919165129DDCD8AB05C14DED67DC9
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
27,184.51.148.173
x-tt-trace-host
01e9de859ad2e33abbaf7df8cd5e2b0decb096a21aed5e407059b6408ec521d2d7a6c5cea1ac9561638e5e0f0fc11ac8a73e398e35cc0a0ef252e9056b04da361e0918c8da126ad960dc1df570f8f8da4d6ea4ef0812091939d9a0e070b9df0caa
expires
Mon, 19 Sep 2022 16:51:29 GMT
onsite_7818f2bd337df9f3f46e497bb695400f.br.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		158 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite_7818f2bd337df9f3f46e497bb695400f.br.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_89ceea329a99e3935afd4105c6694d4b.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
6e4de4e2365a4b8d592875694220f3a355404793ded47e557e320f2165abaaf0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Thu, 15 Sep 2022 14:57:15 GMT
content-encoding
br
age
352454
x-guploader-uploadid
ADPycdu9Fi5NrQHb-E5WWV1mspE1bOyncK2DvfYGfobXUi11y1dVCTQ8pDG38zCCUX99Uizyb2qAjoKLsBDXBGD2rzqLTHVQgJYl
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34463
last-modified
Thu, 15 Sep 2022 14:56:58 GMT
server
UploadServer
etag
"eb031a841de8ca5a3f9fc6d7449b3b57"
x-goog-hash
crc32c=Y4XqIw==, md5=6wMahB3oylo/n8bXRJs7Vw==
x-goog-generation
1663253818627524
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
34463
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 15 Sep 2023 14:57:15 GMT
/
www.facebook.com/tr/ 		44 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=228464857488266&ev=PageView&dl=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&rl=&if=false&ts=1663606289223&cd[SiteSection]=security&cd[SubSection]=national%20security&cd[PageTags]=security%7Cnational%20security%7Chacking%7Cvulnerabilities%7Cuber%7Ctextaboveleftsmall&cd[Brand]=Wired&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.1.1663606289202.322695493&ic=fbpixel&it=1663606288290&coo=false&dpo=&rqm=GET
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Mon, 19 Sep 2022 16:51:29 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame A073 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x360|480x70&iu=/3379/conde.wired/rail-player/security/article&ciu_szs=300x60&gdfp_req=1&env=vp&output=vmap&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%252Cgv_death_injury%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Dmt_article_two_column%26content_type%3Darticle%26ctx_page_channel%3Dsecurity%26ctx_page_sub_channel%3Dnational-security%26sub_sub_channel%3D%26env_server%3Dproduction%26ctx_cns_version%3D6.62.7%26ctx_page_slug%3Duber-hack-mfa-phishing%26cnt_copilotid%3D632496798990652479ff3877%26cnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%26fastly_geo%3Dca%26pageview_id%3D3138407518%26usr_bkt_eva%3D24%26usr_bkt_ses%3D29%26usr_bkt_pv%3D89%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26usr_segments%3Dco.w2238%26cn_metrics%3Dcmr_high%26vnd_prx_segments%3D121100%252C131100%252C131127%252C230004%252C230017%252C230103%252C230133%252C230163%252C230016%252C230160%252C603525%252C300003%252C210001%252C240000%252C240002%252C240003%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240015%252C240018%252C240019%252Cmiovit%252Ceuwba9%252Czlqtg4%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_entities%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_keywords%3Duber%252Chacker%252Cauthentication%252Cattacker%252Cbreach%252Csystem%252Cnotification%252Caccess%252Czatko%252Ccybersecurity%252Cattack%252Chack_devastation%252Cresearcher%252Csecurity_engineer%252Cservice%252Ctwitter%252Cthursday_evening%252Ccompany%252Cthe_new_york_times%252Ccedric_owens%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D0a128167-d05b-4a5a-ae1f-67013865e3d9%26ctx_line_items%3D%26timeout%3D500%26height%3D208%26muted%3D1%26right_rail%3D1%26sensitive%3D0%26series%3D5fb2bd3b38d0691c16e0f5de%26width%3D370%26feature_flags%3Dsticky-player-rail&correlator=2483420307513779&description_url=https%3A%2F%2Fwww.wired.com%2Fvideo%2Fwatch%2Fexpert-debunks-cybersecurity-myths&vid=5f2178a1bcdfff5e2a4786ac&cmsid=1495&ppid=0a128167d05b4a5aae1f67013865e3d9
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b74b0a64de965dab6e2f2db25d4f7384ae500560c92750c3c70245b368df708d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1633
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
17bff89c-bd5e-4418-9a8f-4f512254c851file-1422k-128-48000-768.m3u8
dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/ Frame A073 		9 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/17bff89c-bd5e-4418-9a8f-4f512254c851file-1422k-128-48000-768.m3u8
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-93.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c603917a1f98cbd38c3fd21ed961ebdf78b2bf8a7c783794da68b325769ed437

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 10:23:00 GMT
Content-Encoding
gzip
Vary
Accept-Encoding,Origin
Age
23310
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Thu, 20 Aug 2020 21:29:45 GMT
Server
AmazonS3
ETag
W/"a09f47aa78d4ad2b18f0b547beb9a9e1"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
PHL50-C1
X-Amz-Cf-Id
7DH0OxEQDA4YBNUtB1NBHulASW0JruoHiCYeB-8TVbzTq-4j5I-4Qw==
usermatch
ssum-sec.casalemedia.com/ Frame E08C
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a86466964703b80f34f92b9b005722659ec8ece6e37664e230ec7bc42111bf4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74d3d38dc972a24d-YYZ
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 16:51:29 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCHHd%2BxFbe98b1%2BBwF8bKr89reMkbgYRvMKjaNo0BgKrpIJR%2BQ8jLeW%2BOoAOon%2Feh79WvQsMVXM4Chn6gwDLOTHJGOawTTJgdyApnh0GrP2EEC3IMx5XPbD7f3BDper5rlPMmAeaHzPDEA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74d3d38d29e9a229-YYZ
content-length
0
date
Mon, 19 Sep 2022 16:51:29 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Hw%2FOy6pXPTQ2XAHjPFLKwjGFH1ow4anUWcX6Op8dFSJKxPNtAdnsDkVy8MrLPIp5FZ%2Fc5ypjEujrIYSNw3zwougrNaiu3yZKA0efcVVlXRzCHG20OiUW%2F26ZPGQ%2FfR3k%2BZ7yigT8DZFaw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0BFE 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 16:51:29 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame F93E
Redirect Chain
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
  • https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
828 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
7caf70837b622f5e2ef8d145b2cc7c468f79a0d886fe577c1462cc951456b2e8
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
content-length
828
content-type
text/html;charset=iso-8859-1
cw-server
bh-deployment-75d8c985f8-xdl4g
expires
-1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000

Redirect headers

cache-control
private, max-age=0, no-cache, no-store
content-language
en-CA
cw-server
bh-deployment-75d8c985f8-xdl4g
expires
-1
location
/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 5028
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1yOWE4aHVwRTJ1TEsxdWRQSlVHeUpRQklER0wzY3RjUX5B
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1yOWE4aHVwRTJ1TEsxdWRQSlVHeUpRQklER0wzY3RjUX5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 16:51:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
3C1Q3G3YJZX0MVZZG2G8

Redirect headers

age
0
content-length
0
date
Mon, 19 Sep 2022 16:51:29 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1yOWE4aHVwRTJ1TEsxdWRQSlVHeUpRQklER0wzY3RjUX5B
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.25
strict-transport-security
max-age=31536000
cm
u.openx.net/w/1.0/ Frame C538 		722 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
09653a67a8762f5911118dd64f942cd513d30285c9b224f0fa4bbc264de79342

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
460
content-type
text/html
date
Mon, 19 Sep 2022 16:51:29 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ecm3
s.amazon-adsystem.com/ Frame 66AD
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=27208953193559021&gdpr=0&gdpr_consent=
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=27208953193559021&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 16:51:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
8JND6YT96RH5XH2TP16E

Redirect headers

content-length
0
date
Mon, 19 Sep 2022 16:51:28 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=27208953193559021&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 75E6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=1122792427392432315&ex=appnexus.com
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=1122792427392432315&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 16:51:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
3PZ3E6F1Y3FYMR2PSPAY

Redirect headers

AN-X-Request-Uuid
ddef6883-5ca3-495f-988f-d44e5db4567b
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Mon, 19 Sep 2022 16:51:29 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://s.amazon-adsystem.com/ecm3?id=1122792427392432315&ex=appnexus.com
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
X-XSS-Protection
0
ecm3
s.amazon-adsystem.com/ Frame C519
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3034631852098996955838
43 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3034631852098996955838
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 19 Sep 2022 16:51:29 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
x-amz-rid
9FGJVAR24WESJT834MYW

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Mon, 19 Sep 2022 16:51:29 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3034631852098996955838
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
151 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-8293713-27&cid=137948537.1663606287&jid=980743957&gjid=880439785&_gid=1249916908.1663606289&_u=aChAiUAjBAQCAE~&z=771104328
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 19 Sep 2022 16:51:29 GMT
content-type
text/plain
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
hadron.json
id.hadron.ad.gt/v1/ 		75 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?partner_id=57&sync=1&domain=www.wired.com
Requested by
Host:
URL: webpack:///./hadron_id_submodule/src/js/utils.js?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.56.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-56-16.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
013694a42f9917dbf4ebba3cd8c1924c763856eefa56e5deaa140bb8688ee6c0

Request headers

Access-Control-Allow-Origin
*
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin
https://www.wired.com
date
Mon, 19 Sep 2022 16:51:29 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.20.0
vary
Origin
content-type
application/json
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?partner_id=57&sync=1&domain=www.wired.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.56.16 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-56-16.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin
Access-Control-Request-Method
GET
Origin
https://www.wired.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
access-control-allow-origin
access-control-allow-methods
DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin
https://www.wired.com
content-encoding
gzip
content-type
application/json
date
Mon, 19 Sep 2022 16:51:29 GMT
server
nginx/1.20.0
vary
Origin
collect
analytics.google.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-P1P55J3LNW&gtm=2oe9e0&_p=1770785891&_gaz=1&cid=137948537.1663606287&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&dl=%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&dr=%2F&sid=1663606289&sct=1&seg=0&dt=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-P1P55J3LNW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P1P55J3LNW&cid=137948537.1663606287&gtm=2oe9e0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-P1P55J3LNW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P1P55J3LNW&cid=137948537.1663606287&gtm=2oe9e0&aip=1&z=1231370294
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame FAB4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvESu_0Hs8YIxGBsfXI5R77dXWlJl4GVDaYD6ESmBi2Xhjmncq5F3BCG7qpY4uace0LMQ6dUXscM7DqorLlkpqnQgQwACQV5Z1pUA5wIOGhWTqV1cBAZ3HDchNINuVwx7NS34m0CqAmnpHUr1X-Hx-4jctryTvlTb90aEb8rJiZnTgJOoLRFSKv_RU4e8LBxyeHat39p8XQ2BKtQHS8_kJRI46zxGc4e1GeW3ISqPxuNd7wUvQlk2v4F57hBRjjhTPgIkP5HBU5u5Vaz_I-_EiC6QBFPz0YYE7wtQ4icK1GfyPe75K5ZDlkXx-heYFY3QMmGZk6AiPyeQu3E8bwzLJC&sai=AMfl-YSGHy4MfLANlzJCcxGWBmnAK-ueocme5SqHXeomj4e4jgsvBcTXzavAplHYtisTW2lVvZDH1wilzxOVIBCi3KPtXDWgM3jBNldE1CvagMmnLO36Lt-E7m09rfR3CPwMrPwsU-L3F2XUcF1Y63e9kA&sig=Cg0ArKJSzPkOQtbB80WREAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 19 Sep 2022 16:51:29 GMT
ibs:dpid=21&dpuuid=214710604279353554177
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=22725597434185837671267853816245447519
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=214710604279353554177
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=21&dpuuid=214710604279353554177
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0c57a06f3.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
cLNGshLOT1k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:29 GMT
via
1.1 d9b04a822e1c215374729ec159356140.cloudfront.net (CloudFront)
server
AAWebServer
x-amz-cf-pop
JFK50-P2
location
https://dpm.demdex.net/ibs:dpid=21&dpuuid=214710604279353554177
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-cache
Miss from cloudfront
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
x-amz-cf-id
2vBLKrDeTt1085S3bb0kGx7vyy_inEp4Z9uqKxQVJLMm-z9rzkvWnw==
expires
0
1663130473914833
connect.facebook.net/signals/config/ Frame A073 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1663130473914833?v=2.9.83&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f03a:1c:face:b00c:0:3 Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ad08f9cbf7e18a3158d8668c359fb7708e58c35d3b54c68c51486c43f483f40a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
86250
x-xss-protection
0
pragma
public
x-fb-debug
SN4yVoB4ad5x1idGKjs2gv5tObraCUQyUNHP1Hivb7Ozi+Iqbk923IR49PMOdEW5k1GftLlPx4dNFztnZwOpzQ==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Mon, 19 Sep 2022 16:51:29 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EAB9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuDU-Ok9s6GCUb1ZcVuETso_hN41hLD5LWR_0U4PS_UUBVJduWclGLzk8BUPUgTWNLGTUHDHlPqsjI7_pv72mjkFpMEpwWVVihPh1WReFgLQ1iLO1gVwlp2_oLifwBk5HioSHdwyleS-v_79xzRYL8PN73mH1l-qgRjO1E_v3D-za7A-agjn2lmoGi0BT7-rZx6s2mmy0ZMqNXgEnYyasQtCx5t-wA6BEUyABn0TNfLhHeU4IxSKP_3CBPFksflMEXQc9VUdzASbJqfd6zpuzOt-k_-yQdI7VKxINAteotC0IJ1avq8a1EKdhvcPukYfAGMiWJHUEHzTbvXCwDGT0tW&sai=AMfl-YRz4i_2HVZf7K7ADoOC2iKmHKZNXGsY42tEoldpE1O69E2oDOjghpGfStl_rs8STJ0cw6oHQSYPZfEsuipNdUzkqrYAY3BaabsRqpLT5bsLYyaoB0KS1FJb6R0N5OrOdS1yEOZx12lI7Iu4qdcKxQ&sig=Cg0ArKJSzD-nwP8N4ZSlEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:822::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 19 Sep 2022 16:51:29 GMT
collect
a.ad.gt/api/v1/ 		0
102 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/collect
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.191.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-191-126.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://www.wired.com
date
Mon, 19 Sep 2022 16:51:29 GMT
server
nginx/1.20.0
vary
Origin
getpixels
pixels.ad.gt/api/v1/ 		0
52 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=dd5b710802a24765cb9b27fa45eac5c5&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.200.124.182 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-200-124-182.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:29 GMT
server
nginx/1.20.0
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:41:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
617
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 19 Sep 2022 17:41:12 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:20:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
1848
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 19 Sep 2022 17:20:41 GMT
v1
mb.moatads.com/ot/ 		47 B
219 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/ot/v1?url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&pcode=moatot&ord=1663606289535&jv=432655125&callback=OneTagNadoscallback_79023390
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/condenastdfp9588492144/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.5.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-5-69.compute-1.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
70def53ed8e66b6d1e54c73da90dbdf5cee709388e77d7a2c200c1ce809e6a61

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:29 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"9b8341dbc56aca53c2ec36b881ea7f9050dce79e"
content-length
47
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=conde.wired.native&zMoatAdUnit2=in-content&zMoatAdUnit3=security&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=9&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F8791227504416744796%2Fdownsize_200k_v1%3Fsqp%3D4sqPyQSLAUKIAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-Mg8I2AQQ2AQYASABLQAAAD8%26rs%3DAOga4qmreDCp7eRqpy1kb01o4USYXih3oA&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wzyHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-0muc80RvHCbFpA%3D%3D&sc=1&os=1-MQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=125&w=125&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&id=1&ii=4&f=0&j=&t=1663606286355&de=368453360370&rx=431404640926&cu=1663606286355&m=3255&ar=5aeef158bee-clean&iw=f9dac89&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6159&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A671%3A671%3A0%3A792&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=286&cd=0&ah=286&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A5276770044%3A138301071698&bo=conde.wired.native&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=200157&na=2118182698&cs=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.169.173 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-169-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:29 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 16:51:29 GMT
moatvideo.js
z.moatads.com/condenastjsvideocontent160527792519/ Frame A073 		321 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastjsvideocontent160527792519/moatvideo.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.169.173 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-169-173.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d2980b54624eb2ecc649343a4eafc6ede027112c1f012cbe6277f9d541048e19

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:29 GMT
content-encoding
gzip
last-modified
Mon, 29 Aug 2022 19:15:13 GMT
server
AmazonS3
x-amz-request-id
RYKTRSQ5P2S6T0BF
etag
"734c5a0c47dee5cfd7c03b627a0eecaa"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=56988
accept-ranges
bytes
content-length
110339
x-amz-id-2
b/GSeMLAv00C6QqIZPASw4tCI/2tGs/diRA48aJCEytwGT0rYbAnMG4zmMh0YbC5iLLzaB+XTIQ=
track
capture.condenastdigital.com/ Frame A073 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-09-19T16%3A51%3A29.638Z&_c=Video%20Ad&_t=Ad%20Call%20Made&app=playerservice&cBr=wired&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.wired.com%2Fvideo%2Fwatch%2Fexpert-debunks-cybersecurity-myths&cId=5f2178a1bcdfff5e2a4786ac&cKe=cybersecurity%2Ccybersecurity%20expert%2Ccomputer%20hacker%2Chackers%2Chacker%20security%2Cencryption%2Cgoogle%20read%20gmail%2Chackers%20computer%20camera%2Ccomputer%20camera%20hacker%2Chacker%20camera%2Cwired%20hacker%2Chacking%20expert%2Ccyber%20security%2Ccomputer%20security%2Cnetwork%20security%2Cnetwork%20security%20hacker%2Cwired%20network%20security%2Ccomputer%20hackers%2Chackers%20computer%2Csecurity%20wired%2Cwired%20eva%20galperin%2Ceva%20galperin%2Ceva%20galperin%20cybersecurity&cPd=2020-07-29T16%3A00%3A00%2B00%3A00&cTi=Internet%20Expert%20Debunks%20Cybersecurity%20Myths&cTy=%2F3379%2Fconde.wired%2Frail-player%2Fsecurity%2Farticle&mDu=684&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&pWw=370&pWh=208.125&xid=0a128167-d05b-4a5a-ae1f-67013865e3d9&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2265a12bc%22%2C%22guid%22%3A%222856c9c3-b4fb-2391-ab6c-7446baec1ca0%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Atrue%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A1221.53125%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22copilotIdOverride%22%2C%22recStrategy%22%3A%22copilotIdOverride%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22disableVastPrefetch%22%3Afalse%2C%22disableVideoPrebid%22%3Afalse%2C%22isRightRail%22%3Atrue%2C%22tabStatus%22%3A%22active%22%2C%22muted%22%3Atrue%2C%22versoContentType%22%3A%22article%22%2C%22videoEmbedPosition%22%3A%22%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22OUT_OF_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=a61a3c7a-01d9-4175-8ab8-7171949de605&contentType=article
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8293713-27&cid=137948537.1663606287&jid=980743957&_u=aChAiUAjBAQCAE~&z=1071008332
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-8293713-27&cid=137948537.1663606287&jid=980743957&_u=aChAiUAjBAQCAE~&z=1071008332
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
heatmap-dynamic-view.090f7af857c058ab40b4.js
script.hotjar.com/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/heatmap-dynamic-view.090f7af857c058ab40b4.js
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d00377d3a043900eb4ef.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-90.phl50.r.cloudfront.net
Software
/
Resource Hash
75c6cc7e4d68b8dec8bb65307a86cea2c0412fdb5d03e77dcf7eb173b78b2209
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 07 Sep 2022 09:17:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
1064061
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=604800; includeSubDomains
content-length
2827
access-control-allow-origin
*
last-modified
Wed, 07 Sep 2022 09:16:56 GMT
etag
"16c693059e6964759ae9d5fdfd5623b0"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 4c18dd7deeecd61e783c74198943db58.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
g5BVO9e2-0Tbz-L_TEjnGHjC1FU9vkeslfJVlNJ-GPPKegaLS36ChQ==
ibs:dpid=269&dpuuid=bb286328-9e11-4a00-80eb-6728c1b98f08&ddsuuid=22725597434185837671267853816245447519
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=22725597434185837671267853816245447519&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d22725597434185...
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=bb286328-9e11-4a00-80eb-6728c1b98f08&ddsuuid=22725597434185837671267853816245447519
42 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=269&dpuuid=bb286328-9e11-4a00-80eb-6728c1b98f08&ddsuuid=22725597434185837671267853816245447519
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcscanary-prod-usw2-1-v048-0dc7c3439.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
9FM+msnJTiA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Mon, 19 Sep 2022 16:51:29 GMT
Server
MT3 4505 5b23575 master ord-pixel-x48 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=269&dpuuid=bb286328-9e11-4a00-80eb-6728c1b98f08&ddsuuid=22725597434185837671267853816245447519
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 16:51:28 GMT
user
4d.condenastdigital.com/ 		67 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4d.condenastdigital.com/user?xid=0a128167-d05b-4a5a-ae1f-67013865e3d9
Requested by
Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.113.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-113-43.compute-1.amazonaws.com
Software
/
Resource Hash
c5b7507a6dd65362434f9b27cc280ef7d4b5c0a7c040c4fae34efc9afa2c622c

Request headers

Accept
text/plain
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:30 GMT
content-encoding
gzip
transfer-encoding
chunked
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://www.wired.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
Connection
keep-alive
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A29.783Z&_t=assigned-experiments&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&uNw=1&uUq=1&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=general&dim1=%7B%22assignments%22%3A%5B%5D%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A29.794Z&_t=in-view&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=verso-pattern-tracking&dim5=%5B%7B%22pattern%22%3A%22ConnectedNavigation%22%7D%5D&dim6=%5B%5D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A29.804Z&_t=in-view&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=verso-pattern-tracking&dim5=%5B%7B%22pattern%22%3A%22ConnectedNavigation%22%7D%2C%7B%22pattern%22%3A%22StandardNavigation%22%7D%5D&dim6=%5B%5D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A29.812Z&_t=in-view&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=verso-pattern-tracking&dim5=%5B%7B%22pattern%22%3A%22ConnectedNavigation%22%7D%2C%7B%22pattern%22%3A%22StandardNavigation%22%7D%2C%7B%22pattern%22%3A%22ConnectedBookmarkAlert%22%7D%5D&dim6=%5B%5D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A29.820Z&_t=in-view&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=verso-pattern-tracking&dim5=%5B%7B%22pattern%22%3A%22ConnectedNavigation%22%7D%2C%7B%22pattern%22%3A%22StandardNavigation%22%7D%2C%7B%22pattern%22%3A%22ConnectedBookmarkAlert%22%7D%2C%7B%22pattern%22%3A%22StickyHeroAd%22%7D%5D&dim6=%5B%5D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A29.828Z&_t=in-view&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=verso-pattern-tracking&dim5=%5B%7B%22pattern%22%3A%22ConnectedNavigation%22%7D%2C%7B%22pattern%22%3A%22StandardNavigation%22%7D%2C%7B%22pattern%22%3A%22ConnectedBookmarkAlert%22%7D%2C%7B%22pattern%22%3A%22StickyHeroAd%22%7D%2C%7B%22pattern%22%3A%22ContentHeader%22%7D%5D&dim6=%5B%5D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A29.833Z&_t=in-view&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=verso-pattern-tracking&dim5=%5B%7B%22pattern%22%3A%22ConnectedNavigation%22%7D%2C%7B%22pattern%22%3A%22StandardNavigation%22%7D%2C%7B%22pattern%22%3A%22ConnectedBookmarkAlert%22%7D%2C%7B%22pattern%22%3A%22StickyHeroAd%22%7D%2C%7B%22pattern%22%3A%22ContentHeader%22%7D%2C%7B%22pattern%22%3A%22TitleBlock%22%7D%5D&dim6=%5B%5D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A29.841Z&_t=in-view&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=verso-pattern-tracking&dim5=%5B%7B%22pattern%22%3A%22ConnectedNavigation%22%7D%2C%7B%22pattern%22%3A%22StandardNavigation%22%7D%2C%7B%22pattern%22%3A%22ConnectedBookmarkAlert%22%7D%2C%7B%22pattern%22%3A%22StickyHeroAd%22%7D%2C%7B%22pattern%22%3A%22ContentHeader%22%7D%2C%7B%22pattern%22%3A%22TitleBlock%22%7D%2C%7B%22pattern%22%3A%22Caption%22%7D%5D&dim6=%5B%5D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A29.852Z&_t=in-view&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=verso-pattern-tracking&dim5=%5B%7B%22pattern%22%3A%22ConnectedNavigation%22%7D%2C%7B%22pattern%22%3A%22StandardNavigation%22%7D%2C%7B%22pattern%22%3A%22ConnectedBookmarkAlert%22%7D%2C%7B%22pattern%22%3A%22StickyHeroAd%22%7D%2C%7B%22pattern%22%3A%22ContentHeader%22%7D%2C%7B%22pattern%22%3A%22TitleBlock%22%7D%2C%7B%22pattern%22%3A%22Caption%22%7D%2C%7B%22pattern%22%3A%22CNEInterludeEmbed%22%7D%5D&dim6=%5B%5D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A29.861Z&_t=pubadsReady&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=ad_metrics&dim1=%7B%22channel%22%3A%22security%22%2C%22platform%22%3A%22verso%22%2C%22template%22%3A%22mt_article_two_column%22%2C%22viewport%22%3A%22desktop%22%2C%22pageContext%22%3A%7B%22channel%22%3A%22security%22%2C%22content%22%3A%7B%22copyCount%22%3A932%2C%22imageCount%22%3A0%2C%22embedCount%22%3A1%2C%22ratio%22%3A932%7D%2C%22contentType%22%3A%22article%22%2C%22experiments%22%3A%7B%7D%2C%22keywords%22%3A%7B%22copilotid%22%3A%5B%22632496798990652479ff3877%22%5D%2C%22platform%22%3A%5B%22verso%22%5D%2C%22tags%22%3A%5B%22security%22%2C%22hacking%22%2C%22vulnerabilities%22%2C%22uber%22%2C%22national-security%22%2C%22Uber%22%5D%7D%2C%22server%22%3A%22production%22%2C%22slug%22%3A%22uber-hack-mfa-phishing%22%2C%22subChannel%22%3A%22national-security%22%2C%22subSubChannel%22%3A%22%22%2C%22templateType%22%3A%22mt_article_two_column%22%7D%2C%22version%22%3A%226.62.7%22%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A29.870Z&_t=renderEnded&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=ad_metrics&dim1=%7B%22channel%22%3A%22security%22%2C%22platform%22%3A%22verso%22%2C%22template%22%3A%22mt_article_two_column%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Atrue%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22interstitial%22%2C%22size%22%3A%22%22%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A29.877Z&_t=renderEnded&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=ad_metrics&dim1=%7B%22channel%22%3A%22security%22%2C%22platform%22%3A%22verso%22%2C%22template%22%3A%22mt_article_two_column%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Atrue%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22read-more%22%2C%22size%22%3A%22%22%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:29 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A29.884Z&_t=renderEnded&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=ad_metrics&dim1=%7B%22channel%22%3A%22security%22%2C%22platform%22%3A%22verso%22%2C%22template%22%3A%22mt_article_two_column%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Atrue%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22aside%22%2C%22size%22%3A%22%22%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:30 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A29.889Z&_t=renderEnded&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=ad_metrics&dim1=%7B%22channel%22%3A%22security%22%2C%22platform%22%3A%22verso%22%2C%22template%22%3A%22mt_article_two_column%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Afalse%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22in-content%22%2C%22size%22%3A%220x0%22%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:30 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A29.896Z&_t=renderEnded&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=ad_metrics&dim1=%7B%22channel%22%3A%22security%22%2C%22platform%22%3A%22verso%22%2C%22template%22%3A%22mt_article_two_column%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Afalse%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22hero%22%2C%22size%22%3A%22728x90%22%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:30 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A29.901Z&_t=renderEnded&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=ad_metrics&dim1=%7B%22channel%22%3A%22security%22%2C%22platform%22%3A%22verso%22%2C%22template%22%3A%22mt_article_two_column%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Afalse%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22rail%22%2C%22size%22%3A%22300x600%22%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:30 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
wired_expert-debunks-cybersecurity-myths.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_wired.png,fl_progressive,g_face,h_450,q_80,w_800/v1596029984/ Frame A073 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_wired.png,fl_progressive,g_face,h_450,q_80,w_800/v1596029984/wired_expert-debunks-cybersecurity-myths.jpg
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-192.phl50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
bb0137567a729cf712624be4ad3500fd341216cc1c9b1faaa451c13d0e899d0b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 1d021a29a760cffd1a9d8324d2bfce92.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
267
X-Cache
Hit from cloudfront
Date
Mon, 19 Sep 2022 16:47:32 GMT
Connection
keep-alive
Content-Length
80073
Last-Modified
Wed, 29 Jul 2020 16:05:27 GMT
Server
Cloudinary
ETag
"f4354f9f8ea51260019fa3df286e428a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control
public, no-transform, max-age=300
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
oxSp5jNv1CeTCcCoSedGLc87TZS-5Gd3DjMWCt1L2e3Ey2PBffSh7g==
ecm3
s.amazon-adsystem.com/ Frame C538 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=dd2f306d-54d9-ce4d-24dc-2e5d593c22fd
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:29 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
C687JYN45FD2Y8AQ1D2Q
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C538
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YyieEAAAAEXCvwNw
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YyieEAAAAEXCvwNw
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663606290.037807,VS0,VE0
x-served-by
cache-yul12826-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YyieEAAAAEXCvwNw
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
113e2a54-d8df-e7fe-d505-ba3fce582454
pr-bh.ybp.yahoo.com/sync/openx/ Frame C538 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/113e2a54-d8df-e7fe-d505-ba3fce582454?gdpr=0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:de18:75cd:f3b9:7bd3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame C538
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=85f94c10-4873-75b7-e4d2-acca310fe91d&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=0865b44e-ac90-4c50-9150-a860aeafacdf&ttd_puid=85f94c10-4873-75b7-e4d2-acca310fe91d&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0865b44e-ac90-4c50-9150-a860aeafacdf&ttd_puid=85f94c10-4873-75b7-e4d2-acca310fe91d&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=0865b44e-ac90-4c50-9150-a860aeafacdf&ttd_puid=85f94c10-4873-75b7-e4d2-acca310fe91d&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame C538 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTk5NjlmZGEtODEwNC0yYjEzLWYxMzItZjY3M2ZiZWQyNzdk
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame C538
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEBruWuxryxewAFHdUHjdBo&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEBruWuxryxewAFHdUHjdBo&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEBruWuxryxewAFHdUHjdBo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 0BFE 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
31248ef830b10ec6779f2693aaa69d3149cf2bb2fe1314cba78f03f7edcf07fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58835
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Tue, 20 Sep 2022 09:12:04 GMT
rtset
bh.contextweb.com/bh/ Frame F93E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=OFhkbkFqMC1heFNZSlNsTmQwbllWUQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEK_y1L8jFfh9vV1HAQ9I_aM&google_cver=1
49 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEK_y1L8jFfh9vV1HAQ9I_aM&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-75d8c985f8-xdl4g
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEK_y1L8jFfh9vV1HAQ9I_aM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame F93E
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=4596cef52eed1495&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAF3tJa18e3-QNrh_d-AAAAAAA&expiration=1663692690&nuid=&is_secure=true
49 B
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAF3tJa18e3-QNrh_d-AAAAAAA&expiration=1663692690&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
H2
Server
198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-75d8c985f8-xdl4g
expires
-1

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAF3tJa18e3-QNrh_d-AAAAAAA&expiration=1663692690&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
ecm3
s.amazon-adsystem.com/ Frame F93E 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=h0chNs6KmCNN&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint&reat=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://bh.contextweb.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:30 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
4YDPAC4JNMGAEZM539J9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
17bff89c-bd5e-4418-9a8f-4f512254c851file-1422k-128-48000-768-00001.ts
dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/ Frame A073 		631 KB
631 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f2178a1bcdfff5e2a4786ac/17bff89c-bd5e-4418-9a8f-4f512254c851file-1422k-128-48000-768-00001.ts
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-5cc57c23969657d0534a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-93.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2a7dab87e27ba551d648c6bbfc6c0411659b50763c1f116558e294f3a8439444

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:31 GMT
Via
1.1 235099561ba63a2b7662a2b20d9ac036.cloudfront.net (CloudFront)
Vary
Accept-Encoding,Origin
X-Amz-Cf-Pop
PHL50-C1
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Content-Length
645968
Last-Modified
Thu, 20 Aug 2020 21:29:35 GMT
Server
AmazonS3
ETag
"3576ccbb1940c61db99c69ed333479d8"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Amz-Cf-Id
aXsF-18Z7SZScYIrIMN5R4GD4lEMQUd_cG_SDtJMzSjIRqe___WgYQ==
halo_match
ids.ad.gt/api/v1/ 		43 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=AU1D-0100-001663606289-CCL9X331-CFI9&halo_id=060fg7fcdlebbd8a8h8fi68bi6fafj9hkdloq2ojk0mggk4e4s4ou04gu0oeow6sy
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f14:426:3f00:f108:c7fb:5062:bafe Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty/1.21.4.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:30 GMT
Cache-Control
public, max-age=43200
Server
openresty/1.21.4.1
Connection
keep-alive
Content-Type
image/gif
Transfer-Encoding
chunked
Expires
Tue, 20 Sep 2022 04:51:30 GMT
wired_expert-debunks-cybersecurity-myths.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_wired.png,fl_progressive,g_face,h_450,q_80,w_800/v1596029984/ Frame A073 		78 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_wired.png,fl_progressive,g_face,h_450,q_80,w_800/v1596029984/wired_expert-debunks-cybersecurity-myths.jpg
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.208.192 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-208-192.phl50.r.cloudfront.net
Software
Cloudinary /
Resource Hash
bb0137567a729cf712624be4ad3500fd341216cc1c9b1faaa451c13d0e899d0b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 64aebd154b6045af00c94ad9d2ff49f2.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
268
X-Cache
Hit from cloudfront
Date
Mon, 19 Sep 2022 16:47:32 GMT
Connection
keep-alive
Content-Length
80073
Last-Modified
Wed, 29 Jul 2020 16:05:27 GMT
Server
Cloudinary
ETag
"f4354f9f8ea51260019fa3df286e428a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control
public, no-transform, max-age=300
X-Amz-Cf-Pop
PHL50-C1
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
0bwAqse0zFnhgJ75sAZSdTTWg12NwoASUW0IeOhdVNHV6fI6XDwIdw==
integrator.js
adservice.google.com/adsid/ Frame A073 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.wired.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:807::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
pixel.gif
load77.exelator.com/ Frame C006
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=22725597434185837671267853816245447519
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=22725597434185837671267853816245447519&xl8blockcheck=1
  • https://load77.exelator.com/pixel.gif
43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Server
2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-77-nzt
AZySJBbpIez/0sEJAA
x-accel-expires
@1664003648
date
Mon, 19 Sep 2022 16:51:30 GMT
etag
"59f0c3fc-2b"
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
x-77-nzt-ray
PvGfEk8EH7g
x-77-cache
HIT
content-type
image/gif
access-control-allow-origin
*
x-cache
HIT
x-age
639442
accept-ranges
bytes
x-77-pop
newyorkUSNY
content-length
43

Redirect headers

date
Mon, 19 Sep 2022 16:51:30 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
rum
dsum-sec.casalemedia.com/ Frame E08C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0865b44e-ac90-4c50-9150-a860aeafacdf&expiration=1666198290&gdpr=0&gdpr_consent=
43 B
873 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0865b44e-ac90-4c50-9150-a860aeafacdf&expiration=1666198290&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d3924898cab4-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pka5yKKDmAyhqiaA9JUo8QtL6sIcA95nb0t06pq7Caa0MpBZOwlQ4ZQN9E9Xg36bFzM1DuIsxK35cUy0uyrJH8r%2BeZSeZwy%2FLLNKIexpPyfz2Ha1FRVasqP3IAXaiuppeBcSrTID4ruAAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=0865b44e-ac90-4c50-9150-a860aeafacdf&expiration=1666198290&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame E08C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YyieESwGjzJsCt6sceB0bwAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMUE5iKzdV1ZHce6NVq3jjo&google_cver=1
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMUE5iKzdV1ZHce6NVq3jjo&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d392d927cab4-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4yWsFjaeAQwuI396jyW3LVvHjGCukG7cX4U1JZIJaxbTR2pZgiWL%2Ftx6P0bXHIz2bxyRjOP3oMRiKuiRc13mfb%2BfyWNZLN7tlUaTe2HeVZeEXVvmbnYwmnDfk%2B5Is1uAC2Y2ot0Sv5BrYw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEMUE5iKzdV1ZHce6NVq3jjo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame E08C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyieESwGjzJsCt6sceB0bwAAALYAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF3rPIl_5tvAaCMq93cjdow&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF3rPIl_5tvAaCMq93cjdow&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d3926c1ca24d-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lgfx7elvwq4nojadqequ61P5fByEro%2FBR13%2BCnaF6CRAbV%2FRi7T4bVtVXXc4fiC0DoDceBu2e2AJWY1tgw3icfAUHvFHu0L%2BguNq5iXht%2Bs2KXMpx3SWHUIjBp2a5Z1UTQJ52g5K1JEiog%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF3rPIl_5tvAaCMq93cjdow&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame E08C 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YyieESwGjzJsCt6sceB0bwAAALYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:30 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
BZARX30RM14ASCHTT2N7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame E08C
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=4f56f0de-383b-11ed-9f2c-92a72e778839
43 B
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=4f56f0de-383b-11ed-9f2c-92a72e778839
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d3934986cab4-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mKwcCuFgQrxsTFh06LZyoeStEvtWGnjtirSWlLF4vVa7nDB%2FUjOZ9%2BnVmahvsguYgWu8X0bKTHJ22HrqmtuWbWLXBO%2BYtrlFE157Ca2X68obWYe13YTed64pB835ac1tM2LZUziu8WONg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:30 GMT
server
Cowboy
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=4f56f0de-383b-11ed-9f2c-92a72e778839
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
lga-delivery-10
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
tp_out
d.adroll.com/cm/index/ Frame E08C 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.219.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-219-253.compute-1.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:30 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame E08C
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=278f06cf-0cbc-4692-9853-78a88a2034b3&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=278f06cf-0cbc-4692-9853-78a88a2034b3&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d392c914cab4-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EcJ%2B7Fu62GpLZJSVaFML%2F2fPJNo1EakqYlPKjf0JOb7CEfjxvuj1HrlfAEDkiG85aD19urCr11q4iLF7vOCLCqJ%2Fk4Ee1zrY4zVPppPbIB1dVAVabbIzmTcryVBtE%2FbJuOcQx8J6YKMN6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=278f06cf-0cbc-4692-9853-78a88a2034b3&us_privacy=null&gdpr_consent=null&gdpr=null
date
Mon, 19 Sep 2022 16:51:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
74d3d391af634bd6-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
YyieESwGjzJsCt6sceB0bwAAALYAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame E08C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YyieESwGjzJsCt6sceB0bwAAALYAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YyieESwGjzJsCt6sceB0bwAAALYAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YyieESwGjzJsCt6sceB0bwAAALYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
H2
Server
2600:1f18:4e9:5a02:de18:75cd:f3b9:7bd3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YyieESwGjzJsCt6sceB0bwAAALYAAAIB
date
Mon, 19 Sep 2022 16:51:30 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ecm3
s.amazon-adsystem.com/ Frame E08C 		43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YyieESwGjzJsCt6sceB0bwAAALYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID&s=192259&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:30 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
DJYMYC6P9AM2AXBB4EMS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1663606290076&plid=56456094&idsite=wired.com&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22plan%22%3A%22Not+Active%22%7D&sid=1&surl=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&sref=&sts=1663606290068&slts=0&title=The+Uber+Hack%E2%80%99s+Devastation+Is+Just+Starting+to+Reveal+Itself+%7C+WIRED&date=Mon+Sep+19+2022+16%3A51%3A30+GMT%2B0000+(GMT)&action=pageview&pvid=1652403&u=pid%3D5a0f4a9e917385a26005c5afb9d130b1
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:30 GMT
Cache-Control
no-cache
Last-Modified
Monday, 19-Sep-2022 16:51:30 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:30 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 20 Sep 2022 16:51:30 GMT
/
www.facebook.com/tr/ Frame 13DF 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.wired.com
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.wired.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 16:51:30 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A30.144Z&_t=pageview&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=general&xID=0a128167-d05b-4a5a-ae1f-67013865e3d9&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach&dim6=%5B%5D
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:30 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
jquery-3.5.1.min.js
assets.bounceexchange.com/assets/bounce/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_89ceea329a99e3935afd4105c6694d4b.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Fri, 02 Sep 2022 15:09:46 GMT
content-encoding
gzip
age
1474904
x-guploader-uploadid
ADPycdtdbhdEkesJWhcIWzybMjIbmGv5qGKdAEyKgOTmGHw2nITuq7F-6YfWInFJSAqLEYFX11NAs9EcHANVDxjO10Vo_Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30848
last-modified
Fri, 26 Aug 2022 17:41:56 GMT
server
UploadServer
etag
"4c2d1f5bd80d2b1f5f95d0bad817950b"
vary
Accept-Encoding
x-goog-hash
crc32c=wSFokQ==, md5=TC0fW9gNKx9fldC62BeVCw==
x-goog-generation
1661535716341186
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
30848
accept-ranges
bytes
content-type
text/javascript; charset=UTF-8
expires
Sat, 02 Sep 2023 15:09:46 GMT
local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame 2600 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_89ceea329a99e3935afd4105c6694d4b.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
age
1442664
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public,max-age=31536000
content-encoding
gzip
content-length
1055
content-type
text/html; charset=UTF-8
date
Sat, 03 Sep 2022 00:07:06 GMT
etag
"c8e98801795abda075fdb01f17afdf8d"
expires
Sun, 03 Sep 2023 00:07:06 GMT
last-modified
Fri, 26 Aug 2022 17:41:53 GMT
server
UploadServer
vary
Accept-Encoding
x-goog-generation
1661535713715036
x-goog-hash
crc32c=8mzcRw== md5=yOmIAXlavaB1/bAfF6/fjQ==
x-goog-metageneration
1
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1055
x-guploader-uploadid
ADPycdsoC8MjA5QzQ_x6hIBruJ4WbzWDSKM38JiE3seacaG7afxaByk_UH26GtVxwMboTCsDssWX5xL-uG0Nyn4wnYHjxA
1422
check.analytics.rlcdn.com/check/ 		25 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1422
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-121.jfk50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 16:51:30 GMT
via
1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-amzn-requestid
aaeddc59-c721-4a7e-bb4f-80b34f548c02
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-63289e12-78b80bc075cf13b66a19a744
x-amz-apigw-id
Yt2i5FcHDoEFXQw=
content-length
25
x-amz-cf-id
wSHPIWD8m49dR1w6GKsOk6xj4HGzOWeSeQM3r-kOCt74kDaTof8ZeQ==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1770785891&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&ul=en-us&de=UTF-8&dt=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCjACUI7BAQCAG~&jid=996399741&gjid=1719864826&cid=137948537.1663606287&tid=UA-87198801-1&_gid=1249916908.1663606289&_r=1&_slc=1&cd1=AU1D-0100-001663606289-CCL9X331-CFI9&cd2=none&cd4=www.wired.com&cd5=%2Fstory%2Fuber-hack-mfa-phishing%2F&cd6=Passive%20Tagger&cd7=dd5b710802a24765cb9b27fa45eac5c5&cd3=57&z=1939564612
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
1422
check.analytics.rlcdn.com/check/ 		25 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1422
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.29.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-29-121.jfk50.r.cloudfront.net
Software
/
Resource Hash
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 16:51:30 GMT
via
1.1 62c7f4f128c40af6818c2f8f919f1c18.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P2
x-amzn-requestid
e4624388-19b5-4d4c-a373-9e193d916076
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-63289e12-5bc7e2f75357d80617623b00
x-amz-apigw-id
Yt2i5FyVjoEFpzQ=
content-length
25
x-amz-cf-id
ujw8qnxMoAocZIbl3uOMz6JsLiNadagqwmzkA4DS4NJJhZudFPPOeA==
ibs:dpid=420&dpuuid=63289e1257152649
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://su.addthis.com/red/usync?pid=16&puid=22725597434185837671267853816245447519&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D420%26dpuuid%3D%7B%7Buid%7D%7D
  • https://dpm.demdex.net/ibs:dpid=420&dpuuid=63289e1257152649
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=420&dpuuid=63289e1257152649
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0b2dbfdb6.edge-usw2.demdex.com 14 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6hRRFkfgSLc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=420&dpuuid=63289e1257152649
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CONDEVIDEOCONTENT1&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=9&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1663606290313&de=549880461453&m=0&ar=5aeef158bee-clean&iw=cf980cc&q=10&cb=0&ym=0&cu=1663606290313&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=Internet%20Expert%20Debunks%20Cybersecurity%20Myths%3A%2F3379%2Fconde.wired%2Frail-player%2Fsecurity%2Farticle%3Aundefined%3Aundefined&zMoatVideoId=5f2178a1bcdfff5e2a4786ac&zMoatAP=true&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&id=1&ii=4&zMoatOrigSlicer1=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&zMoatOrigSlicer2=N%2FA&zMoatDomain=wired.com&zMoatSubdomain=wired.com&gw=condenastjsvideocontent160527792519&fd=1&it=500&ti=0&ih=2&pe=1%3A671%3A671%3A0%3A792&fs=200157&na=351753621&cs=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.169.173 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-169-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 16:51:30 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-87198801-1&cid=137948537.1663606287&jid=996399741&gjid=1719864826&_gid=1249916908.1663606289&_u=aCjACUI7BAQCAG~&z=2124138822
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 19 Sep 2022 16:51:30 GMT
content-type
text/plain
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 0BFE
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&us_privacy=1---&khaos=L8908AYG-I-95TU
  • https://s.amazon-adsystem.com/ecm3?id=L8908AYG-I-95TU&ex=d-rubiconproject.com&status=ok&us_privacy=1---
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=L8908AYG-I-95TU&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:30 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
B2G5W629MXS77XJQR5X1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://s.amazon-adsystem.com/ecm3?id=L8908AYG-I-95TU&ex=d-rubiconproject.com&status=ok&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
1c34e56f66d325760e494cbb7a93f50f
Expires
0
ibs:dpid=477&dpuuid=ad6a700ee5d543dc8e3bb8a2f1907a5e1fe632ae2f2797e5627c7541fd013fcbb0da87c991749652
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=22725597434185837671267853816245447519
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=ad6a700ee5d543dc8e3bb8a2f1907a5e1fe632ae2f2797e5627c7541fd013fcbb0da87c991749652
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=ad6a700ee5d543dc8e3bb8a2f1907a5e1fe632ae2f2797e5627c7541fd013fcbb0da87c991749652
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0f567bddf.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
D+vZMetGQsg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Mon, 19 Sep 2022 16:51:30 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=ad6a700ee5d543dc8e3bb8a2f1907a5e1fe632ae2f2797e5627c7541fd013fcbb0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame 4514 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x360%7C480x70&iu=%2F3379%2Fconde.wired%2Frail-player%2Fsecurity%2Farticle&ciu_szs=1x1&gdfp_req=1&env=vp&output=xml_vmap1&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%252Cgv_death_injury%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Dmt_article_two_column%26content_type%3Darticle%26ctx_page_channel%3Dsecurity%26ctx_page_sub_channel%3Dnational-security%26sub_sub_channel%3D%26env_server%3Dproduction%26ctx_cns_version%3D6.62.7%26ctx_page_slug%3Duber-hack-mfa-phishing%26cnt_copilotid%3D632496798990652479ff3877%26cnt_tags%3Dsecurity%252Chacking%252Cvulnerabilities%252Cuber%252Cnational-security%26fastly_geo%3Dca%26pageview_id%3D3138407518%26usr_bkt_eva%3D24%26usr_bkt_ses%3D29%26usr_bkt_pv%3D89%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26usr_segments%3Dco.w2238%26cn_metrics%3Dcmr_high%26vnd_prx_segments%3D121100%252C131100%252C131127%252C230004%252C230017%252C230103%252C230133%252C230163%252C230016%252C230160%252C603525%252C300003%252C210001%252C240000%252C240002%252C240003%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240015%252C240018%252C240019%252Cmiovit%252Ceuwba9%252Czlqtg4%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_entities%3Duber%252Chacker%252Czatko%252Ccybersecurity%252Csecurity_engineer%252Ctwitter%252Cthe_new_york_times%252Ccedric_owens%252Cphishing%252Conelogin%252Csocial_engineering%252Cmfa%252Cgoogle%252Cchristmas%252Cvmware%252Cgroup_ib%252Cmicrosoft%252Cpeiter%252Cmudge%252Camazon_web_services%26vnd_4d_ctx_keywords%3Duber%252Chacker%252Cauthentication%252Cattacker%252Cbreach%252Csystem%252Cnotification%252Caccess%252Czatko%252Ccybersecurity%252Cattack%252Chack_devastation%252Cresearcher%252Csecurity_engineer%252Cservice%252Ctwitter%252Cthursday_evening%252Ccompany%252Cthe_new_york_times%252Ccedric_owens%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D0a128167-d05b-4a5a-ae1f-67013865e3d9%26ctx_line_items%3D%26timeout%3D500%26height%3D208%26muted%3D1%26right_rail%3D1%26sensitive%3D0%26series%3D5fb2bd3b38d0691c16e0f5de%26width%3D370%26feature_flags%3Dsticky-player-rail&correlator=2483420307513779&description_url=https%3A%2F%2Fwww.wired.com%2Fvideo%2Fwatch%2Fexpert-debunks-cybersecurity-myths&vid=5f2178a1bcdfff5e2a4786ac&cmsid=1495&ppid=0a128167d05b4a5aae1f67013865e3d9&sdkv=h.3.531.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&us_privacy=1---&sdki=445&ptt=20&adk=2193636566&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.531.0&sid=0875E768-517A-4FF9-9341-718F64999117&nel=0&eid=44731964%2C44748969%2C44754420%2C44760950%2C44765701%2C44773379&ref=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&dlt=1663606287791&idt=1566&dt=1663606290403&cookie=ID%3D454cc35988ac7860%3AT%3D1663606287%3AS%3DALNI_Ma4Tj8mzb15B9PDXXeOX5NFAaB4PQ&cookie_enabled=1&scor=4299610263625563&ged=ve4_td2_tt0_pd2_la2000_er1430.1067.1583.1367_vi0.0.1200.1600_vp0_eb16619
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.531.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22ca5b87952e588f4ea1fb50d33b820b9bdcbc5e84bfb7dc86c94dc3166ca5f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1948
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
init1.js
api.bounceexchange.com/bounce/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=1485&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDZCBmQgBkICYBOcgFisM2AC8QpzMB3AUwCMcqYLwD6qACZQqADioBWTACdeOEABs4aDAQrkAHvirkuKmLyUqlUbAEN161AgDmouEvVQAFsGAAHHABSEgBBQKoAMXCI7liAOm5UFQk4pBAAW2icUCUAT2i4fgsAWi9bJABrYvSYW2K-L1QcRpdo4IivHBxRJDKEBF51YIARYG5iohl5QnwaY3pMADcm4R6QEArUXihAgHYAIXCqdT8j4LCqKh9-IIVQ8PlIh8jY7gSk3hS0zIVI7JA8s8IoUSmVKtVavVGs0nM4gQ8SB0uj0+gMhndRuNJtNZvMzlQAMJHJRne6XM67YbYdabbZ7Q6XRaksIHI44QrpYQiCSiDBCETM2rqHC8cJEy68RYWUTqEDOZyfcQIQX2EVitkcrmK3jpWyodSifjlCq9Wz9QYq4Wiwka-ic3za3X60TOWwSBXAdS2QSWtU2y7su1ank6vUG13pVS+63iqiB+3c0Sh53AJRmnB+AHAaPqgOah0hp0GkS9JxjEA5-1x-OJ5MGnBILbIa1Uc5Cv2x+PBpNF0QSXiqyudmuOsN9sP5cmhdsxo5IJB+Ww9eyoZmpuCzy4qVyukSiLsFofE3g72x79zo1vT1Wb6tBgs9seZiRIWzZW5XkIzvbDH9LWxKDgADai4KqIwC5H4vAALpQABaBIOovD-oBQFuqIyxCPwSGwTOKHAfBqCIWICC2JGsEACpeNa5AAKpFCSxgABLGoEcDGLMtzkMMkpvsAZ7oMqxgAJJcQAUnA2ThOQADK-FKGgrTGKA0kAEqSgO6LkMJwAiuoMD4WhClEUhy4iM4AK5LBMm8Eg7jCLkhllPpi65Nw9gGphqDYTBsA3oZ-AgL4GRGkoGErD5uH+YsAHAa57kOFFVqGfADjxR54VYThfnJTFqEZkuGkIMAPZakoSUioZB6Jnywi+XheXAbK8qKk4FXIY1QEaWFzUKjybU5ZVnUSDAfiiEo2EgJUsEIEF40DhIjmddVo7OkalSmua6jtVVI6FmOrrurwnrejgO3LXtj7OhGqjnbFQErftKZpggGZZnd+WXXW4G2S05YfcBj1XfWja8M2AMPV9vb9qqENA99EgThDfhKKgMUiJNlSZd52UNfd-GuIMOpg8AyOozFSC5KImZ+HAY1eZFg0dfdSAIMD+6FA2qMMRDrP7nVHOCEg3MWLzC5Lq+jiweuzOoaAfihdjjN46hAL9mFMAAukEPbi6Z5iI9EOLaRnJIOBtiE0hkbFdZACiBK0apwkUQAmtJABytsAOoyYZ25NKmAkYKICXbUzfsnnr54eDrke7gbdMo6oQgYHDUNPiAL58Wd4edWUSg8rrofUyoIo27n-YwEB86LsuUtQDLSyV0Buvx24Mfh2kGxbOB6wygBCrh-wficJgx0j0B0GYH4uk2N8fiOGaSBiDAXrODYixlFAQA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_89ceea329a99e3935afd4105c6694d4b.br.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
0f2d632a4ac919ebaa396f8467ea958b2b6d7fe6956dd5de0c0efe8a48beba64

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 16:51:30 GMT
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
21
content-type
text/javascript;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-87198801-1&cid=137948537.1663606287&jid=996399741&_u=aCjACUI7BAQCAG~&z=1005362503
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-87198801-1&cid=137948537.1663606287&jid=996399741&_u=aCjACUI7BAQCAG~&z=1005362503
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81e::2003 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 0BFE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8908AYG-I-95TU&us_privacy=1---
0
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8908AYG-I-95TU&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:30 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 03FD98C09FD74C6785051427F84223CE Ref B: YTO01EDGE0814 Ref C: 2022-09-19T16:51:30Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXpCoX+bQLFvV1vQBEhzQ==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8908AYG-I-95TU&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 0BFE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oGTBCOHAS9G2N0sVgE1SsQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oGTBCOHAS9G2N0sVgE1SsQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oGTBCOHAS9G2N0sVgE1SsQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:30 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
C79MKV5W8XCQ4DXH6R8T
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=oGTBCOHAS9G2N0sVgE1SsQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0BFE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/7-A585sPuRa-yH7ZkMqmNA?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4516901600016806313
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4516901600016806313
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
Content-Type
image/gif

Redirect headers

date
Mon, 19 Sep 2022 16:51:30 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=4516901600016806313
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
dcm
aax-eu.amazon-adsystem.com/s/ Frame 0BFE 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:30 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
DFVTAFKVXKRJS9M5PVK2
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0BFE
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0865b44e-ac90-4c50-9150-a860aeafacdf&gdpr=0&gdpr_consent=&expires=30
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0865b44e-ac90-4c50-9150-a860aeafacdf&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=0865b44e-ac90-4c50-9150-a860aeafacdf&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
pixel
cm.g.doubleclick.net/ Frame 0BFE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5MDhBWUctSS05NVRV&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5MDhBWUctSS05NVRV&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDg5MDhBWUctSS05NVRV&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
9ef75ea4f1dd62e53c52f84d8070c378
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 0BFE
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGU1YmQ1ZWNmMjE3NDc5ODgzM2FlMWYxYzJhMDI2YmRmZmIwMjU4Zg&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGU1YmQ1ZWNmMjE3NDc5ODgzM2FlMWYxYzJhMDI2YmRmZmIwMjU4Zg&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
H3
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGU1YmQ1ZWNmMjE3NDc5ODgzM2FlMWYxYzJhMDI2YmRmZmIwMjU4Zg&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 0BFE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHOAcBcQIlUddYov-_m_fp0&google_cver=1
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHOAcBcQIlUddYov-_m_fp0&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHOAcBcQIlUddYov-_m_fp0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=358&dpuuid=1122792427392432315
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=1122792427392432315
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1122792427392432315
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-0fad7b986.edge-usw2.demdex.com 57 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ihyK+qMtTR0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:30 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
e4f0648d-4fce-4303-8fde-ce674fa1b904
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=1122792427392432315
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
visit
events.bouncex.net/track.gif/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLppJhl6SQBOJklqejYAZRQAMxQkECd6V3dVADJQCBgkBFrkXqQcTvAoaAo+HjRTdARYJFIcNMhIU2EKuWMaejptugEDxgEQXt5GeOy92jBIAiQATyvYG2QAWjSURNes+tfTNPAAMwaCu2zktDSYDAAH14h9MJgEKQwQARSACV6SVQADnoqhKOnUI260F6YAIpFgkBABEwuhwWOYzGJYzJFKpNMw9wZOmZXTG8XgtyywAaIBQNksYBwlBc2moMww0Mg91MuWo8i21GoDWp8UsNA11FC2pQvGh-Ml6s1hvqpEQhpCht1IH1CGhmBQOUdm0NYjSuWYAFUXkg2D5PhFKABRDXY1jFYrrZgohCim4oam0tgASWTACkhdVIC7gWxbmwAEpphAoZE6HOQRCkWqO43OpB6yywzMINB3R7am3aqoJeZQQdGk3UD4tmb3AR10gW0ZWn1a6h2h1D9vamwEFbZGwNFcQNdD33arfW3cKlALpfr2117dT22wcjzxfkU8gc8ay9NxfG9pzAGZoRrbAIKyKBIGQJ8r2AttQOeGCVgQc1aW6a1AOvZDDVIAg0Awc0eAQoD7RAw0ayQaFCOIjDoTIi8Nzwndp14WpTGhJBJQIRJyMwA8eNrXhJydbUwFQ2DGIQLIUDIaFj0SOEUARJFyLYt9JOk9DzTkhTlzQM0MEgCgbHWADWKQ9jDSkmw0Lg-T5MU4ycks4cKNfCTqHsxzZJc5dIFQTAwLuSBNJs7TfN0pzoMM5UEiBdECEiyj8J0hyZOchKwHiEAsHiHDrPS2zMv8nLFN4Wt7TS7zbz87L4qqwzxNwqKfNMRpRTgvjEl-f9PK0nySzQCDLBybA6qo7UupAUV4nuaFTAIUxYG4y0DRY59Sui+JMGa5d7LyxpQ2mjLqH26FsOu54Tr-eDtsQ3afPieJwPiOsmie6hgtgGbftW49aM24qdvq6c7mq2jajuLJzrK6hejG4y4NurK9IR6KxM9GD4mVdBxrkrAIp+qpo2CINKxzMQAE1RGjTgqgu5HwGCzNOWhb96ys8GAeR6FUfdeYeaGjrbwFoXbvMMkIGzH7hoa2KAoSlbeE+m4PPal7bw+JBzQF7nlrJEmsdlFEWRgC4CAiAqZTlQ1gCfB2XBRHzamAUmrKxVQPGYVRqGKVhb1AXh1x9v2A6DopqFcaKUFSljg+nUhTHI5ZVnWFotR2WgrgOAQjhODDzkuCo6BuAcnlDd5I2+X5-kBKZQQ2CEoVheFEXrFo0QxLFcXxYpCQulAteMZPHdMJ2WMkHyw5++forDH6LviT3w9UX3VH9wOJ8kkBF81TEfLQeJl6s6L4aTueD-InRsTkSQXHUahsXKdR6BcSQ5HUHELtIdeM9N6R13ubdo8BkCzGwNAGwmQhDIBwOkTIORwGIFQBgaBwBkBy0wAyZgBRGBFFKIwco9BUGQIwTACwmZYZICyDgFQ-AhBSGZBA9BJNoDVVAEVFUaocDVTABEW4ph2iCkrjkJA0APh5VpFgzsGEcDMgwAQaAFxYDYAeBcaqiDjDtGUaogg6jgr3C0QgOQOiRB6IQCotRGj7i4wQIgtSZoUBWJUazWkOAACKwQ3Gkj7JyBx3j-ovHiH4-KKp8C0mCjVPxK0MykFMTgHwcgYjhOiTwEmSSRC6KyAQbRzIBC2GwgfHAr8KiW1KRHbeUd8HlDju0LhroEClPvo-Z+r936f2-r-bE7RFRpgKscXgDJ2iIAAI7-UwEVUpzJ9QFWwNSdyJYsimAZMAmpu8WjUFEeEEmKBTDzWwZyHAo05CNMGUVfhYzDFICuUUmw7QoG4DYUAA
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/ 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1N8jAdPDKhACZMDGA9gLb1CuXqgCe9ZACMIqALTYQ3ANZz+AMxBzg2GIV0A7MPTI1shQgH1uigwYjoyAEVzw5ARgBsADgCsn9wBOKgAGABYAMlBIWAREbmRhASgQVBgQKXQIQkxiAHYAIWoqaIhLXDFgCGKySioqVNwYbiyaqgBhYpAOS1hCGEzq+trizXRCIapqTvrG5qzLAxB+SZH6gBVsIZCAVRlUahCACSVlYgBRKe8Q4kDAklCnaBBhECbeA0OASQeQgClErhDgBlXBzIyHESHABK0AgIEcoS+uAm6HUbRmDVQTRaZW4bwgYFEEmGFGKwIgCTSFQxxUUaNAYngCPQvT0A1apLqVDGE1p9SkvHwAikqTZ-UGNTJ9V5qw6xUZzPQiKm0p5CL5w3lMuQysVLPFHNWatl-KohFAljhBlwVv4MHwsil3NNWsxhGk9sdPQ+-VwxpdGrlmPQvDAkB6ME+XNGQbNcNQllD4c4lijztj42DxQ46mAllQmV4Kgz9QMQoL8I4JKm2vNnod-p6EH4IBgrNFKhsIDsDlL6qzZo9Ui9TbtbdZYG6kFw6AyD1VgcHbuKw9HqZbE8sU5WC7WA81tfdDe94-b5VQPYtoiBMZlcZX9TXjY3rfP-psUdcvH7rqPq5PMdN3PQhuDgAxuADTND2mACRxfZs31ZDh4XGX8H3-J9ANfLcOAnGt9z-WD6mANIUn9IsVENSU7wPbN6jBMArSyFYbXQ5dMJKMilDESxgF4YBkHzPojXYmC624Awz1ZYdQLSfYxPoqhJMsP0ylk7h5KdWiiIk7hLXxdAYH7XBUGQJSRGAUVExEmjF2gpTRBQxN1FEQQdIw4iqHYJip39VTsI4RSzWrJZ7W4cpwGYlsIDY2jgXOdodmhL51gATUOAA5c4AHVgTNHy9FMt4YA+SwlRVQjPLrHztwJSw0Eqk1qsxWq-PUoTSOyfoPmCx963g09gNZfiOHxYQ92ajivMUVAelqiq+PYCY4vs+9pryJwonAaA4CQPheGUOB+gALwgTAfBCbaYj2+Iew+ZoERwfAiDWOhaEYeAWDYTgeAEIQRHESR9gUU41E0bRdH0KNjFoCJ+F4FDMCu+AICkNSYA4TAqG8KhfAiESmixrxPFITwQk8KhAhCXx3CoUg8ioCIUNgSDMexkJvFIdw8jCHG6bCXw8ncUgwh8a7doQdn3AiCYAEdzIgiBpYiFpwPwGBdzBfhgEwEmyYpqmadIfG1disFgBgKBZB6gxMEY0hmd2yDMA4WXeDQF3UakCIdptTBElkIA
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
365868.gif
idsync.rlcdn.com/ Frame C006 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=22725597434185837671267853816245447519
Requested by
Host: condenast.demdex.net
URL: https://condenast.demdex.net/dest5.html?d_nsid=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:30 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
ibs:dpid=481&dpuuid=L8908AYG-I-95TU
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://token.rubiconproject.com/token?pid=6404&puid=22725597434185837671267853816245447519&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=L8908AYG-I-95TU?gdpr=0
42 B
948 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=481&dpuuid=L8908AYG-I-95TU?gdpr=0
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcscanary-prod-usw2-1-v048-0dc7c3439.edge-usw2.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
hjEBhAKaSdM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=481&dpuuid=L8908AYG-I-95TU?gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b3266a43228eaeab48f59934ee9159da
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ibs:dpid=134096&dpuuid=2022091916513000089314471900
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://x.dlx.addthis.com/e/demdex_sync?na_exid=22725597434185837671267853816245447519&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022091916513000089314471900
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022091916513000089314471900
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-02ab41461.edge-usw2.demdex.com 7 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
LjPsXRu8R/g=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022091916513000089314471900
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Mon, 19 Sep 2022 16:51:30 GMT
ibs:dpid=540&dpuuid=938f0985-f7db-410e-b217-c1c96e40dc47
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=22725597434185837671267853816...
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=938f0985-f7db-410e-b217-c1c96e40dc47
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=540&dpuuid=938f0985-f7db-410e-b217-c1c96e40dc47
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-05f9c3613.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
A0YxYxriTcw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=540&dpuuid=938f0985-f7db-410e-b217-c1c96e40dc47
date
Mon, 19 Sep 2022 16:51:30 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022091301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54c688f08fc47247c9b1692d3c79fb9f39d2a43c3aa42005b04791066c962bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11246
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 7E94 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.wired.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.123.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 16:51:30 GMT
server
Kestrel
server-processing-duration-in-ticks
449472
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=228464857488266&ev=Spire-Studio-Segment&dl=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&rl=&if=false&ts=1663606290979&cd[code]=&sw=1600&sh=1200&v=2.9.83&r=stable&ec=2&o=30&fbp=fb.1.1663606289202.322695493&ic=gtm&it=1663606288290&coo=false&dpo=&tm=2&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Mon, 19 Sep 2022 16:51:31 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035094/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.224.214.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-23.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:42:15 GMT
via
1.1 613a9db04d23967014b7c42269dc1c12.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
557
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
PHL50-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
buG2j707yangCXXJl_H-9unz3MV6GHpomCZBun-WAI8JItfCRM6-Cg==

Redirect headers

location
/internal-c2/default/cs.js
date
Mon, 19 Sep 2022 16:51:30 GMT
via
1.1 613a9db04d23967014b7c42269dc1c12.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
0
x-amz-cf-id
Jgl_bevsjQvoIPj_6Y1DQHTq_78x8mx-fI0J-TcjWCW7ISFK2HP_QQ==
x-cache
Miss from cloudfront
ibs:dpid=601&dpuuid=117915488844135&random=1663606291
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://dp2.33across.com/ps/?pid=897&random=1444044294
  • https://dpm.demdex.net/ibs:dpid=601&dpuuid=117915488844135&random=1663606291
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=601&dpuuid=117915488844135&random=1663606291
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-0fcdc81b8.edge-usw2.demdex.com 9 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
UB03ZeW/Ryw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:30 GMT
referrer-policy
unsafe-url
server
33XP003
x-33x-status
200004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://dpm.demdex.net/ibs:dpid=601&dpuuid=117915488844135&random=1663606291
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
sid
mug.criteo.com/ Frame 7E94
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=wired.com&sn=ChromeSyncframe&so=0&topUrl=www.wired.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=HAeDt3xOTTRLRVlrMVJoUzA3RTc4eXB4QlYrVEs5UXFxd1VQdWZzZGVUamxPeDVBVG03ck1zSnJaODBTZmQvNW5RcHorV0lNVnZuTkxQMXUwOWtBWms4MTZxbHdSb3RZR0lRcnBvYVJMUzI1dWNXeExSbnhUanhKNEVTS2...
427 B
650 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=HAeDt3xOTTRLRVlrMVJoUzA3RTc4eXB4QlYrVEs5UXFxd1VQdWZzZGVUamxPeDVBVG03ck1zSnJaODBTZmQvNW5RcHorV0lNVnZuTkxQMXUwOWtBWms4MTZxbHdSb3RZR0lRcnBvYVJMUzI1dWNXeExSbnhUanhKNEVTS2hHcTFNR0c2cGF6OUxSbysrVlM1WUZSeXJadjNOU3R6NUdPeWlaN2RsNjdBekNEYVh0OWt3RnNQZ3V6SG85OFZEcm8rdVBtQlQzWmRSTjF2bmhESU9GMENLKzhSQkJSaG00anh6TEh3SmREdDc1R3pJWUVNREx0Njhzdm44ZFMyWEYrTnVQbEQvUTJZWDlXbmcxdUEyM0JVK2oycmJnUT09fA&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
69fcf01bd49d9f22b799c59941a354695e31a211ee69fd1f107010a72e7e523e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2695395
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
location
https://mug.criteo.com/sid?cpp=HAeDt3xOTTRLRVlrMVJoUzA3RTc4eXB4QlYrVEs5UXFxd1VQdWZzZGVUamxPeDVBVG03ck1zSnJaODBTZmQvNW5RcHorV0lNVnZuTkxQMXUwOWtBWms4MTZxbHdSb3RZR0lRcnBvYVJMUzI1dWNXeExSbnhUanhKNEVTS2hHcTFNR0c2cGF6OUxSbysrVlM1WUZSeXJadjNOU3R6NUdPeWlaN2RsNjdBekNEYVh0OWt3RnNQZ3V6SG85OFZEcm8rdVBtQlQzWmRSTjF2bmhESU9GMENLKzhSQkJSaG00anh6TEh3SmREdDc1R3pJWUVNREx0Njhzdm44ZFMyWEYrTnVQbEQvUTJZWDlXbmcxdUEyM0JVK2oycmJnUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
543439
content-length
0
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 19 Sep 2022 16:51:31 GMT
ibs:dpid=771&dpuuid=CAESEN9gagKdjQzxV7KH6bXImJU&google_cver=1
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjI3MjU1OTc0MzQxODU4Mzc2NzEyNjc4NTM4MTYyNDU0NDc1MTk=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEN9gagKdjQzxV7KH6bXImJU&google_cver=1?gdpr=0&gdpr_consent=
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEN9gagKdjQzxV7KH6bXImJU&google_cver=1?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0f9b41edc.edge-usw2.demdex.com 12 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
x8p4HP6hQog=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEN9gagKdjQzxV7KH6bXImJU&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/ 		0
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=3egfyfq&fmt=json
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 16:51:31 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://www.wired.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
expires
Tue, 19 Sep 2023 16:51:31 GMT
envelope
api.rlcdn.com/api/identity/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1422
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 google
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ixmatch.html
js-sec.indexww.com/um/ Frame D689 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.112.10.99 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-10-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 16:51:31 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 4BDA 		35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dc77601b1c0820dc3bc352ec0964d390e2402e7947ec16a7ade2306edbeb2080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=154096
content-encoding
gzip
content-length
11727
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 16:51:31 GMT
expires
Wed, 21 Sep 2022 11:39:47 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
pd
us-u.openx.net/w/1.0/ Frame 6F1C 		711 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
758b878da985cdc84d18fa185bf3168ff7eb7a7ec70b9c314386ca9137333b97

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
447
content-type
text/html
date
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
pd
us-u.openx.net/w/1.0/ Frame EFF2 		711 B
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
758b878da985cdc84d18fa185bf3168ff7eb7a7ec70b9c314386ca9137333b97

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
447
content-type
text/html
date
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
ixmatch.html
js-sec.indexww.com/um/ Frame 5605 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.112.10.99 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-10-99.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 16:51:31 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame E606 		35 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dc77601b1c0820dc3bc352ec0964d390e2402e7947ec16a7ade2306edbeb2080
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=154096
content-encoding
gzip
content-length
11727
content-type
text/html; charset=UTF-8
date
Mon, 19 Sep 2022 16:51:31 GMT
expires
Wed, 21 Sep 2022 11:39:47 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 6F88 		281 B
573 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: www.wired.com
URL: https://www.wired.com/hotzones/esi/wired/prebid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 19 Sep 2022 16:51:31 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Unused62
8096267
Vary
Accept-Encoding
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 896D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
24387
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 10:05:04 GMT
expires
Tue, 19 Sep 2023 10:05:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B7A3 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
820a142fdfdb98a8a37368a8f9fd419e03c84062864729d848d804137945c8b2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--EDRwG4339K50g-pi3_r1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce--EDRwG4339K50g-pi3_r1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Sep 2022 16:51:31 GMT
expires
Mon, 19 Sep 2022 16:51:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame 6F88 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.127.172.242 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-127-172-242.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
31248ef830b10ec6779f2693aaa69d3149cf2bb2fe1314cba78f03f7edcf07fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=58833
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9421
Expires
Tue, 20 Sep 2022 09:12:04 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 87BC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47ca746778d0807b5344c8c2b5d51882fbffe892b0cf67001c6d41872362c0d

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74d3d397eecca24d-YYZ
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 16:51:31 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wzWEh8%2FeiC9fCfCStB85LOvZzYT0b6e5ETdu%2FT8hkUl7APghL34B2qYT%2FTs4SxgTicZ%2FNp56c9yfrPybYbrjZrsOv8hWCI8%2BzlNflLZExR0dfyYE4BsWOFpIb2wkYKR4MAWPlqtqTBGmpg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
receive
pixel.tapad.com/idsync/ex/ Frame 6F1C 		95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=83873fec-1374-4830-ae33-341c02832811
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame 6F1C 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=ab3dcf99-9019-4ffe-b7f5-6dc0a6ac1d74
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:31 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
362358.gif
idsync.rlcdn.com/ Frame 6F1C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=d03f3376-8534-43d7-bbab-2c39089488c5
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEB70x_GU3f8E6sUDEWKSmAw&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEB70x_GU3f8E6sUDEWKSmAw&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEB70x_GU3f8E6sUDEWKSmAw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6F1C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1122792427392432315
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1122792427392432315
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:31 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
b7a9c34f-abcd-4a38-99c4-739bf611cfc1
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1122792427392432315
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 6F1C 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=dd2f306d-54d9-ce4d-24dc-2e5d593c22fd
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:31 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
Z45SJXBJ29EJYGBSEYA3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6F1C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2620356559099565277&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2620356559099565277&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2620356559099565277&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
receive
pixel.tapad.com/idsync/ex/ Frame EFF2 		95 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=83873fec-1374-4830-ae33-341c02832811
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 google
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame EFF2 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=ab3dcf99-9019-4ffe-b7f5-6dc0a6ac1d74
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:31 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
396846.gif
idsync.rlcdn.com/ Frame EFF2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=d03f3376-8534-43d7-bbab-2c39089488c5
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=d03f3376-8534-43d7-bbab-2c39089488c5
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=d03f3376-8534-43d7-bbab-2c39089488c5
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Mon, 19 Sep 2022 16:51:31 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=d03f3376-8534-43d7-bbab-2c39089488c5
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
sd
us-u.openx.net/w/1.0/ Frame EFF2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=1122792427392432315
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1122792427392432315
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:31 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
6ab98079-5568-4355-816e-4b9699077dee
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=1122792427392432315
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame EFF2 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=dd2f306d-54d9-ce4d-24dc-2e5d593c22fd
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:31 GMT
Vary
Content-Type,Accept-Encoding,User-Agent
Server
Server
x-amz-rid
FNY5H9DY29QTN4W7MQZT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame EFF2
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=2620356559099565277&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2620356559099565277&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=2620356559099565277&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usermatch
ssum-sec.casalemedia.com/ Frame A0DC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9dadd3a17c249fb0d7c8592d347e5ded1b6065c1b32fb4be311e27a60b27cdb6

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
74d3d3982f44a24d-YYZ
content-encoding
br
content-type
text/html
date
Mon, 19 Sep 2022 16:51:31 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQuLYgPV6zvX62VBc4i4lJW%2Bu7z%2FVD01e85kzcuttPFOOcdmaA1E0lBGY4M0kWObOqxstOeZgD0c6yXmV3XxoHP0bRW6bZB2Kxk64h5pE07HvNir0WAPX3PgIrDaRzrx1cRFkFxQ0HTpjw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
ibs:dpid=992&dpuuid=1etogdlz8ff9z
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=22725597434185837671267853816245447519
  • https://dpm.demdex.net/ibs:dpid=992&dpuuid=1etogdlz8ff9z
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=992&dpuuid=1etogdlz8ff9z
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0c1f07e16.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
xB/9Moq6RCg=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://dpm.demdex.net/ibs:dpid=992&dpuuid=1etogdlz8ff9z
cache-control
no-cache
cf-ray
74d3d398dd254bcb-YUL
content-length
0
SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
pagead2.googlesyndication.com/bg/ Frame 896D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/SUiySqS1in-YUNsSXtQt1jv3ON6UQ0EMqlXBaZ_BtMI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Wed, 14 Sep 2022 19:22:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
422916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15932
x-xss-protection
0
last-modified
Tue, 13 Sep 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 14 Sep 2023 19:22:55 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B7A3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022091301&jk=1512123897959010&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
YyieESwGjzJsCt6sceB0bwAAALYAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 87BC 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YyieESwGjzJsCt6sceB0bwAAALYAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:de18:75cd:f3b9:7bd3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:31 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 87BC
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1122792427392432315
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1122792427392432315
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d3991f9acab4-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ogDhYov6gLYP3agspK6%2BHZlOxYz2g0BvPNW%2BiGy6hTpD8T3DZ3UFd%2FTb8ItbhQ9pJs9kwrbtRw864OZOfBZtK%2BezR43nb4AVR5qokbdE2OnWvIPCWuKSYBzYTtvYj3liSEvuTeYcIv0BCw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:31 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 582.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
2a284e38-162e-416f-8c6a-a3ec24914fc3
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=1122792427392432315
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 87BC
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAI7kk7GUTwAAA3i4Rwiyw&expiration=1664815891
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAI7kk7GUTwAAA3i4Rwiyw&expiration=1664815891
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d3999830cab4-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=95UmpGQXR5RXR6ICKk2uZCX0qNZT3GEo183fZM8p9U24gmrW9esj7lfv%2B5G5Q7adFXt7zPuXsN6J49Eyi8M1LlCVm%2BGUq22Y695h0l%2BhJVNyEaecAsu4VdRq0IoioKB0iQ%2BWY5d0YwkuYg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAI7kk7GUTwAAA3i4Rwiyw&expiration=1664815891
Date
Mon, 19 Sep 2022 16:51:31 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame 87BC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2620356559099565277
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2620356559099565277
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d3995fdccab4-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fWk5HpgyqwL5XhoFZn%2Fl6APoqoMshR%2F1JyyNNB58ZCYs0ek%2BokNzxxc3ldegBB4OElmS0S4%2Bi0tPLPBsMj09E8LZbmk7ymLfSP2Gb%2BU86Th2f4vS1iRNSybJTvtu7ihQwQd2ZrFutWreeA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=2620356559099565277
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame 87BC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YyieESwGjzJsCt6sceB0bwAAALYAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF3rPIl_5tvAaCMq93cjdow&google_cver=1
43 B
841 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF3rPIl_5tvAaCMq93cjdow&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d398a847a24d-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wS8JOrDDnDV6fN2A18yEpOlrxs9hJoda16hQwpdE8f7j5J51N9ZTpJL%2F9jkUKa0OgMqbLD3oP2DlgaxUU7w%2Fgy1QOv4Lajfx1cmfTZCw%2FqgJgruyGIk7vTQam9xxaMAjqkTe7qkZ21kZag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEF3rPIl_5tvAaCMq93cjdow&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum.casalemedia.com/ Frame 87BC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1122792427392432315
43 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1122792427392432315
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d398ee5c3fd3-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzD%2FydZcplfghy5AYGidmKcxiwF8lDyPYdsU7Ds65iNsiMYc24av86W5t5EroQIRLyjzbLN9GbhFyccrrcnScdZSCgQ%2FjtMYSXDWm%2BjN3dMzWRKhX93hoUR28Hpvj6q4%2BD1PMTZc"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:31 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
d9cfc7c3-3e46-4f72-b2df-76fb983810e7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=1122792427392432315
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 87BC
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D%28OIQ_UUID%29
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7168926911353719032&uid=Q7168926911353719032&ref=%2Feucm%2Fp%2Fcc
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7168926911353719032
43 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7168926911353719032
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d39ab976cab4-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqQ5feV9593BiXOoY0s6WVbcu%2B3iIk3lrFBY2juJTKu9sVLzbo%2Bab21zLKkO9ecYMC9jvH5kw%2BfsLfXrz%2FW6EHsTsA2cBw%2B4ruqdox2%2BbMwNN3JqVMpjZcSLfYGX%2Fv8D%2BtSgSuvkInUYlg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 19 Sep 2022 16:51:31 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7168926911353719032
Cache-Control
max-age=74448
Connection
keep-alive
Content-Type
text/html
Content-Length
154
rum
dsum-sec.casalemedia.com/ Frame 87BC
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=N_9HATipRAks_RcMZfVYWmOpRl8s_EYPM_kscshJ
43 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=N_9HATipRAks_RcMZfVYWmOpRl8s_EYPM_kscshJ
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d398af22cab4-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MRL4ePKv2Opf0tJzPL4yjzx%2B2Gc7CFChz0wQYTGHP2MUucBc8dlxUiy55e5UOt6u2mzxLrDI1DcR9COWdstfmiEvhH41uGsV7cmVjpKjAx2Fb7VEi%2F22kzPCyJETN6x0QTEq0InH99ZJxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=N_9HATipRAks_RcMZfVYWmOpRl8s_EYPM_kscshJ
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 87BC 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YyieESwGjzJsCt6sceB0bwAA%26182
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d398ae127151-YUL
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
157
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 19 Sep 2022 20:51:31 GMT
pubcid.php
hbx.media.net/ Frame E606 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
server
Apache
date
Mon, 19 Sep 2022 16:51:31 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:21:31 GMT
sync
gum.criteo.com/ Frame E606 		88 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
ecfc007f78e1ca1f4a907517c0c677fb9373e0ff7eb338196b24cb6498f1e93e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:30 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1287528
strict-transport-security
max-age=31536000; preload;
expires
60
cksync.html
contextual.media.net/ Frame BC64
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3066078911455436000V10%26type%3Drkt%26refUrl%3D%26vid%3D360629127230660789114554360...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3066078911455436000V10&type=rkt&refUrl=&vid=36062912723066078911455436000V10&ovsid=969751683052615373
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3066078911455436000V10&type=rkt&refUrl=&vid=36062912723066078911455436000V10&ovsid=969751683052615373
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Mon, 19 Sep 2022 16:51:31 GMT
expires
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 19 Sep 2022 16:51:31 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3066078911455436000V10&type=rkt&refUrl=&vid=36062912723066078911455436000V10&ovsid=969751683052615373
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame E606
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455436000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=37df63fa60ab1073&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455436000V10&type=con&refUrl=&vid=36062912723066078911455436000V10&ovsid=AAAFt73pxI5HpQM8g9CIAAAAAAA&expiration=1663692691&is_secure=true
45 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455436000V10&type=con&refUrl=&vid=36062912723066078911455436000V10&ovsid=AAAFt73pxI5HpQM8g9CIAAAAAAA&expiration=1663692691&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 16:51:31 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455436000V10&type=con&refUrl=&vid=36062912723066078911455436000V10&ovsid=AAAFt73pxI5HpQM8g9CIAAAAAAA&expiration=1663692691&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame E606
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455436000V10%26type%3Dmma%26refUrl%3D%26vid%3D360629127230660789114554...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455436000V10&type=mma&refUrl=&vid=36062912723066078911455436000V10&ovsid=bb286328-9e11-4a00-80eb-6728c1b98f08
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455436000V10&type=mma&refUrl=&vid=36062912723066078911455436000V10&ovsid=bb286328-9e11-4a00-80eb-6728c1b98f08
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 16:51:31 GMT

Redirect headers

Date
Mon, 19 Sep 2022 16:51:31 GMT
Server
MT3 4505 5b23575 master ord-pixel-x48 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455436000V10&type=mma&refUrl=&vid=36062912723066078911455436000V10&ovsid=bb286328-9e11-4a00-80eb-6728c1b98f08
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 16:51:30 GMT
cksync
cs.media.net/ Frame E606
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA2NjA3ODkxMTQ1NTQzNjAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESELeT_-vcVQExKls12TauVek&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESELeT_-vcVQExKls12TauVek&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 16:51:31 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESELeT_-vcVQExKls12TauVek&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame E606
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455436000V10%26type%3Ddxu%26refUrl%3D%26vid%3D36062912723066078911455...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455436000V10%26type%3Ddxu%26refUrl%3D%26vid%3D36062912723066078...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455436000V10&type=dxu&refUrl=&vid=36062912723066078911455436000V10&ovsid=2o5M5bDn1OAjZx5
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455436000V10&type=dxu&refUrl=&vid=36062912723066078911455436000V10&ovsid=2o5M5bDn1OAjZx5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 16:51:31 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:30 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-00800fd222fac43b7@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455436000V10&type=dxu&refUrl=&vid=36062912723066078911455436000V10&ovsid=2o5M5bDn1OAjZx5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame E606 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
130955
content-type
image/gif
expires
Mon, 19 Sep 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame E606
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=66881412-59c1-46bf-a183-3dcf075275a0&ssp=medianet&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10597532877091957749&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=938f0985-f7db-410e-b217-c1c96e40dc47&ssp=medianet&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10597532877091957749&ssp=medianet&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=214710604279353554177&ssp=medianet&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10597532877091957749&ssp=medianet&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=66881412-59c1-46bf-a183-3dcf075275a0&gdpr=0&gdpr_consent=&gdpr_pd=
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=66881412-59c1-46bf-a183-3dcf075275a0&gdpr=0&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 16:51:31 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=66881412-59c1-46bf-a183-3dcf075275a0&gdpr=0&gdpr_consent=&gdpr_pd=
Date
Mon, 19 Sep 2022 16:51:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame E606
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455436000V10%26type%3Dzem%26refUrl%3D%26vid%3D36062912723066078911455436...
  • https://stags.bluekai.com/site/23178?id=H6HHuLapgJgfqtClbFj6&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKIGZEEQ5KMMFYGOSTHMZYXIQ3MMJDGU...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=H6HHuLapgJgfqtClbFj6&refUrl=&type=zem&vid=36062912723066078911455436000V10&vsid=3066078911455436000V10
45 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=H6HHuLapgJgfqtClbFj6&refUrl=&type=zem&vid=36062912723066078911455436000V10&vsid=3066078911455436000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 16:51:31 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:31 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=H6HHuLapgJgfqtClbFj6&refUrl=&type=zem&vid=36062912723066078911455436000V10&vsid=3066078911455436000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
dmp.adblade.com/srv/sync/gateway/ Frame E606 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:31 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame E606
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3066078911455436000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3066078911455436000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=788018e2-8fbf-4829-8731-4792b1d409ce&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=788018e2-8fbf-4829-8731-4792b1d409ce&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 16:51:31 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=788018e2-8fbf-4829-8731-4792b1d409ce&cs=1
date
Mon, 19 Sep 2022 16:51:31 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
710489.gif
id.rlcdn.com/ Frame E606 		42 B
325 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame E606
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0865b44e-ac90-4c50-9150-a860aeafacdf
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0865b44e-ac90-4c50-9150-a860aeafacdf
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 16:51:31 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0865b44e-ac90-4c50-9150-a860aeafacdf
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
sync
ups.analytics.yahoo.com/ups/58222/ Frame E606
Redirect Chain
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066078911455499000V10
0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066078911455499000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:31 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066078911455499000V10
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=0, no-cache, no-store
expires
Mon, 19 Sep 2022 16:51:31 GMT
date
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
log
c21lg-d.media.net/ Frame E606 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=7xwP-mdRQWfbvNuVtWvHgR2DjvUuUQVj&cs=15&vsid=3066078911455436000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.112.12.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-12-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:31 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 19 Sep 2022 16:51:31 GMT
crum
dsum-sec.casalemedia.com/ Frame A0DC
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bb286328-9e11-4a00-80eb-6728c1b98f08
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bb286328-9e11-4a00-80eb-6728c1b98f08
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d3994fcacab4-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eE9SUXerKRnVGVRQgRxLVpqP7FJdrEFhIEmIewLgqV5I1oif2C495OtIXtzXRr3UxxPo0jiAH51Db5Pr36bNxgHTot%2FcLkOzRmWLSNzQquMLGYxR8q%2Bz6ivkQzz2IYhknCLPbkQVSbPTAg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 19 Sep 2022 16:51:31 GMT
Server
MT3 4505 5b23575 master ord-pixel-x27 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=bb286328-9e11-4a00-80eb-6728c1b98f08
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 16:51:30 GMT
rum
dsum-sec.casalemedia.com/ Frame A0DC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YyieEAAAAEXCvwNw
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YyieEAAAAEXCvwNw
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d3991f95cab4-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xHbufXoyWdiMGHIjHwyb9DF%2BMZv48RaD9wQoIEHYQr0xTM7ZfUDPXlJCgQWAppEEoNHD3QEPxXSbPMKFVOZO1G4rVoOzPV8rtecXEmnSQGHx1J1SNHFOqjCjWCT033c0QAr55RmjkvZ9eQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663606291.334044,VS0,VE0
x-served-by
cache-yul12826-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YyieEAAAAEXCvwNw
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum.casalemedia.com/ Frame A0DC
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=7d0c186ea38c1073&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF2BJQn8YaewMuwcC9AAAAAAA&expiration=1663692691&is_secure=true
43 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF2BJQn8YaewMuwcC9AAAAAAA&expiration=1663692691&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d39a3c8ff981-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1jmO%2FE8XAqlvdmPZ8e9MTVy7gRJt1deNA5JN9eonxrhv3oVg7jZUJ8Em1qmtqMLzqbT1A%2FE2TCv02ss%2FKTgk1e0MRcxqUxuADESW16YKRN7jkWWCn6wHmWG7ZBj%2F7DJgiJqTiUY"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAF2BJQn8YaewMuwcC9AAAAAAA&expiration=1663692691&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rum
r.casalemedia.com/ Frame A0DC
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=48
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=fa0859e3-f2e5-42f6-b4da-0fe20f41681b-63289e13-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=fa0859e3-f2e5-42f6-b4da-0fe20f41681b-63289e13-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=fa0859e3-f2e5-42f6-b4da-0fe20f41681b-63289e13-4341&partner_url=https%3A%2F%2Fr.casalemedia.com%2Frum%3Fcm_dsp_id%3D64%26exte...
  • https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=fa0859e3-f2e5-42f6-b4da-0fe20f41681b-63289e13-4341&gdpr=0&gdpr_consent=
43 B
867 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=fa0859e3-f2e5-42f6-b4da-0fe20f41681b-63289e13-4341&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d39b5ed1a250-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fP7IGJ%2B721Lzw1COXvwCcds9I2KSX2FRSYdbKT1%2BPinEQX1FWfIzZZE%2F4UVchcYLjcDMsrbYJuoxUEgz4yNjPlyaerGUsnS9nWFTae1ciQgTnmFXkKUh7kqLZQwcmD%2BbyjQt"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://r.casalemedia.com/rum?cm_dsp_id=64&external_user_id=fa0859e3-f2e5-42f6-b4da-0fe20f41681b-63289e13-4341&gdpr=0&gdpr_consent=
date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
YyieESwGjzJsCt6sceB0bwAAALYAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A0DC 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YyieESwGjzJsCt6sceB0bwAAALYAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:de18:75cd:f3b9:7bd3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:31 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame A0DC
Redirect Chain
  • https://s.company-target.com/s/ix?cm_dsp_id=18&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1679244691&external_user_id=5fee9ac0-f3ba-4a9a-9f55-e58d11b469bf
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1679244691&external_user_id=5fee9ac0-f3ba-4a9a-9f55-e58d11b469bf
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d399b851cab4-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4S3gAb%2FIbLNFubCm4faycuVp3ObBFPiyVwAW%2BXHjXqsiqfvxuC2kaJ2VpSQ5WA%2BYKvzjKiR6kKB1fM7dKZetWcshCJgLrvkMfh69tpLNg3b8b8pTZyY38WBBsGIPc7hQpe3HwKE7j6elw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 google
access-control-allow-origin
*.casalemedia.com
access-control-allow-methods
GET,OPTIONS
content-type
text/html; charset=utf-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=18&expiration=1679244691&external_user_id=5fee9ac0-f3ba-4a9a-9f55-e58d11b469bf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
157
rum
dsum-sec.casalemedia.com/ Frame A0DC
Redirect Chain
  • https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=&gdpr_consent=&id=YyieESwGjzJsCt6sceB0bwAA%26182
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=83367556-08b6-4889-8b31-6b69992765c1-tucta222393
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=83367556-08b6-4889-8b31-6b69992765c1-tucta222393
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d3997ffdcab4-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXK%2Boyi8kc%2FG9EAfOQTaqr4ftKbODfBclaRslsywxofD54KuCJ1iHvnv3TRvS73ZFd1yjS9kDtJXokFa%2BBYIxm3rfPedXnh85nBqBLpgwKWAOwN8R0eIiQjmBfPusA5K%2FJC%2FKZ0ENcKeRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=26&external_user_id=83367556-08b6-4889-8b31-6b69992765c1-tucta222393
date
Mon, 19 Sep 2022 16:51:31 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
17532
crum
dsum-sec.casalemedia.com/ Frame A0DC
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D%28OIQ_UUID%29
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7168926911227477863&uid=Q7168926911227477863&ref=%2Feucm%2Fp%2Fcc
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7168926911227477863
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7168926911227477863
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d39ab975cab4-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZUKbtQgjONNSOQYp1dAfyNGZbdcZQ6%2BJkOklMPwL0mqZcGSbwZlUbZr%2BDQCXv9iHPd9aHAet6fYebuIcCFNQHFbN%2FxqGuVyHkfovWoKAfJjKcwiyoLoFipzU%2B8nddYtBIbm3JghWf%2B8MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Mon, 19 Sep 2022 16:51:31 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7168926911227477863
Cache-Control
max-age=74448
Connection
keep-alive
Content-Type
text/html
Content-Length
154
htw-pixel.gif
cdn.indexww.com/ht/ Frame A0DC 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YyieESwGjzJsCt6sceB0bwAA%26182
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d4c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d3990ebb7151-YUL
date
Mon, 19 Sep 2022 16:51:31 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
157
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Mon, 19 Sep 2022 20:51:31 GMT
adsct
analytics.twitter.com/i/ Frame C006 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=22725597434185837671267853816245447519&p_id=38594
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-response-time
6
date
Mon, 19 Sep 2022 16:51:30 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
9c79eda084f99680f8d73804160a72961fe20cc5605fdf6e94ce3be228976167
content-length
43
pubcid.php
hbx.media.net/ Frame 4BDA 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
content-encoding
gzip
server
Apache
date
Mon, 19 Sep 2022 16:51:31 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 17:21:31 GMT
cksync.html
contextual.media.net/ Frame 0289
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3066078911455499000V10%26type%3Drkt%26refUrl%3D%26vid%3D360629137730660789114554990...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3066078911455499000V10&type=rkt&refUrl=&vid=36062913773066078911455499000V10&ovsid=2810035081676627127
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3066078911455499000V10&type=rkt&refUrl=&vid=36062913773066078911455499000V10&ovsid=2810035081676627127
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Mon, 19 Sep 2022 16:51:31 GMT
expires
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Mon, 19 Sep 2022 16:51:31 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3066078911455499000V10&type=rkt&refUrl=&vid=36062913773066078911455499000V10&ovsid=2810035081676627127
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
usersync.aspx
dis.criteo.com/dis/ Frame 4BDA 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
185707
content-type
image/gif
expires
Mon, 19 Sep 2022 00:00:00 GMT
sync
x.bidswitch.net/ Frame 4BDA 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.211.178.172 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
dmp.adblade.com/srv/sync/gateway/ Frame 4BDA 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:31 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
710489.gif
id.rlcdn.com/ Frame 4BDA 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 4BDA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0865b44e-ac90-4c50-9150-a860aeafacdf
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0865b44e-ac90-4c50-9150-a860aeafacdf
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 16:51:31 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=0865b44e-ac90-4c50-9150-a860aeafacdf
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
sync
ups.analytics.yahoo.com/ups/58222/ Frame 4BDA
Redirect Chain
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066078911455499000V10
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066078911455499000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
3.218.90.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-218-90-66.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:31 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=3066078911455499000V10
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=0, no-cache, no-store
expires
Mon, 19 Sep 2022 16:51:31 GMT
date
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cksync.php
contextual.media.net/ Frame 4BDA
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455499000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=4c048a03f411086&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D30...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455499000V10&type=con&refUrl=&vid=36062913773066078911455499000V10&ovsid=AAAF3tJa18e4OgNdURycAAAAAAA&expiration=1663692691&is_secure=true
45 B
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455499000V10&type=con&refUrl=&vid=36062913773066078911455499000V10&ovsid=AAAF3tJa18e4OgNdURycAAAAAAA&expiration=1663692691&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 16:51:31 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455499000V10&type=con&refUrl=&vid=36062913773066078911455499000V10&ovsid=AAAF3tJa18e4OgNdURycAAAAAAA&expiration=1663692691&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame 4BDA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455499000V10%26type%3Dmma%26refUrl%3D%26vid%3D360629137730660789114554...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455499000V10&type=mma&refUrl=&vid=36062913773066078911455499000V10&ovsid=bb286328-9e11-4a00-80eb-6728c1b98f08
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455499000V10&type=mma&refUrl=&vid=36062913773066078911455499000V10&ovsid=bb286328-9e11-4a00-80eb-6728c1b98f08
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 16:51:31 GMT

Redirect headers

Date
Mon, 19 Sep 2022 16:51:31 GMT
Server
MT3 4505 5b23575 master ord-pixel-x2 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455499000V10&type=mma&refUrl=&vid=36062913773066078911455499000V10&ovsid=bb286328-9e11-4a00-80eb-6728c1b98f08
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 19 Sep 2022 16:51:30 GMT
cksync
cs.media.net/ Frame 4BDA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA2NjA3ODkxMTQ1NTQ5OTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESELeT_-vcVQExKls12TauVek&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESELeT_-vcVQExKls12TauVek&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.221.200.79 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-221-200-79.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 16:51:31 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESELeT_-vcVQExKls12TauVek&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 4BDA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455499000V10%26type%3Ddxu%26refUrl%3D%26vid%3D36062913773066078911455...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455499000V10&type=dxu&refUrl=&vid=36062913773066078911455499000V10&ovsid=2o5M5bDn1OAjZx5
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455499000V10&type=dxu&refUrl=&vid=36062913773066078911455499000V10&ovsid=2o5M5bDn1OAjZx5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 16:51:31 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:30 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-00800fd222fac43b7@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3066078911455499000V10&type=dxu&refUrl=&vid=36062913773066078911455499000V10&ovsid=2o5M5bDn1OAjZx5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 4BDA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3066078911455499000V10%26type%3Dzem%26refUrl%3D%26vid%3D36062913773066078911455499...
  • https://stags.bluekai.com/site/23178?id=7fZh_lu2uftkXTZw_Gp5&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJXMZNGQX3MOUZHKZTUNNMFIWTXL5DXA...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=7fZh_lu2uftkXTZw_Gp5&refUrl=&type=zem&vid=36062913773066078911455499000V10&vsid=3066078911455499000V10
45 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=7fZh_lu2uftkXTZw_Gp5&refUrl=&type=zem&vid=36062913773066078911455499000V10&vsid=3066078911455499000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 16:51:31 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:31 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=7fZh_lu2uftkXTZw_Gp5&refUrl=&type=zem&vid=36062913773066078911455499000V10&vsid=3066078911455499000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 4BDA
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3066078911455499000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3066078911455499000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=788018e2-8fbf-4829-8731-4792b1d409ce&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=788018e2-8fbf-4829-8731-4792b1d409ce&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
H2
Server
23.49.100.28 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-49-100-28.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Mon, 19 Sep 2022 16:51:31 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Mon, 19 Sep 2022 16:51:31 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=788018e2-8fbf-4829-8731-4792b1d409ce&cs=1
date
Mon, 19 Sep 2022 16:51:31 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
2825
dfp.bouncex.net/pub/ 		6 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp.bouncex.net/pub/2825?li=6063859676|6114177034|5276770044
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/bounce/jquery-3.5.1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
4bf3e06663b619a5123a29c9ca7f089f992a123a0faed40c915cee93904772ea

Request headers

Accept
*/*
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 google
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.wired.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6
action_links.json
fr-actions.trackonomics.net/prod/www.wired.com/story/uber-hack-mfa-phishing/ 		243 B
588 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fr-actions.trackonomics.net/prod/www.wired.com/story/uber-hack-mfa-phishing/action_links.json
Requested by
Host: cdn-magiclinks.trackonomics.net
URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/condenast_eujdmc753_wired.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.214.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-214-55.phl50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21dd61fde35f6ad48d4b27d8e949c0a6699562c8c86326ee5b3839e32fce8e82

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 9a4c760031a0dcc526cc9dcd0d0940ea.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
PHL50-C1
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
Error from cloudfront
content-type
application/xml
access-control-allow-origin
*
access-control-allow-methods
GET
x-amz-cf-id
K0cL7JR9ty9QcRkY9EZh1BlQZNCpOy2pGFKYpqdkj4f3Qt96Mu9QSQ==
i.png
trx-hub.com/i/m/ 		128 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0iiLS3A48kAV2gA2AZ2Y9IMWGAAOU6jgyiKUsHmqwYYAMbUiAbVBDE-bURAALKFKGEA9DZQOAdCizRqGR5sSUbQiMgBPG14AI2poAFozLQBrCMp4MAipMywhVPwbAH4zISFYTWicHGoBAF4IFAiARgA2AA4AVlrqgE4AJgAGABYQCjd4cLdoUz7wKDgkVHRsfFESAF0KTV4-b1gaOkUQTQEsOQh1dh1CEC729ojO1prWgBU6wkbqwgBmasduxvqALTHlVRHCACE4gO5magAAgAqmFoJCABKxQCYBEJIQARagANzAfkgWEQOEhAEk0QApVYQSEAZTo0DY+Eh-khACVsdQwAISRAhKV4JCAD6QgDqxJZAFF0WMsFgFKcZRg6rVXrVOrV2q1ql96ngGGN2ThDhAArJTOwpG48gScGMVmsaHBZaYvPI5LjDtReAArDCUTQAdkar1gLjcCmWsqk1WdhIwbr8sE9Pr9gdetsj7VMofcIBIQA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.214.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-214-129.ewr50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 05:25:06 GMT
via
1.1 759533d02225fb7e951ea4dc2b01fd48.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:40:25 GMT
server
AmazonS3
age
41186
etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR50-C1
accept-ranges
bytes
content-length
128
x-amz-cf-id
b8c011J6Mje0n_r0rwDcsiXC4qZ2jNzhsVoWrYEblyU0H-picDx7qQ==
event
condenast.demdex.net/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://condenast.demdex.net/event?d_dil_ver=9.4&_ts=1663606291461
Requested by
Host: www.wired.com
URL: https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.40.109.212 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-40-109-212.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e004a38bad5960733695b7e259f982ed376fef48c4d15d85f1581ef322ad5d5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-2-v038-075e25e9f.edge-usw2.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
NALkIjsRTK4=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.wired.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
2293
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ibs:dpid=1175&gdpr=0&dpuuid=bikQZmF_E251K0BrPCMPPTp_ETh1KhFoai8Hm6_P
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=bikQZmF_E251K0BrPCMPPTp_ETh1KhFoai8Hm6_P
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=bikQZmF_E251K0BrPCMPPTp_ETh1KhFoai8Hm6_P
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0bfe8d411.edge-usw2.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
FVcKOrZFS4c=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=bikQZmF_E251K0BrPCMPPTp_ETh1KhFoai8Hm6_P
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EAB9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMq8EqBElmq-4r3SkBbs-eerk0nNhSlzsBqpaUuYzIAgjAQG49CjPieHniwK9BSxGao1xVKO8XO_GQGzV2Y1JOzdkO5O2cxvyU9vx8WWB_Hw1JokuM&sig=Cg0ArKJSzCqXnachHSJwEAE&id=lidar2&mcvt=1037&p=-176,436,-86,1164&mtos=940,1008,1037,1086,1107&tos=940,68,29,49,21&v=20220914&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=2032318971&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663606288880&rpt=637&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A31.484Z&_t=impressionViewable&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&_o=wired&_c=ad_metrics&xID=0a128167-d05b-4a5a-ae1f-67013865e3d9&dim1=%7B%22channel%22%3A%22security%22%2C%22platform%22%3A%22verso%22%2C%22template%22%3A%22mt_article_two_column%22%2C%22viewport%22%3A%22desktop%22%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22hero%22%2C%22size%22%3A%22728x90%22%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:31 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
generate_204
tpc.googlesyndication.com/ Frame 896D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?lNJuvw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:809::2001 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:31 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
log
c21lg-d.media.net/ Frame E606 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=789b2a2c-6819-466d-a7c2-b206eb1dda45&cs=15&vsid=3066078911455499000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.112.12.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-12-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:31 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 19 Sep 2022 16:51:31 GMT
log
c21lg-d.media.net/ Frame 4BDA 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=789b2a2c-6819-466d-a7c2-b206eb1dda45&cs=15&vsid=3066078911455499000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C294%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.112.12.25 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-112-12-25.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:31 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 19 Sep 2022 16:51:31 GMT
px
p.adsymptotic.com/d/ Frame C006 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px?_pid=11693&_psign=bf265992ae7fbdc1ab4b39651c157974&_puuid=22725597434185837671267853816245447519&_rand=1758248464&_pp=adobeXtest&_redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=1524%26dpuuid=${UUID}
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.99.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
ibs:dpid=22069&dpuuid=2027900517539
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233
  • https://tag.yieldoptimizer.com/ps/ps?tc=980593675&t=i&p=2233
  • https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2027900517539
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2027900517539
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-0001ce39a.edge-usw2.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/qeitGnnTxM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2027900517539
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ibs:dpid=575&dpuuid=-2555933347110631904
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=22725597434185837671267853816245447519
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=-2555933347110631904
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-2555933347110631904
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-014e42259.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
oiX88K7ATRQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:31 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp7.us1
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-2555933347110631904
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
clear
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
ibs:dpid=53196&dpuuid=Q7168926911227477863
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID)
  • https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7168926911227477863
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7168926911227477863
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-03ab37fc2.edge-usw2.demdex.com 5 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
S/O+gCFRRbU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Mon, 19 Sep 2022 16:51:31 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7168926911227477863
Cache-Control
max-age=75104
Connection
keep-alive
Content-Type
text/html
Content-Length
154
ibs:dpid=73426&dpuuid=22725597434185837671267853816245447519
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=22725597434185837671267853816245447519&rn=1663606288192&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D227255974341858...
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=22725597434185837671267853816245447519
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=22725597434185837671267853816245447519
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0cc3a740e.edge-usw2.demdex.com 12 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7CEX1bApSC4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=22725597434185837671267853816245447519
date
Mon, 19 Sep 2022 16:51:32 GMT
via
1.1 613a9db04d23967014b7c42269dc1c12.cloudfront.net (CloudFront)
x-amz-cf-pop
PHL50-C1
content-length
0
x-amz-cf-id
v2KJR1B207TMwnY4HTFjecJWhmmxwWRI7RQgCB9hrRb35_a5uKkjPg==
x-cache
Miss from cloudfront
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022091301&jk=1512123897959010&bg=!JiWlJWHNAAZqQh0mSkI7ACkAdvg8WoWxTRySYsKTs-SWABrL-N-utiw2opWwapRUb0m1TqlESaKmhgIAAAD3UgAAAAJoAQcKAKPba2SfVariR4lwTFXrAtZ8sEExsvhkm6ibT7hL1wbJp0NJ98j86fu7TkTFKYiGVMsMAxWAs0QL96L7jPyYShMK55GPXXZpK2wIzgfXA_HvIxmO0UqcyT1TOAavI375KmHSQ1lbAbOjEAjmMkFuGO3oPrfUFeQev69JV4S-jNQpo5q5gt11MsRyLXpcGmrfzJMR4VcvuSmKHDXDS2zEcURPdZDmmQKlD3reOZ-ntdaRTSeMe_FOOqiCa4QG9XAdFKhiUhgVP71y3ZY-DOMEzpncr3T9429PRT88YSkfJg8XdwAETx_rbEUm_gBmjpUDnu0nWPiCCyAsyl8kc7DhnZOGo3PplJuBiZh9aglj4ehvdRzo2Ry9ghdx1Ykol8GLW8JjdVP5d9EZnHeMcIPwZG03x0vl2l0B9gw27qJdkQ9g9qYsyRCxcI_XyOBRgFOb4TdZ4xaDHMFPvwAFqyblEG7hfp6EZqi07g1Qvcth0RYVeWenUvnbcWGmdD2DM6_XDf0_48bpplkTkLw-Ch6XDsFR6ZdX5ahkCW98ARNHcbufLNyRB19xFIny20u_D-RwokJAhiUeQg31QVZrbTd90WD6Vsd0HeKSd6NYJxARx5RMtijdG_NeLDVqmhMe2EkjobfSZfYGqwArvPkUGdSOvclpRpNbdmEVAKYscYvMfjUHr5L8CfwfequPqOGHQguLdCKh8hAadYUo7FDGd-WsyYQ9JcFYjgnCdLEiQubXHnvdQZqA7nW05b6e40UNVJrSDBqwDH5M1Frnjq1HB-2BLoam3GVbK7lUHcECvC6yuS9jfcky6uaF-uQln8DiW9FAXMiEzYyBJ68lToMD6kmzI335Mf02N_iAEl53snMO3oUi3FFxH5m-E03z0uLBeKohTAIURLt_ThQGFtf8rpzhK8QscfHnS9w0IMDptcBN-L68z8R1MZkRUAXchPQlSxlALESW-YUQn6Uo43YGfSA5UtOJUbLB9E2LaQmCrv9sSg-UHA4gk7TT4oYPkDF_yk3woNZ5yrHjQw0iqx7XSROgFKhzWPHI_KcBC_hWkt5XRRF1NEsQXgBdCQz6Ylzn66Ij7Y4i_N0RRvPkAwD0U-VOsfVLg2sAd3U5ilA0Qhg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2002 Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers
sn.ashx
dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_F6767223_7FD9C7DD&redir=https://abp.mxptint.net/ Frame C006
Redirect Chain
  • https://abp.mxptint.net/sn.ashx
  • https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_F6767223_7FD9C7DD&redir=https://abp.mxptint.net/sn.ashx?ak=1
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_F6767223_7FD9C7DD&redir=https://abp.mxptint.net/sn.ashx?ak=1
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v038-0ffbc0a8e.edge-usw2.demdex.com 3 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
+9RVxMh8RZk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1B341_F6767223_7FD9C7DD&redir=https://abp.mxptint.net/sn.ashx?ak=1
Date
Mon, 19 Sep 2022 16:51:31 GMT
Cache-Control
private
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
237
Strict-Transport-Security
max-age=-346593092; includeSubDomains
Content-Type
text/html; charset=utf-8
ibs:dpid=79908&dpuuid=c:29289150156ddd0f20cad19a6bd3acfc
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=124&cm=22725597434185837671267853816245447519&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:29289150156ddd0f20cad19a6bd3acfc
42 B
956 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:29289150156ddd0f20cad19a6bd3acfc
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-0ae6c12e7.edge-usw2.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
300
X-TID
NAf7Cc5QSS0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Mon, 19 Sep 2022 16:51:32 GMT
server
Aorta/20220915.002ce0217
location
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:29289150156ddd0f20cad19a6bd3acfc
expect
0
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
access-control-allow-origin
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-aorta-region
us-east-1
x-aorta-host
26f97b443060
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
content-length
0
usermatch.gif
beacon.krxd.net/ Frame C006
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=22725597434185837671267853816245447519
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=22725597434185837671267853816245447519
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=22725597434185837671267853816245447519
Protocol
H2
Server
72.44.48.48 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-72-44-48-48.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:32 GMT
cache-control
private, no-cache, no-store
x-request-time
D=24 t=1663606292
x-served-by
beacon-n039-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=22725597434185837671267853816245447519
date
Mon, 19 Sep 2022 16:51:32 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a005-ash-prod.krxd.net
ibs:dpid=121998&dpuuid=d8e39c0c78840b30837b9ac0b6697373
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=22725597434185837671267853816245447519?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=d8e39c0c78840b30837b9ac0b6697373
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=d8e39c0c78840b30837b9ac0b6697373
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-0c86f68fa.edge-usw2.demdex.com 6 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
nzq7xPf+Tns=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:32 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=d8e39c0c78840b30837b9ac0b6697373
cache-control
no-cache
x-server
10.40.9.229
content-length
0
expires
0
reloadCampaigns.js
api.bounceexchange.com/bounce/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=1887&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDZCBmQgBkICYBOKgFnPM2AC8QpmB3AUwCMcqYDwD6qACZQqADioBWTACceOEABs4aDAQrkAHvipMlPGD0XLFUbAEM1a1AgDmIuIrVQAFsGAAHHACkJACCAVQAYmHhXDEAdFyoyuKxSCAAtlE4oIoAnlFwfOYAtJ42SADWRWkwNkW+nqg4Dc5RQeGeODgiSKUICDxqQQAiwFxFRNJyhPh05PSYAG6NQt0gIOWoPFABAOwAQmFUar6HQaFUVN5+gfIhYXIR9xExXPGJPMmpGfIRWSC5T3CBWKpQqVRqdQaTUcTkB9xI7U63V6-UGtxGYwmUxmRnopyoAGFDopTncLviiRdGiInCARDgVIIMKTgjU1AywpSqNSnL56Yz0AgWWyOTshtg1hstrsDhcFiyZYccAU0kJhOIRBhBMJhXYOYTDjwFuYRGoQE4nB8xELySERTxOUqVWqrTw0jZUGoRHwyuUejY+gNdeyHQaLsq+KqfK73Z6aTZxJbgGobAJg-quRGo+qRG6PV6nDY0ip06HM87oxq83HgIoAzhfP9gKXHeGKznq17hD1HKMQC2w1Qsy6q7GvTgkJtkKGqGd7a2h+2Y-mROIeHqB+XIyPc2PV-m8rbWXqy4ckEhfDZunZUAqLrW4DOF8oXIXhPSl+JN8SeK+bO+3DRWcySoedyUHYdK13FdG3EJAbCyG5gOPENdiGBcYAWZsjyIUgKGoGhyAXJYvxw4gyEoWhyDkQwSB2WdBxsfsjyIwdjjvS4fH8eFzgeSIfmiOIEiSFJ0kBP4AQE4FFBKX1wVqepGmaWEBPhREun9QM0TkEgMXGQhJmmWY8XArkEJZViuQWXx5RwhdSOQw4HOfDiKTPLCWVwiiCMspUJE8hcnCQEkjwYrlvmQ3yLnEfyj0OIxpBIfAdnoGRDHoOQdnwEh6AMtyLjUDyyLwyjCLQxYbEUHAAG1L0tERgByXweAAXSgSq0CQNQeAqqrqoTEQlkEPhura+1epqjrUC60QECLVqoAAFU8UNyAAVUKELyAACV9AI4CMGYbnIIYjQQ4B-0FMJyAASWOgApOAsmugBlC7FDQFojFAa6ACUjXXNFbuABk1BgCb+o+6buuvYRaVyNqXp4JA3CEHIIdKMHLxyLg7C9IbUBGhbxoWSqar4EAfHSH1FEG5YibGk8Iex3H7EZkMIfgewWbxunhtG2AmdJvqGyvAGEGAXcXUUdmGQhyCcy1IRiaFsnqrNC0rUcWWeuFmqAdpjXLQ1bXBY5vXqvEGA+UUEaQAqNq8ZALh5c-aC4x9CpNNRHXXe3KDO3jRMeGTVMcF9i2FeXONC2LcOzblyO3cD2t60bD6I7VqPRxXbtmj7TOReTvcJynJAVfNrPi5XNc9ULmrs-dr1xAPevasUVBSeEO2Kj5wmBZJtWLpcAY3R4CW298DvSaQHIREbXw4D5AmGYT3W1aQBAm4-ARgsJ8w283+llZ3icO82w+LyveCHDah91760BfBpvvV8Hvr-jXWmYH+NI25feM75s5t3EDkOaqokANRsCPbqxYJ5QBegAUQJGtX6N1FoAE1roADlEEAHUXoQxfI0VOWgt6szUP-X8gDRCASoX+IBS8p4CgwG3RugdYLwUQm3UoigNQAIofPZQDJ4HjVSOsTYDU1imkqpaNemA+C+E4JgEOSjqotUwL4EG1gvi+AcAGcuIgYApicNYK2vh1FQHwiQSYNBCA7EIJgcxljpj4HoMlHY5AcpOOtpYh4DidieLmPMBYpRlE2QkAQJQahGrNSgHVUQsSeAABopozREOAlJaSYbwThv8HIyTzEiFtmaCohSwFFmmlAmBY8JaFOtsUnu5RomZKgMLVAqZupAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_89ceea329a99e3935afd4105c6694d4b.br.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
9474479f7c728926331ecd6a8c48627e217675a5bf91d544eeff17077ab8bbb3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:32 GMT
content-encoding
gzip
last-modified
Mon, 19 Sep 2022 16:51:32 GMT
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
29
content-type
text/javascript;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
expires
0
reloadcampaigns
events.bouncex.net/track.gif/ 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmH1DCAD6JAJ7IQvHqwDMAQSnUSaOIym8AwophCKaHGgaS+shXwBmUMDmPSeWvkpWMhWJLdNSAKgAtjABgBVOhBgXn8ACSg4AGtWAFFpAA5-VgBONJxwgBEQKlIoZQgscIBJLJ5-ACliEnCAZRInLAxwsnCAJTyQKzKSGzBzdXtFYGVVYQQSEAwIYFF1eSl6kCIaMWGHHh8rc1RRAHcrMF19QzUTJYsrG02pOggSMkQ6alODI0WzHktrDxG+PsjmAwF8pL9biYAT9CCCgcd3ucPFcfjd-lscKghN0sCRsYg0E9QmDrn87nwcIQ6ASiTpigZpiTUWSoVtIBhBDo0CVLt8IeipN1gEJ2ZyhNymfzyTwYHshMAGBBYkzjhADtLKdTCdMdCBEOgTq9YnAdlgsOBJWiNVSaTr8QahBhYIISGB6BVpCipaypJrbSBdfq0CcnYgmJaWXYMTbtQH7cGRMAoLhkHM6rzwVafRSY7T4ydpibuSQDhAI5Co77c3a9Q6cHA0CAsHBkXys5Wc1q87WEzAetZywLO-7Aw6YAaFhnSRXNFJkDQqNNFbFEZ8p8yZ9CmhhsYww7jB9L52gqHBREJU8hCMhVxdPW3I7O+HAsPmhJr6zQQmF196OzwX3fQlhA-OAv2JX92yfAC4CxBAwDQJkSGAQghx4MhkFeYU9A+O9PGnNC5j7YVzDmRBD2zHhQB3J1pnfasAwo-8YFENwCTgEQoB3cA9SbdN72WeINECDpSi8ABNcIADl4gAdXqaVqP0ZDCjQYohGBUFIMfaFqMdQphEIYAtIEgjFJmfS6MpZB5yYAxiiY6C-VjUcE1TeAoFID18I3NCdmAHQ9M0i9QBsA9tJndhsgAMlASBYAQFB0GwfA2JAZgqBoehGFi8BoA8pLMFwPAxAkZgBGEUrjA0JwJlcdxNFqlwphmOZJw0WUbwVSBlXsFi2JUTjuL3PjNE6+VlxiaLEAgPtmH8aKDhAOgGRANAYGYHgkh4ABWaKcMJdbmAARgANlOmRTv8U6eDSfwduOngZHYHhor7PQWyOyokhkY72AAFi2x7-p29hjpkf7TqSaKKr0EADiO47opsABHVDmzWjbXtURtcWUMMChQE7zsu67bp4f7-CRnG+KgZAT1CeysGYbcZDevIVHSmBkYgIyW2YJa6Giri+OYYhQiAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:32 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
u
dmp.v.fwmrm.net/ad/ Frame C006 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f606:ee73:d59a:4018:6dc2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:32 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
pixel
cm.g.doubleclick.net/ Frame C006
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXlpZUVBQUFBRVhDdndOdw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXlpZUVBQUFBRVhDdndOdw==
Protocol
H3
Server
142.250.80.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s34-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:32 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663606293.598125,VS0,VE0
x-served-by
cache-yul12826-YUL
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXlpZUVBQUFBRVhDdndOdw==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame C006
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YyieEAAAAEXCvwNw&expires=90
42 B
702 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YyieEAAAAEXCvwNw&expires=90
Protocol
HTTP/1.1
Server
8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
b3266a43228eaeab48f59934ee9159da
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:32 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663606293.726515,VS0,VE0
x-served-by
cache-yul12826-YUL
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YyieEAAAAEXCvwNw&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
background-img%403x.jpg
media.wired.com/photos/5dc1c39d774e490008209a29/master/pass/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/5dc1c39d774e490008209a29/master/pass/background-img%403x.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7475b0e4ec6aaefe03e26dee8683fe8dbb06a19d4443265e59aae73cb9f1e261

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:32 GMT
Connection
keep-alive
Age
1756169
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=55588 idim=900x750 ifmt=jpeg ofsz=7716 odim=900x750 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-iad-kiad7000048-IAD, cache-yul12825-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663606293.810471,VS0,VE1
Etag
"Cd5P3SxK/J//Un88wJ+y+MDEBQLE3V7dZEG6ZrcJl7M"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
7716
timing-allow-origin
*
X-Cache-Hits
4, 1851
LabGrotesque-Black.woff2
www.wired.com/verso/static/assets/fonts/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/LabGrotesque-Black.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c41dc37fea212372d1f53109304ebae695e644f9ce083dcab08d5978c8c3020f
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:32 GMT
via
1.1 varnish
age
2972698
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/LabGrotesque-Black.woff2
last-modified
Tue, 16 Aug 2022 07:03:59 GMT
verso
true
content-length
47924
x-amz-id-2
Ef9O5Lr7bZe66ylFD2lvoz93UsJDPPONPooNG5itxvpmrderWi/SY1FH0GC58DXoXQDaku+d1t0=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606293.811640,VS0,VE1
apple-news-services-request-url
/verso/static/assets/fonts/LabGrotesque-Black.woff2
etag
"44b6bf0cd9f1d027a6ca723b2024925c"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
NGQPD36MWKPAC0ZV
access-control-allow-origin
*
expires
Wed, 16 Aug 2023 07:06:34 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff2
apple-news-services-host
www.wired.com
x-cache-hits
148
rum
dsum-sec.casalemedia.com/ Frame C006
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YyieEAAAAEXCvwNw
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YyieEAAAAEXCvwNw
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray
74d3d3a27920cab4-YYZ
pragma
no-cache
date
Mon, 19 Sep 2022 16:51:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvClsfB6S0GMgNN9WzHKNy47g4WQRaMfNuPfDqJaf6MKCQ6HepwtWLE0ReKu%2BtywDl7U1V8W0c%2FI6P0JOnWXV%2Fhg%2ByNPsZjHinBmdVCyfxMZu5kXs06j952QQ2wRAslO5hnV7Y0xO%2BczdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:32 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663606293.844751,VS0,VE0
x-served-by
cache-yul12826-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YyieEAAAAEXCvwNw
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A32.838Z&_t=adBlock&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6200&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&aam_uuid=22725597434185837671267853816245447519&_o=wired&_c=ad_metrics&xID=0a128167-d05b-4a5a-ae1f-67013865e3d9&dim1=%7B%22device%22%3A%22desktop%22%2C%22pageContext%22%3A%7B%22channel%22%3A%22security%22%2C%22content%22%3A%7B%22copyCount%22%3A932%2C%22imageCount%22%3A0%2C%22embedCount%22%3A1%2C%22ratio%22%3A932%7D%2C%22contentType%22%3A%22article%22%2C%22experiments%22%3A%7B%7D%2C%22keywords%22%3A%7B%22copilotid%22%3A%5B%22632496798990652479ff3877%22%5D%2C%22platform%22%3A%5B%22verso%22%5D%2C%22tags%22%3A%5B%22security%22%2C%22hacking%22%2C%22vulnerabilities%22%2C%22uber%22%2C%22national-security%22%2C%22Uber%22%5D%7D%2C%22server%22%3A%22production%22%2C%22slug%22%3A%22uber-hack-mfa-phishing%22%2C%22subChannel%22%3A%22national-security%22%2C%22subSubChannel%22%3A%22%22%2C%22templateType%22%3A%22mt_article_two_column%22%2C%22adBlock%22%3Atrue%7D%2C%22adBlock%22%3Atrue%7D&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:32 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
background-img.png
media.wired.com/photos/5e421bd83130b10008e82ca9/master/pass/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/5e421bd83130b10008e82ca9/master/pass/background-img.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3e2c74520955923ebd7093beb2cf2a2fd6b1dabba81de3948e4712620159e61f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:32 GMT
Connection
keep-alive
Age
3478714
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=148842 idim=940x140 ifmt=png ofsz=2234 odim=940x140 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-iad-kcgs7200057-IAD, cache-yul12825-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663606293.861214,VS0,VE1
Etag
"zbCT2zmHP1Ct0HkI+Jr1IUmD97959wZmU1KGYEjcIpw"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
2234
timing-allow-origin
*
X-Cache-Hits
339, 188
setuid
ib.adnxs.com/ Frame C006
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YyieEAAAAEXCvwNw
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YyieEAAAAEXCvwNw
Protocol
HTTP/1.1
Server
68.67.160.24 New York, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:32 GMT
X-Proxy-Origin
149.56.153.186; 149.56.153.186; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
AN-X-Request-Uuid
387a3377-56ec-40b5-a940-ab701cc18049
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:32 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663606293.946170,VS0,VE0
x-served-by
cache-yul12826-YUL
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YyieEAAAAEXCvwNw
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame C006
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YyieEAAAAEXCvwNw
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YyieEAAAAEXCvwNw
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663606293.046608,VS0,VE0
x-served-by
cache-yul12826-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YyieEAAAAEXCvwNw
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
image2.pubmatic.com/AdServer/ Frame C006
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YyieEAAAAEXCvwNw
1 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YyieEAAAAEXCvwNw
Protocol
H2
Server
8.28.7.83 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:31 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663606293.148699,VS0,VE0
x-served-by
cache-yul12826-YUL
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YyieEAAAAEXCvwNw
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame C006
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YyieEAAAAEXCvwNw&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YyieEAAAAEXCvwNw&img=1&__user_check__=1&sync_id=511e96df-383b-11ed-bb08-19b3047f0403
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YyieEAAAAEXCvwNw&img=1&__user_check__=1&sync_id=511e96df-383b-11ed-bb08-19b3047f0403
Protocol
HTTP/1.1
Server
192.35.249.120 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:33 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
166
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 19 Sep 2022 16:51:33 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YyieEAAAAEXCvwNw&img=1&__user_check__=1&sync_id=511e96df-383b-11ed-bb08-19b3047f0403
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
255
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame C006
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YyieEAAAAEXCvwNw&t=2592000&o=0
43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YyieEAAAAEXCvwNw&t=2592000&o=0
Protocol
H3
Server
2a03:2880:f13a:83:face:b00c:0:25de Minneapolis, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 09:51:33 PDT
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
+XNhWWYdmLQx6ncRnFIIbyzDUOHV5JUJl3slw5yFqcdKgCp7fpMuvQTUqk+KpN+W7C4sgZhFMd1cuFd7jSQw6g==
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Mon, 19 Sep 2022 09:51:33 PDT

Redirect headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:33 GMT
via
1.1 varnish
server
Varnish
x-timer
S1663606293.350291,VS0,VE0
x-served-by
cache-yul12826-YUL
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YyieEAAAAEXCvwNw&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
t
elsa.memoinsights.com/ 		103 B
345 B 		Script
General
Check archive.org
Download Go to
Full URL
https://elsa.memoinsights.com/t?pid=5c058a6070cdcc676efa61c4&url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&date=2022-09-16T21%3A35%3A11.388Z&title=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&channels=tags&authors=Lily%20Hay%20Newman&referrer=&ref_url=&page_url=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&cb=MEMO.API.callbacks.cbmaoys&v=v3.0.6&t=5000&e=5000&s=0
Requested by
Host: cdn.memo.co
URL: https://cdn.memo.co/js/memo.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.17.85.17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-17-85-17.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
ddad34ad6596e85c168401c44922d917aa220f071213b9577639ebf3df164d9f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:33 GMT
x-envoy-upstream-service-time
1
server
istio-envoy
Connection
keep-alive
Content-Length
103
x-request-id
bf2781f39fa90b154c71d3230eebb1d7
content-type
application/javascript
ibs:dpid=161033&dpuuid=
dpm.demdex.net/ Frame C006
Redirect Chain
  • https://pixel.onaudience.com/?partner=130&mapped=22725597434185837671267853816245447519&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m
  • https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
Protocol
HTTP/1.1
Server
34.215.0.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-215-0-93.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v038-0e22dc084.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
104,300
X-TID
5sHY4eWYRhk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
content-length
0
image.sbxx
ib.mookie1.com/ Frame C006
Redirect Chain
  • https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=22725597434185837671267853816245447519
  • https://ib.mookie1.com/image.sbix?go=244346&pid=268&xid=22725597434185837671267853816245447519
  • https://dpm.demdex.net/ibs:dpid=285689&dpuuid=22725597434185837671267853816245447519&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D
  • https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=22725597434185837671267853816245447519
  • https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=22725597434185837671267853816245447519
120 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=22725597434185837671267853816245447519
Protocol
HTTP/1.1
Server
64.58.232.180 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 19 Sep 2022 16:51:33 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS15
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Mon, 19 Sep 2022 16:51:34 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=244346&pid=268&xid=22725597434185837671267853816245447519
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
LAS02
Content-Type
text/html; charset=utf-8
Content-Length
223
LabGrotesque-Medium.woff2
www.wired.com/verso/static/assets/fonts/ 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/LabGrotesque-Medium.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8575c83bcd649c28701830bc98d0051adba45ba685776092d2417c9240ee0c67
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:33 GMT
via
1.1 varnish
age
1156960
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/LabGrotesque-Medium.woff2
last-modified
Tue, 06 Sep 2022 07:28:03 GMT
verso
true
content-length
46416
x-amz-id-2
6iryniM81fcWd6ScAutzw9k948BSkZ/S+dECSzP3TlpxRemTo93lilL6CASZmoOYkscofeDbFi0=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606294.560730,VS0,VE1
apple-news-services-request-url
/verso/static/assets/fonts/LabGrotesque-Medium.woff2
etag
"d3df48def87009f6ce71e9e5b82a1281"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
PVVDNZ610318RMTJ
access-control-allow-origin
*
expires
Wed, 06 Sep 2023 07:28:53 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff2
apple-news-services-host
www.wired.com
x-cache-hits
57
LabGrotesque-Bold.woff2
www.wired.com/verso/static/assets/fonts/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.wired.com/verso/static/assets/fonts/LabGrotesque-Bold.woff2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2c667cdbe90922576bac69bbd0fa8f61d0c410748bf29b5bccea09b21123f1a0
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
Origin
https://www.wired.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date
Mon, 19 Sep 2022 16:51:33 GMT
via
1.1 varnish
age
1156960
x-cache
HIT
x-ua-device
desktop
apple-news-services-parsed-url
/verso/static/assets/fonts/LabGrotesque-Bold.woff2
last-modified
Tue, 06 Sep 2022 07:28:03 GMT
verso
true
content-length
47856
x-amz-id-2
g3cUgUGNjRAu4ll5mTfXyKru0zEO0ukPdXz6y+KzVHlXWfXzB4jHVDSbZ9oCVANOIkPvXO5RjAU=
x-served-by
cache-yul12827-YUL
apple-news-services-handled
false
x-timer
S1663606294.561614,VS0,VE0
apple-news-services-request-url
/verso/static/assets/fonts/LabGrotesque-Bold.woff2
etag
"181b7a06e7a0586c230d9b6282d73532"
vary
cn-experiments, Verso, bypass-verso-payment
strict-transport-security
max-age=31536000; preload
x-amz-request-id
PVVD0T5FZYHGD77Y
access-control-allow-origin
*
expires
Wed, 06 Sep 2023 07:28:53 GMT
cache-control
max-age=31536000, immutable
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
accept-ranges
bytes
content-type
application/x-font-woff2
apple-news-services-host
www.wired.com
x-cache-hits
51
WIRED_3009_500x680.jpg
media.wired.com/photos/632486938990652479ff3876/master/w_600,c_limit/
Redirect Chain
  • https://covers.conde.io/images_covers/cover_wired_600.jpg
  • https://media.wired.com/photos/632486938990652479ff3876/master/w_600,c_limit/WIRED_3009_500x680.jpg
64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.wired.com/photos/632486938990652479ff3876/master/w_600,c_limit/WIRED_3009_500x680.jpg
Protocol
HTTP/1.1
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8c6456830401da80934234015a0656a2027db0263faf7854db60adcc994c25c2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date
Mon, 19 Sep 2022 16:51:33 GMT
Connection
keep-alive
Age
268122
X-Cache
HIT, HIT
Fastly-Io-Info
ifsz=358458 idim=500x680 ifmt=jpeg ofsz=65544 odim=500x680 ofmt=webp
server-timing
geo;desc="continent=NA;country=CA;pop=YUL"
Fastly-Restarts
1
X-Served-By
cache-iad-kjyo7100114-IAD, cache-yul12825-YUL
experience
katra
Accept-Ranges
bytes
X-Timer
S1663606294.617181,VS0,VE1
Etag
"kFLU+pPloJ/DNDWK2O9YDIj76mVSxljpnbCwCA0hdbE"
vary
accept
Content-Type
image/webp
Fastly-Stats
io=1
cache-control
max-age=31536, must-revalidate, public
Content-Length
65544
timing-allow-origin
*
X-Cache-Hits
1, 4

Redirect headers

Date
Mon, 19 Sep 2022 16:51:33 GMT
Via
1.1 varnish
Server
nginx/1.15.8
Age
213
X-Served-By
cache-yul12823-YUL
X-Cache
HIT
location
https://media.wired.com/photos/632486938990652479ff3876/master/w_600,c_limit/WIRED_3009_500x680.jpg
cache-control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
X-Timer
S1663606294.604952,VS0,VE0
Content-Length
0
X-Cache-Hits
1
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200e Rockville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
id.sv.rkdms.com/identity/ 		348 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=CONDENAST&sv_domain=www.wired.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.134.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-134-156.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
1c70ad44f519fd72ddcf63c5bf712c8380946690fa1adc91df984357d93c2bbf

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.wired.com
date
Mon, 19 Sep 2022 16:51:34 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.20.2
vary
Accept-Encoding, Origin
content-type
application/json
headerstats
as-sec.casalemedia.com/ 		0
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=383250&u=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fN454RXFTNenUBwg4MTYV7q6OHH3GdKbL%2B1ydSGfs4ru7CAc5%2Bx18ZdSOEv8Hdl0jdO8OO7%2F5VbaZ4lfJU3EqWc%2BkDK9aQGnJpqWgvSmJD%2Bb0VLhNgJXAJNWI%2FG6hSoDjechvgpGR2o%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.wired.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
74d3d3acec5df99d-YYZ
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=conde.wired.native&zMoatAdUnit2=in-content&zMoatAdUnit3=security&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=9&kq=1&lo=2&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CA%24%3D!!tmx%5Dh3MIJy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-wzyHsWUP%2FoUsOmg7a7FqTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-0muc80RvHCbFpA%3D%3D&sc=1&os=1-MQ%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&h=125&w=125&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&id=1&ii=4&f=0&j=&t=1663606286355&de=368453360370&rx=431404640926&cu=1663606286355&m=8248&ar=5aeef158bee-clean&iw=f9dac89&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6299&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A671%3A671%3A5499%3A792&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5086&cd=286&ah=5086&am=286&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A5276770044%3A138301071698&bo=conde.wired.native&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=strict&it=500&oq=0&ot=0&zMoatJS=3%3A-&tc=0&fs=200157&na=150316887&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.169.173 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-200-169-173.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:34 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 19 Sep 2022 16:51:34 GMT
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-P1P55J3LNW&gtm=2oe9e0&_p=1770785891&cid=137948537.1663606287&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&dl=%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&dr=%2F&sid=1663606289&sct=1&seg=0&dt=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself%20%7C%20WIRED
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-P1P55J3LNW&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 19 Sep 2022 16:51:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.wired.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-09-19T16%3A51%3A35.654Z&_t=timespent&cBr=WIRED&cTi=The%20Uber%20Hack%E2%80%99s%20Devastation%20Is%20Just%20Starting%20to%20Reveal%20Itself&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134&cTpw=0.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846%2C%200.6072722325605846&cEnt=uber%2C%20hacker%2C%20zatko%2C%20cybersecurity%2C%20security%20engineer%2C%20twitter%2C%20the%20new%20york%20times%2C%20cedric%20owens%2C%20phishing%2C%20onelogin%2C%20social%20engineering%2C%20mfa%2C%20google%2C%20christmas%2C%20vmware%2C%20group%20ib%2C%20microsoft%2C%20peiter%2C%20mudge%2C%20amazon%20web%20services&cEnw=1%2C%200.8163067102619764%2C%200.49327658040653605%2C%200.45150426738870175%2C%200.4307189739611438%2C%200.4049551548210701%2C%200.3730843439453504%2C%200.3710266721435514%2C%200.3565514499299996%2C%200.3285279539349286%2C%200.317667043227003%2C%200.3170134683047196%2C%200.30358529307726123%2C%200.2773687200063413%2C%200.27219275527893916%2C%200.2573836163710041%2C%200.23009504721664914%2C%200.2289692603537375%2C%200.22891335549555425%2C%200.22703331212788483&cCu=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&org_id=4gKgcErvvpkwWft3fSWg7c2niGQB&org_app_id=5QYt5Xy87uNBXaR4Wj3U2pPoRCBTTVrMHp8wN1h4BcXHZVYmf6sxzCnLQC&cId=632496798990652479ff3877&cPd=2022-09-16T21%3A35%3A11.388Z&cPv=all&cAu=Lily%20Hay%20Newman&pHr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing&pRt=referral&pHp=%2Fstory%2Fuber-hack-mfa-phishing%2F&pRr=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F&pWw=1600&pWh=1200&pPw=1600&pPh=6300&pSw=1600&pSh=1200&uID=afe662ac-a2c8-455e-b46e-17c59ffdc847&sID=f69220e5-b0e3-4491-889a-fb6359937d8f&pID=ce3f497e-cf49-40be-8658-1b0e0c4851ca&uDt=desktop&aam_uuid=22725597434185837671267853816245447519&_o=wired&_c=general&xID=0a128167-d05b-4a5a-ae1f-67013865e3d9&_v=5000&environment=prod&origin=wired&cKh=uber%2Chacker%2Cauthentication%2Cattacker%2Cbreach
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.194.129.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-194-129-7.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 19 Sep 2022 16:51:35 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

241 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| cns function| getCookie function| setCookie function| setGPC function| OptanonWrapper object| googletag object| sparrowQueue object| cnBus object| PARSELY object| __PRELOADED_STATE__ object| dataLayer object| _4d string| CN_STACK_TEMP object| _perfRefForUserTimingPolyfill object| fastdom function| moatYieldReady object| BOOMR_mq object| apstag object| pbjs object| pbjsChunk object| _pbjsGlobals object| mnet object| OneTrustStub function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| headertag undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_35266287 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi object| gapi object| ___jsl object| UrlCache object| SUBSCRIPTIONS object| SWG object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| apstagLOADED object| webpackJsonpVerso function| setImmediate function| clearImmediate function| CNE_onReady_16636062868810 object| journeyDataGateway object| dfpDataGateway object| paymentGateway object| paywallGateway object| _cne object| oojjs object| jBus string| beaconHostname function| setOptions object| cookie function| ajax function| resetOurXid function| propagateXid function| pixel object| experiments object| __otccpaooLocation string| OnetrustActiveGroups string| OptanonActiveGroups object| otStubData undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal function| setupInterlude1 function| onIframeReady16636062874960 object| google_tag_manager function| postscribe object| google_tag_manager_external object| Criteo object| performanceConsent object| functionalConsent object| targetingConsent string| b object| h function| getVisitNumCustom number| d string| eventMethod function| eventer string| messageEvent object| ats object| core object| Optanon object| OneTrust string| queryString function| e object| visitor object| adobe function| Visitor object| s_c_il number| s_c_in function| DIL object| dilInstance object| _qevents function| rdt function| fbq function| _fbq function| addPixel object| __adIq_Config string| _linkedin_partner_id object| _linkedin_data_partner_ids object| __memo_config function| hj object| _hjSettings string| TiktokAnalyticsObject object| ttq object| scrEm function| obApi boolean| include object| urlParams string| fullUrl object| myParam object| publishDate object| now string| GoogleAnalyticsObject function| ga object| _aam_dataLayer undefined| userId boolean| _aam_spa object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels function| lintrk boolean| _already_called_lintrk function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| Sailthru number| google_global_correlator object| bouncex object| MEMO object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| _google_rum_ns_ object| google_persistent_state_async object| closure_lm_716230 object| google object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| trx function| md5 object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge object| gaplugins object| auvars object| SparrowConfigV2 object| regeneratorRuntime object| JSON3 object| gaData function| docReady object| au object| autag object| blingbyJson object| hadron boolean| __halo_loaded__ object| OneTagNadoscallback_79023390 object| SparrowCache function| Sparrow boolean| sparrowInitialize object| sparrow object| closure_lm_103363 function| _typeof object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_123 object| Criteo_prebid_123 function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie undefined| $ function| jQuery function| close_bouncex_ad object| GoogleGcLKhOms object| google_image_requests

231 Cookies

Domain/Path Name / Value
.wired.com/ Name: CN_xid
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
.wired.com/ Name: CN_xid_refresh
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
www.wired.com/ Name: xid1
Value: 1
www.wired.com/ Name: verso_bucket
Value: 281
.wired.com/ Name: CN_geo_country_code
Value: CA
www.wired.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.wired.com/ Name: _pubcid
Value: 56557349-e1f4-4a40-be04-64225528dae0
.wired.com/ Name: CN_segments
Value: co.w2238
www.wired.com/ Name: usprivacy
Value: 1---
.condenastdigital.com/ Name: CN_xid
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
.newyorker.com/ Name: CN_xid
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
.newyorker.com/ Name: CN_geo_country_code
Value: CA
.glamour.com/ Name: CN_xid
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
.glamour.com/ Name: CN_geo_country_code
Value: CA
.self.com/ Name: CN_xid
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
.self.com/ Name: CN_geo_country_code
Value: CA
.gq.com/ Name: CN_xid
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
.gq.com/ Name: CN_geo_country_code
Value: CA
.bonappetit.com/ Name: CN_xid
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
.bonappetit.com/ Name: CN_geo_country_code
Value: CA
.pitchfork.com/ Name: CN_xid
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
.pitchfork.com/ Name: CN_geo_country_code
Value: CA
.cntraveler.com/ Name: CN_xid
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
.cntraveler.com/ Name: CN_geo_country_code
Value: CA
.allure.com/ Name: CN_xid
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
.allure.com/ Name: CN_geo_country_code
Value: CA
.epicurious.com/ Name: CN_xid
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
.epicurious.com/ Name: CN_geo_country_code
Value: CA
www.wired.com/ Name: CN_visits_m
Value: 1664582400651%26vn%3D1
www.wired.com/ Name: CN_in_visit_m
Value: true
.them.us/ Name: CN_xid
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
.them.us/ Name: CN_geo_country_code
Value: CA
.architecturaldigest.com/ Name: CN_xid
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
.architecturaldigest.com/ Name: CN_geo_country_code
Value: CA
.teenvogue.com/ Name: CN_xid
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
.teenvogue.com/ Name: CN_geo_country_code
Value: CA
.vanityfair.com/ Name: CN_xid
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
.vanityfair.com/ Name: CN_geo_country_code
Value: CA
.vogue.com/ Name: CN_xid
Value: 0a128167-d05b-4a5a-ae1f-67013865e3d9
.vogue.com/ Name: CN_geo_country_code
Value: CA
.openx.net/ Name: i
Value: 56557349-e1f4-4a40-be04-64225528dae0|1663606287
.wired.com/ Name: _gcl_au
Value: 1.1.394446113.1663606288
.yahoo.com/ Name: A3
Value: d=AQABBA-eKGMCEAA7EXVJc1R-Fu0F0Dua_7IFEgEBAQHvKWMyYwAAAAAA_eMAAA&S=AQAAAlcwzSG1Rf76Yzs5FdYEMvM
.wired.com/ Name: pay_ent_msmp
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsInZlciI6MX0.eyJjbnRzIjp7ImFsbCI6MX0sImlhdCI6MTY2MzYwNjI4Nzc2NSwiaXNzIjoiam91cm5leSIsInVhdCI6MTY2MzYwNjI4Nzc2NSwidXJscyI6WyIvc3RvcnkvdWJlci1oYWNrLW1mYS1waGlzaGluZy8iXX0.P1JlGz7uLAfRiS1P5J-kQTwnSGZblm_7AXdnmzeXsrg
www.wired.com/ Name: _lr_geo_location
Value: CA
.rubiconproject.com/ Name: khaos
Value: L8908AYG-I-95TU
.wired.com/ Name: __gads
Value: ID=454cc35988ac7860:T=1663606287:S=ALNI_Ma4Tj8mzb15B9PDXXeOX5NFAaB4PQ
.scorecardresearch.com/ Name: UID
Value: 1F8a63e1e85d1340b41f41b1663606288
.doubleclick.net/ Name: IDE
Value: AHWqTUlk7M_virvFGj9PIBliqdXI2p2vTYtKOK4U5wAbrnp5yhh68H9fUakoRvFgCNE
.tapad.com/ Name: TapAd_TS
Value: 1663606288105
.tapad.com/ Name: TapAd_DID
Value: 938f0985-f7db-410e-b217-c1c96e40dc47
.quantserve.com/ Name: mc
Value: 63289e10-1b5d9-cbe3f-03625
.wired.com/ Name: CN_ad_block
Value: 0
.turn.com/ Name: uid
Value: 2620356559099565277
.wired.com/ Name: _rdt_uuid
Value: 1663606288214.acc5c1b7-289e-49fa-a591-d04d7f671acb
.wired.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Mon+Sep+19+2022+16%3A51%3A28+GMT%2B0000+(GMT)&version=6.35.0&hosts=&consentId=d2987958-5959-4f9c-955b-e8c573e49b88&interactionCount=0&landingPath=https%3A%2F%2Fwww.wired.com%2Fstory%2Fuber-hack-mfa-phishing%2F%3Fhss_channel%3Dtw-1685619204&groups=C0001%3A1%2CC0003%3A1%2CC0004%3A1%2CC0002%3A1
.demdex.net/ Name: demdex
Value: 22725597434185837671267853816245447519
www.wired.com/ Name: sailthru_pageviews
Value: 1
.amazon-adsystem.com/ Name: ad-id
Value: A0s_T15ON0wdtRTyH1M5AaU
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
www.wired.com/ Name: __srret
Value: 1
.linkedin.com/ Name: li_sugr
Value: d376e468-6f52-43ba-8aff-569ccff843c5
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&f7ca2a32-eb51-42df-8080-88d858c40470"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2790:u=1:x=1:i=1663606288:t=1663692688:v=2:sig=AQFNCgO0gu7w5EQN17Bol7ticwpZmjBA"
.wired.com/ Name: AMCVS_F7093025512D2B690A490D44%40AdobeOrg
Value: 1
.adsrvr.org/ Name: TDID
Value: 0865b44e-ac90-4c50-9150-a860aeafacdf
.tiktok.com/ Name: _ttp
Value: 2EzlRwjKYSa53Awq2dxB85E0jB3
.wired.com/ Name: _au_1d
Value: AU1D-0100-001663606289-CCL9X331-CFI9
.wired.com/ Name: _au_last_seen_apn
Value: 1663606288588
.wired.com/ Name: _au_last_seen_ttd
Value: 1663606288588
.wired.com/ Name: _au_last_seen_pub
Value: 1663606288588
.wired.com/ Name: _au_last_seen_adx
Value: 1663606288588
.wired.com/ Name: _au_last_seen_goo
Value: 1663606288588
.wired.com/ Name: _au_last_seen_openx
Value: 1663606288588
.wired.com/ Name: _au_last_seen_rub
Value: 1663606288588
.wired.com/ Name: _au_last_seen_ado
Value: 1663606288588
.wired.com/ Name: _au_last_seen_mediamath
Value: 1663606288588
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YyieEAAAAEXCvwNw
.linkedin.com/ Name: UserMatchHistory
Value: AQICemZUlFLqjwAAAYNWqXDeaaQ31VehRpIFVsJXOd3BOgR1BTiDSQT9Jlyb1FZSpny-aild3GL4wA
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQKXVA8l9P45zgAAAYNWqXDeGCKpM31mxhUe4iYHrz-n6ApIFyl_rwUXrruHIqTJWbO4sp1zL2rZc_EMDG11FA
.adnxs.com/ Name: uuid2
Value: 1122792427392432315
.pubmatic.com/ Name: KTPCACOOKIE
Value: true
www.wired.com/ Name: cneplayercount
Value: 1
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3F82CC2E-5652-4C90-8D87-EF1F7E368CE5
.doubleclick.net/ Name: DSID
Value: NO_DATA
.ad.gt/ Name: au_id
Value: AU1D-0100-001663606289-CCL9X331-CFI9
.ad.gt/ Name: g_hosted
Value:
.dpm.demdex.net/ Name: dpm
Value: 22725597434185837671267853816245447519
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&2022091916512848ffe613-7066-4318-8756-a1a816b6ca4fAQH2R2pawBDsD0kCaE596i3NY8VOncoJ"
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!6304
.pippio.com/ Name: did
Value: XN9tzr8mq8a4KqPU
.pippio.com/ Name: didts
Value: 1663606289
.pippio.com/ Name: nnls
Value:
www.wired.com/ Name: sailthru_content
Value: bf40830f8aac5314c68f4b586937d351
www.wired.com/ Name: sailthru_visitor
Value: ccc2af9a-7d5e-4a39-b783-0c57acaad584
www.wired.com/ Name: qcSxc
Value: 1663606289092
.wired.com/ Name: _tt_enable_cookie
Value: 1
.wired.com/ Name: _ttp
Value: 123a7f7d-bf13-4d53-b330-e2f156f335bc
www.wired.com/ Name: outbrain_cid_fetch
Value: true
.wired.com/ Name: _fbp
Value: fb.1.1663606289202.322695493
www.wired.com/ Name: __srui
Value: 4e51f3e2-383b-11ed-878f-6e91bbde326c
.mathtag.com/ Name: uuid
Value: bb286328-9e11-4a00-80eb-6728c1b98f08
.wired.com/ Name: AMCV_F7093025512D2B690A490D44%40AdobeOrg
Value: -408604571%7CMCIDTS%7C19255%7CMCMID%7C22890520621230013581285157462454314886%7CMCAAMLH-1664211088%7C9%7CMCAAMB-1664211088%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663613488s%7CNONE%7CMCSYNCSOP%7C411-19262%7CvVersion%7C4.6.0
.wired.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.wired.com/ Name: _gid
Value: GA1.2.1249916908.1663606289
.wired.com/ Name: _dc_gtm_UA-8293713-27
Value: 1
.wired.com/ Name: _ga_P1P55J3LNW
Value: GS1.1.1663606289.1.0.1663606289.60.0.0
.contextweb.com/ Name: V
Value: h0chNs6KmCNN
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: a46ddb765dea8418
.3lift.com/ Name: tluid
Value: 3034631852098996955838
.wired.com/ Name: _ga
Value: GA1.2.137948537.1663606287
.casalemedia.com/ Name: CMID
Value: YyieESwGjzJsCt6sceB0bwAA
.casalemedia.com/ Name: CMPS
Value: 182
.casalemedia.com/ Name: CMPRO
Value: 182
.facebook.com/ Name: fr
Value: 0YMVMpkNhDJO87fEs..BjKJ4R...1.0.BjKJ4R.
.agkn.com/ Name: ab
Value: 0001%3A8%2B2YPKDv8FKu06FgD4bMO%2F8ajsoFlKYV
.pippio.com/ Name: pxrc
Value: CJG8opkGEgQIAhAAEgYI7OsBEAA=
.smartadserver.com/ Name: pid
Value: 27208953193559021
.wired.com/ Name: _hjSessionUser_1537182
Value: eyJpZCI6ImFjNmYzYTY1LTdhYWUtNWVmMC1iY2VkLTFjYjliOWZlMWU0MiIsImNyZWF0ZWQiOjE2NjM2MDYyODkxMTgsImV4aXN0aW5nIjpmYWxzZX0=
.wired.com/ Name: _hjFirstSeen
Value: 1
www.wired.com/ Name: _hjIncludedInSessionSample
Value: 0
.wired.com/ Name: _hjSession_1537182
Value: eyJpZCI6IjMxODU2ODllLTkwZDktNDExZi1iOTg2LTk3NjYyYWY1NmU1ZiIsImNyZWF0ZWQiOjE2NjM2MDYyODk3MTEsImluU2FtcGxlIjpmYWxzZX0=
.wired.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.wired.com/ Name: sID
Value: f69220e5-b0e3-4491-889a-fb6359937d8f
www.wired.com/ Name: pID
Value: ce3f497e-cf49-40be-8658-1b0e0c4851ca
www.wired.com/ Name: CN_sp
Value: afe662ac-a2c8-455e-b46e-17c59ffdc847
www.wired.com/ Name: CN_su
Value: 31fbf2ec-be51-418e-ab38-823d8b1042cd
.adsymptotic.com/ Name: U
Value: bc6895072be6da1c8e1e7ea8db2d6bb9
.linksynergy.com/ Name: rmuid
Value: dc2faee4-9cca-4430-a93f-31a388e3d354
.linksynergy.com/ Name: icts
Value: 2022-09-19T16:51:29Z
.wired.com/ Name: __qca
Value: P0-1004448029-1663606289083
.wired.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.wired.com/story/uber-hack-mfa-phishing/?hss_channel=tw-1685619204%22%2C%22sref%22:%22%22%2C%22sts%22:1663606290068%2C%22slts%22:0}
.wired.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=5a0f4a9e917385a26005c5afb9d130b1%22%2C%22session_count%22:1%2C%22last_session_ts%22:1663606290068}
.exelator.com/ Name: EE
Value: "1a9486577840baf2525e25a8dfe5535e"
.wired.com/ Name: _gat_auPassiveTagger
Value: 1
.openx.net/ Name: univ_id
Value: 537072971|0865b44e-ac90-4c50-9150-a860aeafacdf|1663606290290352
.csync.loopme.me/ Name: viewer_token
Value: 278f06cf-0cbc-4692-9853-78a88a2034b3
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcEw0dLEwszU3NzCxCApMc3I1Mg01cg00SIlLdXU1Ng0dXFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAdEl%252BUWb6ImfHxUUpaQyLSopPBR9cHQoAf5op%252FQ%253D%253D"
.adgrx.com/ Name: ADGRX_UID
Value: 4f56f0de-383b-11ed-9f2c-92a72e778839
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1g6z|2N.0.AAAF3tJa18e3-QNrh_d-AAAAAAA|3oy.0|4is.0.CAESEK_y1L8jFfh9vV1HAQ9I_aM|7TY.0
.adgrx.com/ Name: ADGRX_CM_CASALE_BRIDGED
Value: 1
www.wired.com/ Name: _lr_sampling_rate
Value: 100
.addthis.com/ Name: ouid
Value: 63289e120001708585b27f43a4ad4f0d214dbf40cb8bdbcafedd
.addthis.com/ Name: um
Value: g.'22725597434185837671267853816245447519'
.addthis.com/ Name: uid
Value: 63289e1257152649
.bounceexchange.com/ Name: bounceClientVisit2825c
Value: %7B%22vid%22%3A1663606290512372%2C%22did%22%3A%222083174281245713468%22%7D
.wired.com/ Name: bounceClientVisit2825v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgO6kB0xAlgE4CmAJmQMYD2AtkSgi9QJ5EBXAEa1qAWjgBDJgGsxbAGaSxEOJRRqAdgHMimfHBQoA+kymbNtMJgAiCYmICMANgAcAVmeOAnLgAMACwgADQg1DAgISDqxtosxii0RpQsmjBKYImhMdoQCUkoKWnQGYkAvkA
.criteo.com/ Name: uid
Value: 088f125c-6f4b-4bc3-b0f2-886baafd735e
.wired.com/ Name: _pubcid_last
Value: Mon%2C%2019%20Sep%202022%2016%3A51%3A31%20GMT
www.wired.com/ Name: _lr_retry_request
Value: true
www.wired.com/ Name: _lr_env_src_ats
Value: false
.33across.com/ Name: 33x_ps
Value: u%3D117915488844135%3As1%3D1663606291137%3Ats%3D1663606291137
.openx.net/ Name: pd
Value: v2|1663606289.2|iKvMgakWgy.bwuYvPhEgKg2
.wired.com/ Name: cto_bundle
Value: hLJxdl9NT290aExNZVpteWZFS2ZGY2dtRVFZZGRYZUF5RDVPblRtaTRBYkNlVk15a1BGT3ZHMk9QSmlMeVBWUDk2YkFNRGFieDMyVVZDOCUyQnl1SVclMkJXVnJOYWVSS1VTQzhLTnM3SHF3dkQlMkZ5eVBmTDI1OExGVmZuWEQ1TUJJYnRweFVYcG5yY2dtR1MlMkZTN3RLcE8lMkZoZUtHYzZ3JTNEJTNE
.media.net/ Name: visitor-id
Value: 3066078911455499000V10
.rlcdn.com/ Name: rlas3
Value: 0WyVf1ML90eUlt03DicIVIsY83SgR93bei1czJOBo7E=
.rlcdn.com/ Name: pxrc
Value: CJC8opkGEgUI6AcQABIFCOhHEAASBgjx6wEQAg==
.w55c.net/ Name: wfivefivec
Value: 2o5M5bDn1OAjZx5
.media6degrees.com/ Name: clid
Value: 2rigutv01171etogdlz8ff9z000000017a011301901
.media6degrees.com/ Name: acs
Value: 012020k1rigutvxzt10
.bidswitch.net/ Name: tuuid
Value: 66881412-59c1-46bf-a183-3dcf075275a0
.bidswitch.net/ Name: c
Value: 1663606291
.bidswitch.net/ Name: tuuid_lu
Value: 1663606291
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwj0ytmvp5qNOxAFEhUKBmNhc2FsZRILCJy0mrunmo07EAUSFgoHcnViaWNvbhILCM7Pgb-nmo07EAUYASABKAIyCwjWpu_zvZqNOxAFOAFaBzhtMzN6azRgAg..
.taboola.com/ Name: t_gid
Value: 83367556-08b6-4889-8b31-6b69992765c1-tucta222393
.w55c.net/ Name: matchmedianet
Value: 5
.bidr.io/ Name: bito
Value: AAI7kk7GUTwAAA3i4Rwiyw
.bidr.io/ Name: bitoIsSecure
Value: ok
.media.net/ Name: data-mm
Value: bb286328-9e11-4a00-80eb-6728c1b98f08~~8
.sitescout.com/ Name: ssi
Value: fa0859e3-f2e5-42f6-b4da-0fe20f41681b#1663606291420
.company-target.com/ Name: tuuid
Value: 5fee9ac0-f3ba-4a9a-9f55-e58d11b469bf
.company-target.com/ Name: tuuid_lu
Value: 1663606291
.media.net/ Name: data-g
Value: CAESELeT_-vcVQExKls12TauVek~~8
.mfadsrvr.com/ Name: c
Value: 1663606291
.mfadsrvr.com/ Name: tuuid_lu
Value: 1663606291
.mfadsrvr.com/ Name: tuuid
Value: 788018e2-8fbf-4829-8731-4792b1d409ce
.dotomi.com/ Name: DotomiTest
Value: 7d0c186ea38c1073
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrIwNDAwNjWwMDQzNzMzMjc0MhfiM9T1dkx0M0_NdTSoTPcAAGb9gUAlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrIwNDAwNjWwMDQzNzMzMjc0MhfiM9T1dkx0M0_NdTSoTPcAAGb9gUAlAAAA
.sitescout.com/ Name: _ssuma
Value: eyIyNCI6MTY2MzYwNjI5MTQ1OSwiMzkiOjE2NjM2MDYyOTE0NTksIjciOjE2NjM2MDYyOTE0NTl9
.analytics.yahoo.com/ Name: IDSYNC
Value: "18y3~2794:175w~2794:18za~2794:18xa~2794"
.media.net/ Name: data-xu
Value: 2o5M5bDn1OAjZx5~~8
.media.net/ Name: data-ttd
Value: 0865b44e-ac90-4c50-9150-a860aeafacdf~~1
.owneriq.net/ Name: si
Value: Q7168926911227477863
.zemanta.com/ Name: zuid
Value: 7fZh_lu2uftkXTZw_Gp5
.quantserve.com/ Name: d
Value: ENQBEgGRJ7mvYP64UA
.media.net/ Name: data-rk
Value: 969751683052615373~~8
.mfadsrvr.com/ Name: ssh
Value: !medianet,1663606291
.wired.com/ Name: aamconde
Value: conde%3Dsv%3BCN%3D764985
.wired.com/ Name: aamoptsegs
Value: aam%3D226821
.wired.com/ Name: aam_uuid
Value: 22725597434185837671267853816245447519
.media.net/ Name: data-co
Value: AAAF3tJa18e4OgNdURycAAAAAAA~~8
.mookie1.com/ Name: id
Value: 10597532877091957749
.mookie1.com/ Name: mdata
Value: 1|10597532877091957749|1663606291581
.mookie1.com/ Name: ov
Value: d1c2fcaef25fa685a97a05a77e4a4535
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: d8e39c0c78840b30837b9ac0b6697373
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSLFINbZMNkg2t7AwMUgyNrAwNk%2ByTEw2SDIzszQ3NjdmAIJkjXnCIBoKAEFkCZw%3D"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI1pgnDKSgAAAPvQE9"
.media.net/ Name: data-ze
Value: H6HHuLapgJgfqtClbFj6~~8
.media.net/ Name: data-mf
Value: 788018e2-8fbf-4829-8731-4792b1d409ce~~1
.twitter.com/ Name: personalization_id
Value: "v1_CyFgb8fPveZ1MoIx47MHJQ=="
.mookie1.com/ Name: syncdata_TAP
Value: 1
.yieldoptimizer.com/ Name: fbh0
Value: %7B%7D
.yieldoptimizer.com/ Name: gcma
Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/ Name: rmxc
Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/ Name: cktst
Value: 980593675
.mookie1.com/ Name: syncdata_NEU
Value: 1
.yieldoptimizer.com/ Name: ckid
Value: 2027900517539
.yieldoptimizer.com/ Name: dph
Value: %7B%22t%22%3A%5B120232%5D%2C%22dp%22%3A%5B2233%5D%7D
.yieldoptimizer.com/ Name: ph
Value: %7B%22p%22%3A%5B1025%5D%2C%22t%22%3A%5B120232%5D%7D
.media.net/ Name: data-bs
Value: 66881412-59c1-46bf-a183-3dcf075275a0~~1
.owneriq.net/ Name: p2
Value: adpq
.mxptint.net/ Name: mxpim
Value: R1B341_F6767223_7FD9C7DD.1.0000000000000000000000000000000000000000000000000000000063289E14
.krxd.net/ Name: _kuid_
Value: PFrJu7xy
.fwmrm.net/ Name: _uid
Value: "e9c9d_7145134617560445726"
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bHn8O+Oq9nFUO1WuCoMxA8a+JUixCbOKdokEu2gZrfHPi/2kFxZ87Kpnl64pcQ3hAbcsbnI2WrMriYbB5SW5XQ3r2IsKRhWH5f9W23uEog5JA==
.casalemedia.com/ Name: CMTS
Value: 134
.adnxs.com/ Name: anj
Value: dTM7k!M4.FErk#WF']wIg2GVIf/x*^!]tbPl1MwL(!R7qUY$*rEzdrZ(Dg4mUc1L8%Zb9`FM=5S9RFMZ9bmtwgM/]vGiOb!hP%cZDYw?IEBnq=!?O/(06.$K
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YyieEAAAAEXCvwNw&KRTB&22978-YyieEAAAAEXCvwNw&KRTB&23194-YyieEAAAAEXCvwNw&KRTB&23209-YyieEAAAAEXCvwNw
.pubmatic.com/ Name: PugT
Value: 1663606291
.spotxchange.com/ Name: audience
Value: 511e9693-383b-11ed-bb08-19b3047f0403
.demdex.net/ Name: dextp
Value: 21-1-1663606289499|269-1-1663606289776|3-1-1663606290041|420-1-1663606290287|60-1-1663606290397|358-1-1663606290503|477-1-1663606290604|481-1-1663606290705|843-1-1663606290806|540-1-1663606290907|601-1-1663606291008|771-1-1663606291109|992-1-1663606291214|1123-1-1663606291341|1175-1-1663606291473|1524-1-1663606291575|22069-1-1663606291676|575-1-1663606291778|53196-1-1663606291879|73426-1-1663606291980|75557-1-1663606292085|79908-1-1663606292186|66757-1-1663606292287|121998-1-1663606292388|796-1-1663606292489|144230-1-1663606292590|144231-1-1663606292717|144232-1-1663606292836|144233-1-1663606292937|144234-1-1663606293038|144235-1-1663606293140|144236-1-1663606293241|144237-1-1663606293342|161033-1-1663606293443|285689-1-1663606293543
.onaudience.com/ Name: cookie
Value: dedf86780fe7d3be
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: gj1z5gdblbb0ojob1ck5rmh1
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: z02xxlg2rt3fm1bsmnaasb0o
.rkdms.com/ Name: sessionid
Value: h-7c7d8527a115aa541eb1f761ff0c623f_t-1663606294
.ib.mookie1.com/ Name: ibkukiuno
Value: s=cbe746ca-6246-43d2-b972-37115445e640&h=&v=0&l=-8585380005909133735&op=&hl=0&vlu=0&tcs=1&dcc=-8585380005911692838
.ib.mookie1.com/ Name: ibkukinet
Value: 2503514554=-8585380005909133735&2503514554=-8585380005909133735

4 Console Messages

Source Level URL
Text
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MjE1L3QvMA/kv/PageName=national%20security,SiteID=Wired,CampaignID=1802C,Channel=website,CreativeID=security,Placement=undefined
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://cdn.ampproject.org/rtv/012208242209000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://p.adsymptotic.com/d/px?_pid=11693&_psign=bf265992ae7fbdc1ab4b39651c157974&_puuid=22725597434185837671267853816245447519&_rand=1758248464&_pp=adobeXtest&_redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=1524%26dpuuid=${UUID}
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://fr-actions.trackonomics.net/prod/www.wired.com/story/uber-hack-mfa-phishing/action_links.json
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob: wss://*.hotjar.com wss://*.conde.digital; font-src https: data:; img-src https: blob: data: android-webview-video-poster:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2215ed5f1bb5c1f19d3d08f3e16e9b9d.safeframe.googlesyndication.com
4d.condenastdigital.com
a.ad.gt
aa.agkn.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
abp.mxptint.net
ad.turn.com
ads.scorecardresearch.com
adservice.google.ca
adservice.google.com
ak.sail-horizon.com
alb.reddit.com
ampcid.google.ca
ampcid.google.com
amplify.outbrain.com
analytics.google.com
analytics.tiktok.com
analytics.twitter.com
aorta.clickagy.com
api.bounceexchange.com
api.rlcdn.com
api.sail-personalize.com
apis.google.com
as-sec.casalemedia.com
assets.bounceexchange.com
ats.rlcdn.com
b1sync.zemanta.com
beacon.krxd.net
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c21lg-d.media.net
c2shb.ssp.yahoo.com
capture.condenastdigital.com
casale-match.dotomi.com
cdn-magiclinks.trackonomics.net
cdn.ampproject.org
cdn.cookielaw.org
cdn.hadronid.net
cdn.indexww.com
cdn.memo.co
cdn.parsely.com
check.analytics.rlcdn.com
cm.adgrx.com
cm.everesttech.net
cm.g.doubleclick.net
condenast.demdex.net
condenastus-d.openx.net
connect.facebook.net
contextual.media.net
covers.conde.io
cs.media.net
csync.loopme.me
d.adroll.com
d.turn.com
d1z2jf7jlzjs58.cloudfront.net
d2c8v52ll5s99u.cloudfront.net
dfp.bouncex.net
dis.criteo.com
dmp.adblade.com
dmp.v.fwmrm.net
dp2.33across.com
dp8hsntg6do36.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
dwgyu36up6iuz.cloudfront.net
eb2.3lift.com
elsa.memoinsights.com
eus.rubiconproject.com
events.bouncex.net
fastlane.rubiconproject.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
fr-actions.trackonomics.net
geo.privacymanager.io
geolocation.onetrust.com
global.ib-ibi.com
googleads.g.doubleclick.net
gum.criteo.com
hbx.media.net
htlb.casalemedia.com
ib.adnxs.com
ib.mookie1.com
id.hadron.ad.gt
id.rlcdn.com
id.sv.rkdms.com
idpix.media6degrees.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
imasdk.googleapis.com
infinityid.condenastdigital.com
journey.wired.com
js-sec.indexww.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.prod.bidr.io
mb.moatads.com
media.wired.com
medianet-match.dotomi.com
mug.criteo.com
news.google.com
odr.mookie1.com
p.ad.gt
p.adsymptotic.com
p.rfihub.com
p1.parsely.com
pagead2.googlesyndication.com
pbs.getpublica.com
pippio.com
pitchfork.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.condenastdigital.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
player.cnevids.com
pm.w55c.net
polyfill.io
pr-bh.ybp.yahoo.com
prebid.media.net
pubads.g.doubleclick.net
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
px4.ads.linkedin.com
pxl.qccerttest.com
r.casalemedia.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.company-target.com
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
segment-data.zqtk.net
snap.licdn.com
ssbsync-us.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.criteo.net
static.hotjar.com
stats.g.doubleclick.net
su.addthis.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.mathtag.com
sync.search.spotxchange.com
sync.taboola.com
tag.bounceexchange.com
tag.yieldoptimizer.com
tags.rd.linksynergy.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.outbrain.com
trx-hub.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
vars.hotjar.com
www.allure.com
www.architecturaldigest.com
www.bonappetit.com
www.cntraveler.com
www.epicurious.com
www.facebook.com
www.glamour.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gq.com
www.linkedin.com
www.newyorker.com
www.redditstatic.com
www.self.com
www.teenvogue.com
www.them.us
www.vanityfair.com
www.vogue.com
www.wired.com
x.bidswitch.net
x.dlx.addthis.com
z.moatads.com
104.112.10.99
104.112.11.48
104.112.12.25
104.127.172.242
104.18.18.126
104.18.19.126
104.18.99.194
104.244.42.3
107.178.246.49
107.178.254.65
108.138.128.58
108.139.29.121
108.139.29.68
13.107.42.14
13.224.201.38
13.224.202.36
13.224.205.195
13.224.208.104
13.224.208.192
13.224.214.21
13.224.214.23
13.224.214.55
13.224.214.63
13.224.214.65
13.224.214.67
13.224.214.90
13.224.214.93
13.225.214.129
13.35.93.23
13.35.93.62
141.226.224.48
141.94.171.214
142.250.80.34
151.101.0.239
151.101.128.239
151.101.192.239
151.101.193.140
151.101.194.194
151.101.64.239
151.101.66.49
184.29.132.233
184.86.229.123
192.35.249.120
198.148.27.139
199.187.193.182
199.38.167.131
2001:4860:4802:34::181
204.2.255.224
207.198.113.86
209.54.182.161
216.200.232.249
23.200.169.173
23.208.216.126
23.221.200.79
23.49.100.28
23.49.248.26
2600:141b:5000::17df:9c20
2600:1901:0:8eee::
2600:1f14:426:3f00:f108:c7fb:5062:bafe
2600:1f18:4e9:5a02:de18:75cd:f3b9:7bd3
2600:1f18:6593:f606:ee73:d59a:4018:6dc2
2600:9000:20ed:1e00:6:44e3:f8c0:93a1
2600:9000:21dd:b200:11:615:7240:93a1
2600:9000:21ea:9600:1d:8c8c:47c0:93a1
2602:803:c002:200::62
2606:4700:20::ac43:49e4
2606:4700:4400::ac40:929e
2606:4700::6810:9540
2606:4700::6812:a4f
2606:4700::6812:d4c
2606:4700::6813:ad6c
2606:ae80:1451:22::760
2607:f8b0:4004:c06::9d
2607:f8b0:4006:807::2001
2607:f8b0:4006:807::2002
2607:f8b0:4006:808::2002
2607:f8b0:4006:808::200e
2607:f8b0:4006:809::2001
2607:f8b0:4006:809::200e
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80f::2002
2607:f8b0:4006:816::200a
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::2004
2607:f8b0:4006:81e::2003
2607:f8b0:4006:81e::2008
2607:f8b0:4006:81e::200e
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::2003
2607:f8b0:4006:820::2006
2607:f8b0:4006:820::200e
2607:f8b0:4006:821::2001
2607:f8b0:4006:822::2002
2607:f8b0:4006:823::200a
2607:f8b0:4006:823::200e
2620:100:a001::4
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:a021:b886:81cc:55cf
2620:1ec:21::14
2a02:6ea0:c400::11
2a03:2880:f03a:1c:face:b00c:0:3
2a03:2880:f13a:83:face:b00c:0:25de
2a04:4e42::396
2a04:4e42:a00::282
3.208.156.92
3.218.193.24
3.218.90.66
3.230.217.116
3.95.113.43
3.95.43.37
34.107.148.139
34.111.8.32
34.120.155.137
34.120.253.250
34.197.5.69
34.199.73.116
34.204.163.217
34.215.0.93
34.234.134.156
34.96.71.22
34.98.64.218
34.98.67.3
34.98.72.95
35.168.171.75
35.190.52.204
35.190.60.146
35.190.90.30
35.207.24.140
35.211.178.172
35.244.159.8
35.71.131.137
35.71.139.29
44.194.129.7
44.224.191.126
44.240.10.58
50.16.197.56
50.17.85.17
50.31.142.127
52.40.109.212
52.40.56.16
52.45.149.5
52.70.130.122
52.73.219.253
52.85.150.80
52.95.126.160
54.144.144.142
54.157.83.177
54.200.124.182
54.85.209.9
64.58.232.176
64.58.232.180
67.202.105.24
68.67.160.24
68.67.179.164
70.42.32.255
72.251.229.176
72.44.48.48
74.119.119.129
74.119.119.139
74.119.119.150
75.2.40.13
8.28.7.83
8.43.72.97
8.43.72.98
013694a42f9917dbf4ebba3cd8c1924c763856eefa56e5deaa140bb8688ee6c0
02489ae657df8d2ea01ad71f7365f3b63371182e66334a8243a7d20c5b122abb
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0760a0a454d26128b9f9bee6f99df65853ac0d5c14f498ff5b5c012ac9d715cc
0766fb4d61c35d9430ae4d586c07f54b8896b44e26ea5ff8e956bc8510977ee7
09653a67a8762f5911118dd64f942cd513d30285c9b224f0fa4bbc264de79342
09ae8688aa2523485866a39a8a471425f093a71921e8f4663c79e4443ebe48a6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cb52e90ef1b6d486d5ae330bf1b1823fb6c32c77b530ed462322582a95003a5
0da425eaadbec3853cae0b85493ea7ad6934972097b4f59d2a05dbb130585444
0de94ae1e4dc98c4dfc2e55b93faf202250122afe52b82d724ced0b3e120db9f
0f2d632a4ac919ebaa396f8467ea958b2b6d7fe6956dd5de0c0efe8a48beba64
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11bab176b893eb98ccbbfc29a9c1218a488dccc6bb5dc418fa357b371dc4b94d
11d7996a73bfdf5edf01ad6be9ef3b8a09a19c5ac6dea198df588b67a951c40f
11e1a2fbb9d6e508117b8428b2fa612f11dd7e2e603040c98320630c49337732
1412791fc3e8ede20785df7b4856ac7452464af2e797beb0859adb07771fdc84
1a2805cb40491a1e86d6f29f756e5e46eb48773f7ad1c1e6527c605f9ec7d235
1b80a8fc491f973cc7bce5e3e8bf7992c52208c4bc516909d9fd84c6285750c2
1c70ad44f519fd72ddcf63c5bf712c8380946690fa1adc91df984357d93c2bbf
1d097e69ff47df9414a0ec07dfc70401084f4599617045a3a3edc7661ff76f3f
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
1db92a04541fb3a6c72ccdee7adde1b894da5df11b7c275fbf3f77eff5ff7baf
1df3371f650083389e7b8913c038c3d3695cc92776c8a72d4f4bec5673e17046
20a46cf7a603d7447d90ad966f38149cf1366922cf84e66d16b2f81fe4c1ad02
20c078d1c46cc6adb228e8f2d75abac84332c702edccab59242023740c77e191
20e74b9a708a64d7a66a3e3a0aa57ce43513e1e19d0b2cde757260d5a1da2457
21dd61fde35f6ad48d4b27d8e949c0a6699562c8c86326ee5b3839e32fce8e82
22ca5b87952e588f4ea1fb50d33b820b9bdcbc5e84bfb7dc86c94dc3166ca5f9
246f4254dc2c80b2aa63d488a6aca92b3d7e29c4bc60efbd0f3e8397a63c9fd2
2497f94d8a997612d5da2ad1d85dc3e430771037e23c2d9c9a89379686ceccac
26ed5f6aa822d65b6ea7df8d13f1a217d7a933376a824b7ef52af0e6f64f1a44
27e83793f50bb31fc8e9fd687a90b7472f979f925993f597db551450c423487a
28ffb5ea569b04f95899c8ef8347d9e5fa36b2680f2f0204fce9d00fff086f86
2a7dab87e27ba551d648c6bbfc6c0411659b50763c1f116558e294f3a8439444
2c667cdbe90922576bac69bbd0fa8f61d0c410748bf29b5bccea09b21123f1a0
2cd22835802a19a7da38b3d108b18762642f5436e3ff2623637d7cfe568cc273
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8a1f45a3760d8c6bdb8b4d2d55ac3532f06ac81bacb6731a30ede548e6cc99
31248ef830b10ec6779f2693aaa69d3149cf2bb2fe1314cba78f03f7edcf07fd
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3ae474e9227986bfaa6b83411f707e953993c7b8058abcbe0870ad330a98cffb
3b40b457fa316cee42f8a4bc97d77182cc54120e33ffbb8a812c05836501134a
3c409ce9996191eed195e4864d7f28d25ab2b09331b26a86a364fe6c39652a0e
3cf667dfc34ebc5bd19d11921c71c9aaefd7a5886581064ba7e3bb5dc23cbcc2
3e2c74520955923ebd7093beb2cf2a2fd6b1dabba81de3948e4712620159e61f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400c4ac48ef958f68885c0e6b8aed771c94f519756df98a70c0acf9fa76b53b5
420b5e854a4e139957a8bc1698d89c5560c5c4847b965e5ffea20757a5e896b4
42141e3a6ee96e76b31d9d103d3fffab2227c7afe68405010c68541c30ae6e0c
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
45877403f3c1932bbdbf87c7f02f250b9ddd3d5ed4dc59b30ac9c4f876d83d4b
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
476756d5ca23f4bc0086789ce0af7a810be71053bbfa8ea98aed92cc14f123dc
47a6d427b9f549f52ec7103a6ad5ce45c0f69e29b740eb88be8dfa053db21441
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48abbbb87d8a3a1f97940449fd42b27a75079b449e844fad811e1231cdc57836
4948b24aa4b58a7f9850db125ed42dd63bf738de9443410caa55c1699fc1b4c2
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf3e06663b619a5123a29c9ca7f089f992a123a0faed40c915cee93904772ea
4cc892362e5eda041f4dc9e7cee0407c2df380d8fe65804b6799d93239a55b22
4d7b91ed4a7804e22b94e4873af273def73469e80b740bd9787e287003058868
4de3f44f9af02f0a9ac1366998ed8d04b85caee3bccd4552c04edd8dcd926bee
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4be7f1cefaba47033a1a41389a9879bd973c9dfc1c441bb4bffa02400a2f88
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f571cc958dd8c67b837663a3501369104a33a31356abc19c8d22953492e4cae
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c688f08fc47247c9b1692d3c79fb9f39d2a43c3aa42005b04791066c962bcf
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a479b211f35206e9f4d8eb83aa63aaa7c76f00f86c30d589631b32c3fc42042
5c9b4ae05fb5b2e0a0f6b8ba4f3e2fd3669261fbb1decbbb9d9238feb65878e5
619fe63e60464a4fee071a5931bd474b4cafbe619f1d2cb27c241f6bc06897bc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
6443346d3ca5b02677df3fa93127f7f22bd92a789509b3ac91f24fb3a04faa5c
659e88497037086f548b785858e67802177b50f906e65ab77c6985841b370cf9
66113d720f4bbd28846d83b6e1696785479dcfe046e57e6187182429a2e19994
69fcf01bd49d9f22b799c59941a354695e31a211ee69fd1f107010a72e7e523e
6a4dac260dffc284594d633859fb508b2fcfade38b61c8af9cd55eb23adf9e89
6a86466964703b80f34f92b9b005722659ec8ece6e37664e230ec7bc42111bf4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b0f24d267fac3bd4905048bf2e384650a040a010094475a2ff2b090ed8bf883
6b53bb213180c667c37a87e1f5f714bb0987010e0bb313ebc64d91e12bc1095d
6dc15f4d0238e20fb7ff8185473525676be7d1508bba328d9a15647ed4086d9a
6e4de4e2365a4b8d592875694220f3a355404793ded47e557e320f2165abaaf0
70def53ed8e66b6d1e54c73da90dbdf5cee709388e77d7a2c200c1ce809e6a61
70fd869f92915eb3c9f85d2d2b5a473ba45239ae463b35267642335337c46f06
7259aaf1b41374f0bfc5da7db2520de524612671731ffc96bd6b4ec2e69d7465
73d0b3ad6191c9bd1da09afa330eef03cde53d36063d669c0715194b5648f709
7419908540048c23afc58230effbbd6231be763ee633bf747ff7d30be3785d17
7475b0e4ec6aaefe03e26dee8683fe8dbb06a19d4443265e59aae73cb9f1e261
74c0911329aa791933bf7fce4a6260ee7e542a83adb28a09a71454cf38ebb663
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
758b878da985cdc84d18fa185bf3168ff7eb7a7ec70b9c314386ca9137333b97
75c6cc7e4d68b8dec8bb65307a86cea2c0412fdb5d03e77dcf7eb173b78b2209
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77c8af108b0be890fe899a91fed24451f7023bc2d4f604bde91adbec3fc07504
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7caf70837b622f5e2ef8d145b2cc7c468f79a0d886fe577c1462cc951456b2e8
7ea1f07fd8ab3925b142fd1ef3d6019a8c524b403fa6496d8a47bd9c3d452e10
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
7ff758ced20d4139eb5f580cfc93d1161ed5e19a4a2d4020728143855d17adeb
81eb841ca287ddd6ec5ff27e9d178f18b4c6f989170387d17a649ed3e15f94fe
820a142fdfdb98a8a37368a8f9fd419e03c84062864729d848d804137945c8b2
823e186d74636c4d48883a6badb1fc5399bf9bad10143289d20330cdbf7f4f22
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377
8392b864ce606bf8ec20cf749f148dd7134d770200dd81df9b7adbc33a88978e
83db3bbe981876d41cce2ddff9a3f3eb388342c9d70a4112fd79b995dae26dd0
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
8575c83bcd649c28701830bc98d0051adba45ba685776092d2417c9240ee0c67
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
867b23a408fa99143955de5665345cda886857174c328d2828e5dcd33bd98cd1
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
875297c2f3914e9d9152c3c986e6d62244586ea6c4f41a03c9a621fa9d1759e2
88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf
88d739f667b9df4d11c027da7b5a61816b796d2d9e217c87100fd48daff232e1
8a1e9480bb0dbc954c947a34b76dd34c499b325d9cdd1993c18bceac30b5b184
8a9ba7bbc88ec23d81a2d63845638a3b6603de473261872f301803cef84ef335
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8c6456830401da80934234015a0656a2027db0263faf7854db60adcc994c25c2
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
905ea556d01332e5b556febce1b8c55cd81d6d984859cf797eaf9137d2c6dd8a
9112b16c0bd02d574944dbfe8200cda4f233856de27ec693da793a78f656ec6d
926edfb3d6a36c6b9778be83956679ee82cd99779a844c68e2b841f4d22b7b7f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9474479f7c728926331ecd6a8c48627e217675a5bf91d544eeff17077ab8bbb3
9789b825e807e510109a01f5a0c39c2681915b166e8e2c02a6e2f47195af2597
978bbe1959cfcf71c06c1fd758f89d72319bc3928d5716450ec5665568ff35a6
97b1f82921571e0f4af7289f0dce7bb7d1e3836e68f1455a78c4e291eb5b039e
98a2bc2afc0f4cab2b795ad4073bcb8fb4093f2ef1df15ea4f616864416bc7a9
98d3441c2fe76d760da2adaaff46eb151eaebd9a0fbc898f0cdfe6aff02710f6
9b381f6277e8bbc4ed06dad6bf38864994e1d5854b8525ca69391d61ed423018
9b848b6e24a1363ceb7f1c2977907d7f428de3800e78e99750a685a7ab77488c
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
9dadd3a17c249fb0d7c8592d347e5ded1b6065c1b32fb4be311e27a60b27cdb6
9e0843dbf1dc0d65a75182a82b945a9373557932e61934c27679c357f20c33a9
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1d57e666f64ce544a2e4c21ed005c110ccd9e575e77f9b7e3ae3c62560a96c9
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a27d8289678c53095dc81f3d8060612f679daf0f5cceb89b5a42866631f932f2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a64bf88cc5b195e9dcfa2f0f9b91f6701a61014fcb63c863f942037efbe12c82
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ab7227f2ae21f2daf452863dfa171d2f5c902bf6f12deecd773ef6cb6e06d710
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad08f9cbf7e18a3158d8668c359fb7708e58c35d3b54c68c51486c43f483f40a
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af29cacfb5125f85da0f1557bb56456abcc1556dbd3094bb56e569890348c984
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b01d4ba963be16f491485ac46d5aa89bf52e45fc64fad558aba54b43ce4ca024
b043a79fc3e5aa25fc53b624db4dfc612198a4e62e43780296ab07dafb6f8f83
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b6d10209938eec5a9fe4ff26d46f0fcd46d5f08c64acdbad2b0d49731f0ed305
b74b0a64de965dab6e2f2db25d4f7384ae500560c92750c3c70245b368df708d
b83b502fcb066ff59711d2e82d691421a44a0216e2a442545e3232a32a739604
b9daef61d4b711f1d28c3eef6bd8d522b8df518e833767512ad79502cc605dbd
bb0137567a729cf712624be4ad3500fd341216cc1c9b1faaa451c13d0e899d0b
bbc4456bca95006683a8f081d0d2ed645eef5b14c62eca12c70f7e1cec26c1a0
bd78f33dbc5d687cd776a1d39393be4d3f7f1be334612ce6f5852937a4b4175a
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
bede4ac4db1899cbab141cbcd263738ef7cbeceba3bc5c550e4935b0e9979d5a
bef476ec3cca40a08e1dff35c707c24d5774e788c57febdb54874e90402a6af2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c34a9420de5b381d4f2459193c70e4d84d5aaa0928a67907a57e2a9e9d3a8852
c41dc37fea212372d1f53109304ebae695e644f9ce083dcab08d5978c8c3020f
c5b7507a6dd65362434f9b27cc280ef7d4b5c0a7c040c4fae34efc9afa2c622c
c603917a1f98cbd38c3fd21ed961ebdf78b2bf8a7c783794da68b325769ed437
c87318fef7fcccd15255393146bbaa4ee04652789f1fe500e66367e63eb5f84e
c8c9128b649afff93f89f77eb2aa5a4bbbb1443bebc5156d0f697780c8beaa26
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb59848b4e6672fb3b94f7ce6ee8c7f6916c0ea6110c79e1384d9a71e8ebbf1d
cce9d31edf1c7ac059b6f913d03411925ce3d17d21a36e4e97e4dfb19b54b3ce
cf2d49f967e0112be0eb0cab4103cdec4cbf10f49810197750ecea6fbe2ba116
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff3ff7513a42187f914df965c0006c8756f549dc13ffb64540767042902a748
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3
d2980b54624eb2ecc649343a4eafc6ede027112c1f012cbe6277f9d541048e19
d6dc98bf69312306b49f4162e7bfd2668a9bb8700721334af0f764a288d53551
d754e05bc2acdfe544b477f31c057921708a43b9868402c1ae574c5c614dc528
d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927
db17b76020ac9ac2f859b55338c32255277124c9c3dae380c1bebda7242d4ff9
dc77601b1c0820dc3bc352ec0964d390e2402e7947ec16a7ade2306edbeb2080
ddad34ad6596e85c168401c44922d917aa220f071213b9577639ebf3df164d9f
e004a38bad5960733695b7e259f982ed376fef48c4d15d85f1581ef322ad5d5d
e300b777a70dda0d0c686ecfd02658b5bb80e6b380a225ee704d94402852c5dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b99178c5da6ff4d7f612c2c76c390f0a6485f16d87214aca7bca276aaebb86
e4312f2f537cbd6e153d8426ab167e1537c2aa53c8be4f62f05de9e666155d13
e4631e18d1b48ef0398a5ae755803782de2a504a54be4eaa8ed2719670f5bc22
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e84906c82c5e653707516be213495ec78568e324c345687bf76fdcdf8d2f8d42
ecfc007f78e1ca1f4a907517c0c677fb9373e0ff7eb338196b24cb6498f1e93e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f21f63816a4476e413ec45d5842ccfaf58ed881bcfc69a613e980937db963b95
f22c32205a7417f8c00ddadfe7a17931f1d5f1e20a38f61b695c12d4d4e61a8e
f2b85272d85497adf0ce10db07ceb134201005f56861b447b68f6973906b333e
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f47ca746778d0807b5344c8c2b5d51882fbffe892b0cf67001c6d41872362c0d
f520d200f5d04a2bc40f94c843eb0c2611ffcf103109f6758d81740c8f3b516a
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9f4ab30d5ad26fb21fac14245a63c41deb74cbcd51d6b9000acd6437c1ab5f9
fc2db2df2b87542f660243d567303059843e8ac6f8a680daec5984a0d7ba0998
fd239cbc31f0976120b6649fe926ccd9f043e8155452b986658ed4bfdcd3471e