arstechnica.com Open in urlscan Pro
3.137.38.223 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.sysdig.com/MDY3LVFaVC04ODEAAAGF2qr5Nz6pacnGqFuQULuxUegtJyx-Oonulh1GEYw-uzJzJBp8MSU0HJM57YzKHElHEOMxef4=
Effective URL:
https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected...
Submission: On July 27 via api (July 27th 2022, 1:48:16 pm UTC) from US — Scanned from DE

Summary HTTP 213 Redirects Links 67 Behaviour Indicators

Summary

This website contacted 58 IPs in 7 countries across 39 domains to perform 213 HTTP transactions. The main IP is 3.137.38.223, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is arstechnica.com. The Cisco Umbrella rank of the primary domain is 25166.
TLS certificate: Issued by Amazon on November 29th 2021. Valid for: a year.

This is the only time arstechnica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.17.72.206 104.17.72.206	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	3.137.38.223 3.137.38.223	16509 (AMAZON-02) (AMAZON-02)
21	205.234.175.175 205.234.175.175	23352 (SERVERCEN...) (SERVERCENTRAL)
9	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	108.138.4.10 108.138.4.10	16509 (AMAZON-02) (AMAZON-02)
3	23.47.209.6 23.47.209.6	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:440... 2606:4700:4400::ac40:929e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.73.179.32 54.73.179.32	16509 (AMAZON-02) (AMAZON-02)
4	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6813:d983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	52.17.229.209 52.17.229.209	16509 (AMAZON-02) (AMAZON-02)
2	52.6.23.250 52.6.23.250	14618 (AMAZON-AES) (AMAZON-AES)
4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	13.32.121.106 13.32.121.106	16509 (AMAZON-02) (AMAZON-02)
5	18.66.97.74 18.66.97.74	16509 (AMAZON-02) (AMAZON-02)
1	108.138.7.78 108.138.7.78	16509 (AMAZON-02) (AMAZON-02)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
3	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	23.35.229.181 23.35.229.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6811:4132	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.16.40 18.66.16.40	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.122 13.32.99.122	16509 (AMAZON-02) (AMAZON-02)
1	151.101.192.239 151.101.192.239	54113 (FASTLY) (FASTLY)
1	3.219.23.242 3.219.23.242	14618 (AMAZON-AES) (AMAZON-AES)
1	199.232.18.132 199.232.18.132	54113 (FASTLY) (FASTLY)
2	3.95.101.195 3.95.101.195	14618 (AMAZON-AES) (AMAZON-AES)
2	72.21.195.65 72.21.195.65	16509 (AMAZON-02) (AMAZON-02)
4	2602:803:c003... 2602:803:c003:200::61	26667 (RUBICONPR...) (RUBICONPROJECT)
5	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
4	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400e:801::200a	15169 (GOOGLE) (GOOGLE)
6	108.138.2.156 108.138.2.156	16509 (AMAZON-02) (AMAZON-02)
45	52.222.250.121 52.222.250.121	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.31 64.202.112.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
2	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	44.207.143.147 44.207.143.147	14618 (AMAZON-AES) (AMAZON-AES)
19	99.86.240.70 99.86.240.70	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	108.138.7.24 108.138.7.24	16509 (AMAZON-02) (AMAZON-02)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
2	92.123.9.160 92.123.9.160	16625 (AKAMAI-AS) (AKAMAI-AS)
2	92.123.38.97 92.123.38.97	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	52.94.222.140 52.94.222.140	16509 (AMAZON-02) (AMAZON-02)
7 8	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:38f8:ac58:6cf7:3607	16509 (AMAZON-02) (AMAZON-02)
2 3	52.46.155.104 52.46.155.104	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2 4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
213	58

1 104.17.72.206 (None, )

ASN13335 (CLOUDFLARENET, US)

info.sysdig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.137.38.223 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-137-38-223.us-east-2.compute.amazonaws.com

arstechnica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 205.234.175.175 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.arstechnica.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.47.209.6 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-47-209-6.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.73.179.32 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-179-32.eu-west-1.compute.amazonaws.com

segment-data.zqtk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:d983 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.mediavoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
plugin.mediavoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.229.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-229-209.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.6.23.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-23-250.compute-1.amazonaws.com

api.cnevids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-106.fra60.r.cloudfront.net

cdn.memo.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.66.97.74 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-74.fra56.r.cloudfront.net

player.cnevids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-78.fra56.r.cloudfront.net

ats.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.229.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-181.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4132 (United States)

ASN13335 (CLOUDFLARENET, US)

polarcdn-terrax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.16.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-16-40.vie50.r.cloudfront.net

z-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-122.fra60.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.192.239 (United States)

ASN54113 (FASTLY, US)

api.condenast.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.219.23.242 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-219-23-242.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.18.132 (Vienna, Austria)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.95.101.195 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-101-195.compute-1.amazonaws.com

elsa.memoinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.195.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

assoc-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2602:803:c003:200::61 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

condenastus-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400e:801::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.138.2.156 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-2-156.fra56.r.cloudfront.net

d2c8v52ll5s99u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 52.222.250.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-121.fra60.r.cloudfront.net

dwgyu36up6iuz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.31 (Leesburg, United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 44.207.143.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-143-147.compute-1.amazonaws.com

capture.condenastdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 99.86.240.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-70.vie50.r.cloudfront.net

dp8hsntg6do36.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.138.7.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-24.fra56.r.cloudfront.net

check.analytics.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.9.160 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-9-160.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.38.97 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-38-97.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.222.140 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.165 (Frankfurt am Main, Germany) 7 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:38f8:ac58:6cf7:3607 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.155.104 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	cloudfront.net d2c8v52ll5s99u.cloudfront.net dwgyu36up6iuz.cloudfront.net dp8hsntg6do36.cloudfront.net	16 MB
21	arstechnica.net cdn.arstechnica.net — Cisco Umbrella Rank: 43655	1017 KB
14	rubiconproject.com 7 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 516 eus.rubiconproject.com — Cisco Umbrella Rank: 598 pixel.rubiconproject.com — Cisco Umbrella Rank: 333 token.rubiconproject.com — Cisco Umbrella Rank: 703	17 KB
10	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 323 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1294 s.amazon-adsystem.com — Cisco Umbrella Rank: 287	48 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 427	206 KB
8	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 211 pubads.g.doubleclick.net — Cisco Umbrella Rank: 477 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	134 KB
7	cnevids.com api.cnevids.com — Cisco Umbrella Rank: 86087 player.cnevids.com — Cisco Umbrella Rank: 17388	99 KB
7	skimresources.com s.skimresources.com — Cisco Umbrella Rank: 2539 r.skimresources.com — Cisco Umbrella Rank: 2348 t.skimresources.com — Cisco Umbrella Rank: 2465 p.skimresources.com — Cisco Umbrella Rank: 3397	15 KB
6	yahoo.com 1 redirects c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1033 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 473 ads.yahoo.com — Cisco Umbrella Rank: 1462	2 KB
6	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1117 widget-pixels.outbrain.com — Cisco Umbrella Rank: 2540 odb.outbrain.com — Cisco Umbrella Rank: 1273 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5100	111 KB
5	condenastdigital.com capture.condenastdigital.com — Cisco Umbrella Rank: 15689	240 B
5	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 434	688 KB
5	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 553 as-sec.casalemedia.com — Cisco Umbrella Rank: 1305 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 460	2 KB
4	media.net prebid.media.net — Cisco Umbrella Rank: 1348 contextual.media.net — Cisco Umbrella Rank: 515	18 KB
4	openx.net condenastus-d.openx.net — Cisco Umbrella Rank: 24794 u.openx.net — Cisco Umbrella Rank: 718	695 B
4	rlcdn.com ats.rlcdn.com — Cisco Umbrella Rank: 1370 check.analytics.rlcdn.com — Cisco Umbrella Rank: 3788 api.rlcdn.com — Cisco Umbrella Rank: 822	39 KB
3	associates-amazon.com z-na.associates-amazon.com — Cisco Umbrella Rank: 6101 assoc-na.associates-amazon.com — Cisco Umbrella Rank: 3061	4 KB
3	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 585	18 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 362	566 B
2	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123	600 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	52 KB
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 273	33 KB
2	memoinsights.com elsa.memoinsights.com — Cisco Umbrella Rank: 27426	1 KB
2	mediavoice.com cdn.mediavoice.com — Cisco Umbrella Rank: 40402 plugin.mediavoice.com — Cisco Umbrella Rank: 31997	139 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 742	858 B
2	moatads.com z.moatads.com — Cisco Umbrella Rank: 436 mb.moatads.com — Cisco Umbrella Rank: 666	76 KB
2	arstechnica.com arstechnica.com — Cisco Umbrella Rank: 25166	18 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 371	710 B
1	rkdms.com id.sv.rkdms.com — Cisco Umbrella Rank: 3926	166 B
1	condenast.io api.condenast.io — Cisco Umbrella Rank: 23105	6 KB
1	privacymanager.io geo.privacymanager.io — Cisco Umbrella Rank: 1420	592 B
1	polarcdn-terrax.com polarcdn-terrax.com — Cisco Umbrella Rank: 7860	502 B
1	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 3597	464 B
1	memo.co cdn.memo.co — Cisco Umbrella Rank: 34028	7 KB
1	zqtk.net segment-data.zqtk.net — Cisco Umbrella Rank: 8650	380 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 93	125 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	28 KB
1	sysdig.com info.sysdig.com	1 KB
0	getpublica.com Failed pbs.getpublica.com Failed
213	39

	Domain	Requested by
45	dwgyu36up6iuz.cloudfront.net	arstechnica.com d2c8v52ll5s99u.cloudfront.net
21	cdn.arstechnica.net	arstechnica.com cdn.arstechnica.net
19	dp8hsntg6do36.cloudfront.net	d2c8v52ll5s99u.cloudfront.net
9	cdn.cookielaw.org	arstechnica.com cdn.cookielaw.org
6	d2c8v52ll5s99u.cloudfront.net	player.cnevids.com d2c8v52ll5s99u.cloudfront.net
5	token.rubiconproject.com	5 redirects
5	capture.condenastdigital.com
5	imasdk.googleapis.com	player.cnevids.com imasdk.googleapis.com
5	player.cnevids.com	arstechnica.com player.cnevids.com cdn.arstechnica.net
4	cm.g.doubleclick.net	2 redirects
4	c2shb.ssp.yahoo.com	cdn.arstechnica.net
4	fastlane.rubiconproject.com	cdn.arstechnica.net
4	c.amazon-adsystem.com	arstechnica.com c.amazon-adsystem.com
3	s.amazon-adsystem.com	2 redirects
3	pixel.rubiconproject.com	2 redirects
3	aax-eu.amazon-adsystem.com	2 redirects
3	t.skimresources.com	arstechnica.com s.skimresources.com
3	widgets.outbrain.com	arstechnica.com
3	js-sec.indexww.com	arstechnica.com cdn.arstechnica.net
2	ssum-sec.casalemedia.com	js-sec.indexww.com
2	contextual.media.net	cdn.arstechnica.net
2	eus.rubiconproject.com	cdn.arstechnica.net eus.rubiconproject.com
2	u.openx.net	cdn.arstechnica.net
2	match.adsrvr.org	cdn.arstechnica.net
2	check.analytics.rlcdn.com	cdn.arstechnica.net
2	pagead2.googlesyndication.com	imasdk.googleapis.com
2	pubads.g.doubleclick.net	d2c8v52ll5s99u.cloudfront.net
2	connect.facebook.net	d2c8v52ll5s99u.cloudfront.net
2	s0.2mdn.net	imasdk.googleapis.com
2	prebid.media.net	cdn.arstechnica.net
2	condenastus-d.openx.net	cdn.arstechnica.net
2	htlb.casalemedia.com	cdn.arstechnica.net
2	assoc-na.associates-amazon.com	z-na.associates-amazon.com
2	elsa.memoinsights.com	cdn.memo.co
2	p.skimresources.com	arstechnica.com
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	api.cnevids.com	cdn.arstechnica.net
2	geolocation.onetrust.com	cdn.cookielaw.org
2	arstechnica.com	info.sysdig.com cdn.arstechnica.net
1	px.ads.linkedin.com
1	ads.yahoo.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	api.rlcdn.com	cdn.arstechnica.net
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	as-sec.casalemedia.com	js-sec.indexww.com
1	odb.outbrain.com	widgets.outbrain.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	api.condenast.io	player.cnevids.com
1	geo.privacymanager.io	ats.rlcdn.com
1	z-na.associates-amazon.com	www.googletagmanager.com
1	polarcdn-terrax.com	cdn.mediavoice.com
1	plugin.mediavoice.com	cdn.mediavoice.com
1	widget-pixels.outbrain.com	arstechnica.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	r.skimresources.com	s.skimresources.com
1	ats.rlcdn.com	info.sysdig.com
1	cdn.memo.co	arstechnica.com
1	mb.moatads.com	z.moatads.com
1	s.skimresources.com	arstechnica.com
1	cdn.mediavoice.com	arstechnica.com
1	segment-data.zqtk.net	cdn.arstechnica.net
1	www.googletagmanager.com	arstechnica.com
1	z.moatads.com	arstechnica.com
1	www.googletagservices.com	arstechnica.com
1	info.sysdig.com
0	pbs.getpublica.com Failed	player.cnevids.com
213	66

This site contains links to these domains. Also see Links.

Domain
video.arstechnica.com
www.condenast.com
cdn.arstechnica.net
www.facebook.com
twitter.com
www.reddit.com
www.microsoft.com
en.wikipedia.org
fidoalliance.org
www.arstechnica.com
www.twitter.com
www.callofwar.com
www.history-a2z.com
en.12up.com
rfvtgb.housediver.com
producthunter.club
www.outbrain.com
condenast.com

Subject Issuer	Validity	Valid
info.sysdig.com Cloudflare Inc ECC CA-3	`2022-05-15` - `2023-05-15`	a year	crt.sh
*.arstechnica.com Amazon	`2021-11-29` - `2022-12-27`	a year	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2021-10-18` - `2022-11-19`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.zqtk.net Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-10-28`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
cnevideos.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
memo.co Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
*.cnevids.com Amazon	`2021-09-18` - `2022-10-17`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
assoc-na.associates-amazon.com Amazon	`2022-06-18` - `2023-06-17`	a year	crt.sh
*.privacymanager.io Amazon	`2021-09-25` - `2022-10-24`	a year	crt.sh
condenast.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-17` - `2023-07-19`	a year	crt.sh
securedvisit.com Amazon	`2021-11-30` - `2022-12-27`	a year	crt.sh
memoinsights.com Amazon	`2022-04-27` - `2023-05-26`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-08` - `2022-08-31`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-06` - `2023-05-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-05` - `2022-08-03`	3 months	crt.sh
conde.io Amazon	`2022-07-06` - `2023-08-03`	a year	crt.sh
analytics.rlcdn.com Amazon	`2022-07-27` - `2023-08-25`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Frame ID: 0B64C17A4010977E68857A4E7B4264D5
Requests: 151 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5032440172217951
Frame ID: FECC1D6B7338088F309528925B9A92AC
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 89495451D93705A08627ED04AE3A5085
Requests: 29 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 24FCE6DF2CA3F74AA4AA308B770E791A
Requests: 20 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.522.0_en.html
Frame ID: DD74994F8B7CF049CF11FF8773C131DD
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.522.0_en.html
Frame ID: 95553E591F41DD71D8AC6F27C3617A1B
Requests: 2 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 184F0C5F9FB1736F1B0A26ACFD3EE325
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---
Frame ID: F1DEE32D1D35707FCA6BABBA7367D12F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C12254238D787B7138EC0D148FD99A9C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 0DA569732A56814C95E4CA2DB478597F
Requests: 10 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?us_privacy=1---
Frame ID: 26EEF6912EDF0979519D3D0B2F485ED8
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: 770692A953E0C309F5674DF4B9A50292
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---
Frame ID: D67558DAD250E322E1EF2DFCE4E45AA1
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPcxQAAPcxQAAAcABBENCZCgAAAAAAAAAChQAAAAAAJBAHIAAgADQAOAA8AC4AHwAWgA-ACMAEkALYAYgA_gCRAFcAL4AagA2gBxADkAHOAOoAfIA_wCBgEHAJEAT8AoYBSwDCAHVAQ2Ah8BF4CPQEhAJWATaAsIBcQC6AF1ALtAXkAwKBh4GIAMWAZCAygBoQDRgGlANTAbQA24BugDggkEcABAAC4AKAAqABkADgAHgAQAAwgBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCQCGAIkAR0AlgCXAE0AKUAW4AwwBkADLAGyAO-AewB8QD7AP0AgEBFwEYgI0AjgBKQCggFPAKuAXMAxQBrADaQG4AbwA9AB8gEOgJEATEAmUBNgCdgFDgKRAU0AsUBaAC2AFyALvAXmAwYBhIDDYGRAZIAycBlwDOQGfANIgawBrIYA8AAYABYAFwAjABJACfAFQAVQAtgBiADeAKQAaUA1ADVAHEAS0ApYBsgDqAIbAReAkIBQ4CxAFxAMCAYeAxYBkYDQgG6BoD4AVgAuACGAGQAMsAbIA7AB-AEAAIKARgAp4BV4C0ALSAawA3gB1QD5AIdARUAkQBNgCdgFIgLkAYSAxgBk4DOQGeAM-EAHgADAALAAuADUAIwASQAngBVAC2AGIAN4ApABXADUAHEAPkAkQBLQClwG4AbwBDYCLwEhAKHAXEAwIBh4DFgGhAN0EQGAArACGAGQAMsAbIA7AB-AEAAIwAU8Aq4BrADqgHyAQ6AkQBNgCdgFIgLkAYSAycBnIDPhUBcACgAQwAmABcAEcAMsAdgBGACOAFXgLQAtIBvAEggJiATYAtgBcgC8wGRAM5AZ4Az4BuQoAoAGIATIApABlQDUANUAbQA4gByADwAIKAS0ApYB1QEegLEAYEAw8BmgDQgGvDACoANQAxACZAFIAMoAagA2gBxADkAHgAS0ApYBYgDqgI9AScAsQBeQDAgGHgNCGQFAAhgBMAEcAMsAdgA-wCMAEcAKuAVsA3gCYgE2ALRAWwAvMBkQDOQGeAM-HAXwABAAGAARAA4ADwALgAfABaADmAH4AggBGAC2AF0AL4AZAA0AB_AEIAJEAToApABZgC-AGWANKAagBqgDaAHEAOQAc4A6gB2ADuAHzAQABBYCDgIQAREAkQBLQCbQE-AT8ApYBUACsgFtAL1AYABgQDCAGZANYAa8A3gBx4DnAOkAdUA8gB8gEIAIbgQ-BEACIgEegJCgSsBK4CYgEygJtAUKApABSYCmAFTAKqgVsBXYCygFpALUAXFAugC6gF7AL6AYFAw8DEAGLAMhAZQAy8BoUDRQNGAaUA00BqYDXgG0ANsAbcOgrgALgAoACoAGQAOAAgABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AGIAMwAbwA5gB6gEMARMAlgCYAE0AKMAUoAsQBbwDCAMOAZABlADRAGyAN8Ad4A9oB9gH6AP-AiwCMAEcgJSAlQBQQCngFXALFAWgBaYC5gLqAXkAxQBtADcQHTAdQA9ACHQEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC2AFwALkAXaAu8BeYDBgGEgMNAYwAx4BkgDJwGVAMsAZcAzkBnwDRIGkAaSA0sBrADYyADUABAAQQAvgBoAD-AJEAUgAtwBfADLgGoAaoA2gBxADkAHOAOwAeABBQCfAFLAKyAWIAwABhADMgG8AOcAdUA7YCHwEegJCAScAlcBMQCbQFCgKQAUmArYBbQC6AF5AL2AYEAw8BmgDQgGigNKAamA2wBtxCBqAAsACgAGQAXAAxACGAEwAKoAXAAxABmADeAHoARwAsQBhADKAG-AO8AfYA_wCMAEcAJTAUEBQwCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAJsAU0AsUBaIC2AFwALkAXaAyIBk4DOQGeAM-AaIA0kBpYDgCQCYAAQABgAHAAXAByAFQAMgAbwBCACRAFJALkAvgBlgDSAGoANoAdwBAACEgEtAJ8AVAArIBrwDeAHVAPsAlYBNoCkwFlALSAXsAw8BiIDFgGlANyJQNQAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADMAG2AQwBEgCOAFGAKUAW4AwgBlADZAHeAPwAjABHACTgFPAKvAWgBaQC6gGKANwAdQA-QCHQEVAIvASIAmwBYoC2AF2gLzAZEAycBlgDOQGeAM-AaQA1gBwBQCUAAIAAwAFwAPgAtAByAD8AIwAVAArABfADIAG2AN4A5ACEAEcAJEATIAnQBSQC5AL4AZYA0gBqADXAG0AOIAc4A6gB3ADwAHyAQAAg4BCQCKgEiAJOAS0Am0BPgE_AKWAVkAsQBdQDAQGEAYoA14BvADqgHbAPIAfIA_4CPQExAJlATaApABTACpgFbAK7AWgAvIBfQDAgGHgMWAaIA0qBqQGpgNeAcEUggAALgAoACoAGQAOAAggBgAGMANAA1AB5AEMARAAmABPACkAFUALAAYgAzABzgEMARIAowBSgCxAFuAMIAZQA0QBsgDvgH2AfoBFgCMAEcAJTAUEBQwCrgFbALmAXkA2gBuAD0AIdAReAkQBNgCdgFDgLFAWwAuABcgC7QF5gMNAYwAyIBkgDJwGXAM5AZ4Az6BpAGkwNYA1kBsYA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 22250F4ED1BDEC1C0459B2FAC14068BC
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPcxQAAPcxQAAAcABBENCZCgAAAAAAAAAChQAAAAAAJBAHIAAgADQAOAA8AC4AHwAWgA-ACMAEkALYAYgA_gCRAFcAL4AagA2gBxADkAHOAOoAfIA_wCBgEHAJEAT8AoYBSwDCAHVAQ2Ah8BF4CPQEhAJWATaAsIBcQC6AF1ALtAXkAwKBh4GIAMWAZCAygBoQDRgGlANTAbQA24BugDggkEcABAAC4AKAAqABkADgAHgAQAAwgBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCQCGAIkAR0AlgCXAE0AKUAW4AwwBkADLAGyAO-AewB8QD7AP0AgEBFwEYgI0AjgBKQCggFPAKuAXMAxQBrADaQG4AbwA9AB8gEOgJEATEAmUBNgCdgFDgKRAU0AsUBaAC2AFyALvAXmAwYBhIDDYGRAZIAycBlwDOQGfANIgawBrIYA8AAYABYAFwAjABJACfAFQAVQAtgBiADeAKQAaUA1ADVAHEAS0ApYBsgDqAIbAReAkIBQ4CxAFxAMCAYeAxYBkYDQgG6BoD4AVgAuACGAGQAMsAbIA7AB-AEAAIKARgAp4BV4C0ALSAawA3gB1QD5AIdARUAkQBNgCdgFIgLkAYSAxgBk4DOQGeAM-EAHgADAALAAuADUAIwASQAngBVAC2AGIAN4ApABXADUAHEAPkAkQBLQClwG4AbwBDYCLwEhAKHAXEAwIBh4DFgGhAN0EQGAArACGAGQAMsAbIA7AB-AEAAIwAU8Aq4BrADqgHyAQ6AkQBNgCdgFIgLkAYSAycBnIDPhUBcACgAQwAmABcAEcAMsAdgBGACOAFXgLQAtIBvAEggJiATYAtgBcgC8wGRAM5AZ4Az4BuQoAoAGIATIApABlQDUANUAbQA4gByADwAIKAS0ApYB1QEegLEAYEAw8BmgDQgGvDACoANQAxACZAFIAMoAagA2gBxADkAHgAS0ApYBYgDqgI9AScAsQBeQDAgGHgNCGQFAAhgBMAEcAMsAdgA-wCMAEcAKuAVsA3gCYgE2ALRAWwAvMBkQDOQGeAM-HAXwABAAGAARAA4ADwALgAfABaADmAH4AggBGAC2AF0AL4AZAA0AB_AEIAJEAToApABZgC-AGWANKAagBqgDaAHEAOQAc4A6gB2ADuAHzAQABBYCDgIQAREAkQBLQCbQE-AT8ApYBUACsgFtAL1AYABgQDCAGZANYAa8A3gBx4DnAOkAdUA8gB8gEIAIbgQ-BEACIgEegJCgSsBK4CYgEygJtAUKApABSYCmAFTAKqgVsBXYCygFpALUAXFAugC6gF7AL6AYFAw8DEAGLAMhAZQAy8BoUDRQNGAaUA00BqYDXgG0ANsAbcOgrgALgAoACoAGQAOAAgABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AGIAMwAbwA5gB6gEMARMAlgCYAE0AKMAUoAsQBbwDCAMOAZABlADRAGyAN8Ad4A9oB9gH6AP-AiwCMAEcgJSAlQBQQCngFXALFAWgBaYC5gLqAXkAxQBtADcQHTAdQA9ACHQEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC2AFwALkAXaAu8BeYDBgGEgMNAYwAx4BkgDJwGVAMsAZcAzkBnwDRIGkAaSA0sBrADYyADUABAAQQAvgBoAD-AJEAUgAtwBfADLgGoAaoA2gBxADkAHOAOwAeABBQCfAFLAKyAWIAwABhADMgG8AOcAdUA7YCHwEegJCAScAlcBMQCbQFCgKQAUmArYBbQC6AF5AL2AYEAw8BmgDQgGigNKAamA2wBtxCBqAAsACgAGQAXAAxACGAEwAKoAXAAxABmADeAHoARwAsQBhADKAG-AO8AfYA_wCMAEcAJTAUEBQwCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAJsAU0AsUBaIC2AFwALkAXaAyIBk4DOQGeAM-AaIA0kBpYDgCQCYAAQABgAHAAXAByAFQAMgAbwBCACRAFJALkAvgBlgDSAGoANoAdwBAACEgEtAJ8AVAArIBrwDeAHVAPsAlYBNoCkwFlALSAXsAw8BiIDFgGlANyJQNQAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADMAG2AQwBEgCOAFGAKUAW4AwgBlADZAHeAPwAjABHACTgFPAKvAWgBaQC6gGKANwAdQA-QCHQEVAIvASIAmwBYoC2AF2gLzAZEAycBlgDOQGeAM-AaQA1gBwBQCUAAIAAwAFwAPgAtAByAD8AIwAVAArABfADIAG2AN4A5ACEAEcAJEATIAnQBSQC5AL4AZYA0gBqADXAG0AOIAc4A6gB3ADwAHyAQAAg4BCQCKgEiAJOAS0Am0BPgE_AKWAVkAsQBdQDAQGEAYoA14BvADqgHbAPIAfIA_4CPQExAJlATaApABTACpgFbAK7AWgAvIBfQDAgGHgMWAaIA0qBqQGpgNeAcEUggAALgAoACoAGQAOAAggBgAGMANAA1AB5AEMARAAmABPACkAFUALAAYgAzABzgEMARIAowBSgCxAFuAMIAZQA0QBsgDvgH2AfoBFgCMAEcAJTAUEBQwCrgFbALmAXkA2gBuAD0AIdAReAkQBNgCdgFDgLFAWwAuABcgC7QF5gMNAYwAyIBkgDJwGXAM5AZ4Az6BpAGkwNYA1kBsYA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4AD16FF3613F05218442CEDA2FC13C4E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ongoing phishing campaign can hack you even when you’re protected with MFA | Ars Technica

Page URL History Show full URLs

https://info.sysdig.com/MDY3LVFaVC04ODEAAAGF2qr5Nz6pacnGqFuQULuxUegtJyx-Oonulh1GEYw-uzJzJBp8MSU0HJM5... Page URL
https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

213
Requests

93 %
HTTPS

24 %
IPv6

39
Domains

66
Subdomains

58
IPs

7
Countries

19445 kB
Transfer

29650 kB
Size

29
Cookies

67 Outgoing links

These are links going to different origins than the main page.

URL: http://video.arstechnica.com/
Title: Videos

Search URL Search Domain Scan URL

URL: https://www.condenast.com/brands/ars-technica
Title: Advertise with Ars

Search URL Search Domain Scan URL

URL: https://cdn.arstechnica.net/wp-content/uploads/2022/07/multi-factor-authentication-mfa.jpeg
Title: Enlarge

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D1866290
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Ongoing+phishing+campaign+can+hack+you+even+when+you%E2%80%99re+protected+with+MFA&url=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D1866290
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D1866290&title=Ongoing+phishing+campaign+can+hack+you+even+when+you%E2%80%99re+protected+with+MFA
Title: Share on Reddit

Search URL Search Domain Scan URL

URL: https://cdn.arstechnica.net/wp-content/uploads/2022/07/cookie-interception.png

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2022/07/12/from-cookie-theft-to-bec-attackers-use-aitm-phishing-sites-as-entry-point-to-further-financial-fraud/
Title: blog post

Search URL Search Domain Scan URL

URL: https://cdn.arstechnica.net/wp-content/uploads/2022/07/phishing-bec-overview.png

Search URL Search Domain Scan URL

URL: https://cdn.arstechnica.net/wp-content/uploads/2022/07/sample-phishing-landing-page.png

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Signalling_System_No._7
Title: SS7 protocol

Search URL Search Domain Scan URL

URL: https://fidoalliance.org/
Title: FIDO Alliance

Search URL Search Domain Scan URL

URL: https://fidoalliance.org/how-fido-works/
Title: https://fidoalliance.org/how-fido-works/

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/blade-runner-game-director-louis-castle-extended-interview
Title: Blade Runner Game Director Louis Castle: Extended Interview

Search URL Search Domain Scan URL

URL: https://www.twitter.com/dangoodin001
Title: @dangoodin001

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario
Title: Unsolved Mysteries Of Quantum Leap With Donald P. Bellisario

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-unsolved-mysteries-of-warhammer-40k-with-author-dan-abnett
Title: Unsolved Mysteries Of Warhammer 40K With Author Dan Abnett

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/sitrep-f-16-replacement-search-a-signal-of-f-35-fail
Title: SITREP: F-16 replacement search a signal of F-35 fail?

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/sitrep-boeing-707
Title: Sitrep: Boeing 707

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/personal-history-steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube
Title: Steve Burke of GamersNexus Reacts To Their Top 1000 Comments On YouTube

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube
Title: Modern Vintage Gamer Reacts To His Top 1000 Comments On YouTube

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-the-nes-conquered-a-skeptical-america-in-1985
Title: How The NES Conquered A Skeptical America In 1985

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/scott-manley-reacts-to-his-top-1000-youtube-comments
Title: Scott Manley Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/how-immersive-stories-deepen-the-horror-of-games-like-soma-and-amnesiac-rebirth
Title: How Horror Works in Amnesia: Rebirth, Soma and Amnesia: The Dark Descent

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/lgrs-clint-basinger-reacts-to-his-top-1000-youtube-comments
Title: LGR's Clint Basinger Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/the-f-35-s-next-tech-upgrade
Title: The F-35's next tech upgrade

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-one-gameplay-decision-changed-diablo-forever
Title: How One Gameplay Decision Changed Diablo Forever

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-unsolved-mysteries-mortal-kombat
Title: Unsolved Mortal Kombat Mysteries With Dominic Cianciolo From NetherRealm Studios

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/us-navy-gets-an-italian-accent
Title: US Navy Gets an Italian Accent

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-amazons-undone-brought-dreams-to-life-through-rotoscope-and-oil-paints
Title: How Amazon’s “Undone” Animates Dreams With Rotoscoping And Oil Paints

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit
Title: Fighter Pilot Breaks Down Every Button in an F-15 Cockpit

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-nba-jam-became-a-billion-dollar-slam-dunk
Title: How NBA JAM Became A Billion-Dollar Slam Dunk

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/linus-tech-tips-reacts-to-his-top-1000-youtube-comments
Title: Linus "Tech Tips" Sebastian Reacts to His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-alan-wake-was-rebuilt-3-years-into-development
Title: How Alan Wake Was Rebuilt 3 Years Into Development

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-prince-of-persia-defeated-apple-ii-s-memory-limitations
Title: How Prince of Persia Defeated Apple II's Memory Limitations

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-crash-bandicoot-hacked-the-playstation-to-run
Title: How Crash Bandicoot Hacked The Original Playstation

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-myst
Title: Myst: The challenges of CD-ROM | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/markiplier-reacts-to-his-top-1000-youtube-comments
Title: Markiplier Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-the-evolution-of-oddworld-and-what-comes-next
Title: How Mind Control Saved Oddworld: Abe's Oddysee

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe
Title: Bioware answers unsolved mysteries of the Mass Effect universe

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-civilization
Title: Civilization: It's good to take turns | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/sitrep-dod-resets-ballistic-missile-interceptor-program
Title: SITREP: DOD Resets Ballistic Missile Interceptor program

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/warframe-s-rebecca-ford-reviews-your-characters
Title: Warframe's Rebecca Ford reviews your characters

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-subnautica
Title: Subnautica: A world without guns | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-slay-the-spire-war-stories
Title: How Slay the Spire’s Original Interface Almost Killed the Game | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-amnesia-the-dark-descent-the-horror-facade
Title: Amnesia: The Dark Descent - The horror facade | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-c-and-c-tiberian-sun
Title: Command & Conquer: Tiberian Sun | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-blade-runner-skinjobs-voxels-and-future-noir
Title: Blade Runner: Skinjobs, voxels, and future noir | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-dead-space-the-drag-tentacle
Title: Dead Space: The Drag Tentacle | War Stories

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/teach-the-controversy-flat-earthers
Title: Teach the Controversy: Flat Earthers

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-gets-a-crucial-green-light
Title: Delta V: The Burgeoning World of Small Rockets, Paul Allen's Huge Plane, and SpaceX Gets a Crucial Green-light

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/chris-hadfield-explains-his-space-oddity-video
Title: Chris Hadfield explains his 'Space Oddity' video

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/apollo-the-greatest-leap-episode-1-risk
Title: The Greatest Leap, Episode 1: Risk

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-ultima-online-the-virtual-ecology
Title: Ultima Online: The Virtual Ecology | War Stories

Search URL Search Domain Scan URL

URL: https://video.arstechnica.com/
Title: More videos

Search URL Search Domain Scan URL

URL: https://www.callofwar.com/?lp=62&L=0&r=94808&placement=$publisher_name$_$section_name$&c=00f811d0a507e6904ef4e1433f0692ae9d&obOrigUrl=true
Title: What if the Germans had crossed the Atlantic? This strategy game deals with alternative history Alternative WW2 Game

Search URL Search Domain Scan URL

URL: https://www.history-a2z.com/photos-of-the-old-wild-west-part2-de/?utm_medium=outbrain&utm_source=886&utm_campaign=220725113016051x0xchrome_007053588f8a4ac5569ee7eca1a914de05&utm_term=$origpubname$_$origsrcname$_$section_id$&utm_content=%5BGalerie%5D+Seltene+Fotos+zeigen+eine+dunklere+Seite+des+Wilden+Westens&cpc=$cpc$&obOrigUrl=true
Title: [Galerie] Seltene Fotos zeigen eine dunklere Seite des Wilden Westens HistoryA2Z

Search URL Search Domain Scan URL

URL: http://en.12up.com/view?id=genius-hotel-hacks-de-12u&src=outbrain&utm_source=outbrain&utm_medium=$section_id$&utm_campaign=00cfd851abc0357caf2c2e220450bc8f6a&utm_key=110&utm_content=009abed2719a94e32c2adc08d40e00d140&utm_term=12U_D_DE_genius-hotel-hacks-de-12u_danielled_w_286835151&guid=$ob_click_id$&omid=007ee6d9116285bf827794a6e9c9b1350b&obOrigUrl=true
Title: [Fotos] Deshalb sollten Sie ein Handtuch unter Ihre Hoteltür legen 12Up

Search URL Search Domain Scan URL

URL: https://rfvtgb.housediver.com/worldwide/golfer-ob-ge?utm_source=outbrainjk&utm_campaign=hd-golfer-bc1-win-gr-jn-24072d&utm_term=$section_name$&utm_medium=$section_id$&utm_bid=$cpc$&obOrigUrl=true
Title: [Bilder] 40 Fotos von Golf-Star Paige Spiranac Housediver

Search URL Search Domain Scan URL

URL: https://www.history-a2z.com/the-tallest-women-in-show-business-de/?utm_medium=outbrain&utm_source=886&utm_campaign=220724084015061x0xchrome_00a95cc35e93f2bd73aa43e8a45d477f93&utm_term=$origpubname$_$origsrcname$_$section_id$&utm_content=%5BGalerie%5D+Wussten+Sie%2C+dass+sie+so+gro%C3%9F+war%3F+Wir+hatten+keine+Ahnung&cpc=$cpc$&obOrigUrl=true
Title: [Galerie] Wussten Sie, dass sie so groß war? Wir hatten keine Ahnung HistoryA2Z

Search URL Search Domain Scan URL

URL: https://producthunter.club/ww-revolutionary-lung-cleaning-device/?ob_click_id=$ob_click_id$&campaign_id=004b9229bcd08bcc4130c158119436dcd7&publisher_id=$publisher_id$&publisher_name=$publisher_name$&ad_id=00587cba095ec8e2c2211e37cd4d36f09e&ad_title=Do+This+Now+to+Clear+Mucus+From+Lungs+%26+Airways&section_id=$section_id$&section_name=$section_name$&req_id=$req_id$&promoted_link_id=00587cba095ec8e2c2211e37cd4d36f09e&time_stamp=$time_stamp$&cpid=28b7a03d-6eeb-4ffc-b86c-629b52908bad&obOrigUrl=true
Title: Do This Now to Clear Mucus From Lungs & Airways Product Hunter

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: http://condenast.com/

Search URL Search Domain Scan URL

URL: https://www.condenast.com/user-agreement/
Title: User Agreement

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy/
Title: Privacy Policy and Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy/#california
Title: Your California Privacy Rights

Search URL Search Domain Scan URL

URL: https://www.condenast.com/online-behavioral-advertising-oba-and-how-to-opt-out-of-oba/#clickheretoreadmoreaboutonlinebehavioraladvertising(oba)
Title: Ad Choices

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.sysdig.com/MDY3LVFaVC04ODEAAAGF2qr5Nz6pacnGqFuQULuxUegtJyx-Oonulh1GEYw-uzJzJBp8MSU0HJM57YzKHElHEOMxef4= Page URL
https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 212

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1--- HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oAF3QZb0RJGqWMc01julZQ&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=oAF3QZb0RJGqWMc01julZQ

Request Chain 213

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/L3Tk-7i1FJvViD40v4LH8Mn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8684393549036524629

Request Chain 214

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vt-8Y-uPQRagtl-O030ycA&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vt-8Y-uPQRagtl-O030ycA

Request Chain 215

https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L63NWGOH-13-26UX&sigv=1&esig=2~19c3cf75b111962d14c7e43f386ff25d8dabb678&us_privacy=1---

Request Chain 216

https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzTldHT0gtMTMtMjZVWA==&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzTldHT0gtMTMtMjZVWA==&us_privacy=1---&google_tc=

Request Chain 217

https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L63NWGOH-13-26UX&us_privacy=1---

Request Chain 219

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjY2M2M0NWIxNDg3YzgwNWQ4N2Q4NzJlZjFiOWU4ODQwYThmYzU1Nw&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjY2M2M0NWIxNDg3YzgwNWQ4N2Q4NzJlZjFiOWU4ODQwYThmYzU1Nw&us_privacy=1---&google_tc=

213 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 302 MDY3LVFaVC04ODEAAAGF2qr5Nz6pacnGqFuQULuxUegtJyx-Oonulh1GEYw-uzJzJBp8MSU0HJM57YzKHElHEOMxef4=
info.sysdig.com/ 620 B
1 KB 342ms
295ms Document
text/html 104.17.72.206
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://info.sysdig.com/MDY3LVFaVC04ODEAAAGF2qr5Nz6pacnGqFuQULuxUegtJyx-Oonulh1GEYw-uzJzJBp8MSU0HJM57YzKHElHEOMxef4=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.17.72.206 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-XjHSB9VF/e2q6exHKFPBepn6Kos0iLBNeidhaGeLSmw=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, no-cache, no-store, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7315d493884a9c07-FRA
content-security-policy: default-src 'self'; img-src 'self';script-src 'self' 'sha256-XjHSB9VF/e2q6exHKFPBepn6Kos0iLBNeidhaGeLSmw=';object-src 'none';form-action:'none';frame-src:'none'
content-type: text/html;charset=UTF-8
date: Wed, 27 Jul 2022 13:48:02 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: strict-origin
server: cloudflare
x-frame-options: SAMEORIGIN
x-request-id: eda359f68da11b62

GET
H2 200 Primary Request / Show response
arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/ 54 KB
17 KB 450ms
185ms Document
text/html 3.137.38.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw

Requested by

Host: info.sysdig.com
URL: https://info.sysdig.com/MDY3LVFaVC04ODEAAAGF2qr5Nz6pacnGqFuQULuxUegtJyx-Oonulh1GEYw-uzJzJBp8MSU0HJM57YzKHElHEOMxef4=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.137.38.223 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-137-38-223.us-east-2.compute.amazonaws.com

Software

nginx/1.17.10 / PHP/7.3.33

Resource Hash

88fea091218e5019330acec0ff5633d1507a6f09231a53f168f23f05bbe02027

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://info.sysdig.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 27 Jul 2022 13:48:03 GMT
link: <https://arstechnica.com/wp-json/>; rel="https://api.w.org/"
server: nginx/1.17.10
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.3.33
x-xss-protection: 1; mode=block

GET
H2 200 main-c3a3431538.css
cdn.arstechnica.net/wp-content/themes/ars/assets/css/ 336 KB
71 KB 76ms
9ms Stylesheet
text/css 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 5c5dcbdd805b4603a4ac478d0e3966033767767309ac8eb2ddb6a1aea68ad2c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
x-cf3: M
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1646256689:cacheN.fra2-01:H
x-cf-reqid: 1cdb1c80fdf9bf0463242ef8a6d92034
content-length: 71971
x-cf-tsc: 1646256690
x-cf2: H
last-modified: Thu, 17 Feb 2022 13:41:20 GMT
server: CFS 0215
x-cff: B
etag: W/"620e5080-53f36"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
accept-ranges: bytes
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 21 KB
8 KB 50ms
18ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d06c1d1f95928227b923f8e2b201da367b26a9f30cce47c39eb994bdc1120eea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: UvnqSva0MME0cgsFLPtBgA==
age: 13357
vary: Accept-Encoding
content-length: 7093
x-ms-lease-status: unlocked
last-modified: Wed, 27 Jul 2022 06:16:17 GMT
server: cloudflare
etag: 0x8DA6F978409BF0F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8bd68976-901e-003e-6b87-a16ec7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7315d498abcd924d-FRA

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 50ms
19ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 10866
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ff08643f-901e-0035-0346-2876b3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 7315d498abd2924d-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 153ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f2f9a2b7ecc05cdfa873e8fb69f63feb67d0e12994cf8beb29022ec6b9e133f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28389
x-xss-protection: 0
server: sffe
etag: "1285 / 980 of 1000 / last-modified: 1658919872"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Jul 2022 13:48:03 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 140 KB
39 KB 90ms
8ms Script
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 27 Jul 2022 13:13:31 GMT
content-encoding: gzip
last-modified: Thu, 30 Jun 2022 20:51:38 GMT
server: AmazonS3
age: 2072
etag: W/"72916dde70b34122b394074010b382ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 490f651effcacfa7d80143d3047d794e.cloudfront.net (CloudFront), 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA56-P6
x-amz-cf-id: WVkP7ZN_9VWYZ3LyUDGVUfTkgXHOCANfwDjGNnsJGXf4t1xqkKJYSQ==

GET
H2 200 prebid.min.js Show response
cdn.arstechnica.net/cns/ 245 KB
74 KB 82ms
16ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1643b5fc5337d1652870dfdbf782494397703e94220d5d47830eb629c8266617

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
x-cf3: H
x-amz-request-id: TFA4GSGNZ74ZN1MP
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 321e62347b658d60c957f6694882350b
x-cache-hits: 1
content-length: 75426
x-amz-id-2: PZ0UfVglMnKFw0JGHVPX0Z9hifHapwsULBDSLxiI5BXKzevOPMReRIzTqVayLR1NoR3tVOBr72s=
x-served-by: cache-iad-kcgs7200097-IAD
cf4ttl: 117.500
x-cf2: H
last-modified: Mon, 18 Jul 2022 13:24:34 GMT
server: CFS 0215
x-timer: S1658929424.409171,VS0,VE1
x-cff: B
etag: "b0a8978d5c74889ea29c23b6c20c8b38"
vary: Accept-Encoding
x-amz-version-id: rey2CqLIKiAU_LWfwNnR2CY6Nmm5o0xZ
access-control-allow-origin: *
cache-control: max-age=120
cf4age: 19
accept-ranges: bytes
content-type: application/javascript
x-cf-tsc: 1658929440
expires: Wed, 27 Jul 2022 13:50:03 GMT

GET
H/1.1 200
OK 183973-93942139695505.js Show response
js-sec.indexww.com/ht/p/ 43 KB
15 KB 88ms
21ms Script
text/javascript 23.47.209.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.209.6 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 13:48:03 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Jul 2022 13:05:20 GMT
Server: Apache
ETag: "905101-ada8-5e4c911b93376"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1216
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 14812
Expires: Wed, 27 Jul 2022 14:08:19 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/condenastprebidheader987326845656/ 214 KB
75 KB 47ms
7ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7417f6c2a20566a922613e2df2fb61cb179039f9352294ea706a90b6471689fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 14:26:33 GMT
server: AmazonS3
x-amz-request-id: JN2XB7EH6CF86MGR
etag: "c8aab55b59df4f5f259067e8fe41ab0e"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=37963
accept-ranges: bytes
content-length: 76594
x-amz-id-2: iCSOdq2bAJVGG4ZmFqRBsd1Ylk4LqlCHkyW0B8IT0LBnUbKfdtBsn6AQdMnFmgyIa5fD9REnl+0=

GET
H2 200 ars-technica.min.js Show response
cdn.arstechnica.net/cns/ 116 KB
36 KB 74ms
8ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1658929419
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 83289b925ff981786913c6d685e87cbbf124a81c2a43e21d55d49d563fe9f498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
x-cf3: M
x-amz-request-id: TFAC3WC8HGZV9TR5
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 83f2bf5f557f702edeb378e194f90c6d
x-cache-hits: 0
content-length: 36633
x-amz-id-2: w46RhDTlpRJWtAXmZZpSzo/ZYy1EPqxbBt40WQCqziQfI7NP3yfR4nQD2syWewbXE0XUcJ33d7U=
x-served-by: cache-iad-kjyo7100090-IAD
cf4ttl: 43200.000
x-cf2: H
last-modified: Fri, 22 Jul 2022 15:04:19 GMT
server: CFS 0215
x-timer: S1658929420.193744,VS0,VE43
x-cff: B
etag: "dac81002701083bbe7621bf70681f911"
vary: Accept-Encoding
x-amz-version-id: giJ9mXvAriKtvmgLEpAmP0UpzIqKH7Py
access-control-allow-origin: *
cache-control: max-age=120
cf4age: 0
accept-ranges: bytes
content-type: application/javascript
x-cf-tsc: 1658929420
expires: Wed, 27 Jul 2022 13:50:03 GMT

GET
H2 200 ars-84a4ab0802.ads.us.js Show response
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 3 KB
1 KB 89ms
23ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/ars-84a4ab0802.ads.us.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 16708dda2536b4b3782313db4a6ec8456cd84da7ae0f56d7d2455e68fc9bc4f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 1520995e511ab3dad323eafd680ec049
content-length: 1143
x-cf-tsc: 1648023047
x-cf2: M
last-modified: Fri, 04 Mar 2022 15:05:09 GMT
server: CFS 0215
x-cff: B
etag: W/"62222aa5-bc0"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1606006
accept-ranges: bytes
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 465 KB
125 KB 128ms
46ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

562b053a38fb48f2605d87189ab764186a5bd3db1a776737cdbd313bafceaca9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127368
x-xss-protection: 0
last-modified: Wed, 27 Jul 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 27 Jul 2022 13:48:03 GMT

GET
H2 200 b10882a1-8446-4e7d-bfb2-ce2c770ad910.json Show response
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/ 4 KB
2 KB 60ms
29ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/b10882a1-8446-4e7d-bfb2-ce2c770ad910.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a24534ed328a0ae9e4f094e9224475c7e4d0cced0f58f09865d05eb7aee2967b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zpr6/DSJQ0nTEKBJnSM3tg==
age: 4251
vary: Accept-Encoding
content-length: 1644
x-ms-lease-status: unlocked
last-modified: Fri, 01 Jul 2022 21:52:21 GMT
server: cloudflare
etag: 0x8DA5BABFA139F49
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 0e294ff1-301e-0077-20a3-8d5da7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7315d4993d009be6-FRA
expires: Wed, 27 Jul 2022 17:48:03 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 191 B
396 B 61ms
26ms Script
text/javascript 2606:4700:4400::ac40:929e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd429b95adc1755ffb3f7d831ac7e33dad31379239750f32c49c98f7019e45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 7315d4998a139235-FRA

GET
H/1.1 200
OK condenast-amp Show response
segment-data.zqtk.net/ 51 B
380 B 104ms
28ms XHR
application/javascript 54.73.179.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://segment-data.zqtk.net/condenast-amp?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1658929419
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.73.179.32 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-73-179-32.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cd216bc5cece19866e688ce56e5c5243f32241dfc9cd4045d393f4f111f9333e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 13:48:03 GMT
Server: nginx
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: max-age=30
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 51
Expires: Wed, 27 Jul 2022 13:48:33 GMT

GET
H2 200 ads.js Show response
arstechnica.com/hotzones/src/ 0
495 B 113ms
113ms XHR
application/javascript 3.137.38.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arstechnica.com/hotzones/src/ads.js

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1658929419

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.137.38.223 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-137-38-223.us-east-2.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 Jul 2022 19:45:48 GMT
server: nginx/1.17.10
etag: "62c737ec-0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 357 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 economica-bold-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 25 KB
25 KB 25ms
9ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-bold-otf-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 3a15079dbb2e72fa5ad3930198e0af0e
content-length: 25592
x-cf-tsc: 1648023050
x-cf2: H
last-modified: Fri, 04 Mar 2022 15:05:09 GMT
server: CFS 0215
x-cff: B
etag: "62222aa5-63f8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1603660
accept-ranges: bytes
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 economica-regular-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 24 KB
24 KB 24ms
8ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-regular-otf-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: ceb2accab0dde275aeac9cb821f59721
content-length: 24264
x-cf-tsc: 1648023050
x-cf2: H
last-modified: Fri, 04 Mar 2022 15:05:09 GMT
server: CFS 0215
x-cff: B
etag: "62222aa5-5ec8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1603660
accept-ranges: bytes
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 182 B
462 B 53ms
31ms XHR
application/json 2606:4700:4400::ac40:929e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 7315d499bd255c02-FRA
access-control-allow-headers: Content-Type

GET
H2 200 multi-factor-authentication-mfa-800x546.jpeg
cdn.arstechnica.net/wp-content/uploads/2022/07/ 77 KB
78 KB 10ms
9ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2022/07/multi-factor-authentication-mfa-800x546.jpeg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 47466887ca673b75f0eea095a47547991308576915e171f13878cb652a588d77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-cf3: H
x-amz-request-id: 4YW2DEARAS2AYGB2
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:M
x-cf-reqid: 9be185c36b79bc0106ff05dc4587c7a3
x-amz-replication-status: COMPLETED
content-length: 78988
x-amz-id-2: VtLY9up5RHF3ooQkAvfB2xmlEMCN2xAHl+xbBHtywyBwws43JCI98+dghusvX3XN9ESeQ3dBfxg=
x-cf-tsc: 1658908615
cf4ttl: 43200.000
x-cf2: H
last-modified: Tue, 12 Jul 2022 21:42:05 GMT
server: CFS 0215
x-cff: B
etag: "3d853c925fdad56579d3b19c654e94c5"
x-amz-version-id: 0Sd542vt_O7KHbMYfssv2dXtF3G3ztUG
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1241909
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 cookie-interception-640x345.png
cdn.arstechnica.net/wp-content/uploads/2022/07/ 70 KB
71 KB 10ms
8ms Image
image/png 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2022/07/cookie-interception-640x345.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 67c228ab9b3e44a43f71193bd03d9264ea0b274bfc7ecb38588a882981439d87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-cf3: H
x-amz-request-id: 6RRRJEACVG33QN3Y
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:M
x-cf-reqid: 980805a1431c382c397b5c5c636feb24
x-amz-replication-status: COMPLETED
content-length: 71774
x-amz-id-2: yBGvi6du2JCeo9n5CCwlcXw8ZyFPUD/vuzFFYZCZiv+4dwdHOHnbIMrw3EUvep8/kaSFoVzaCHg=
x-cf-tsc: 1658908615
cf4ttl: 43200.000
x-cf2: H
last-modified: Tue, 12 Jul 2022 21:45:08 GMT
server: CFS 0215
x-cff: B
etag: "8b3e5f7fb71a67f68111fc47e28dd11f"
x-amz-version-id: 9Mbxkv05jJQW86JJuWdouA0nNUNgD5nx
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1241885
accept-ranges: bytes
content-type: image/png
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 phishing-bec-overview-640x370.png
cdn.arstechnica.net/wp-content/uploads/2022/07/ 80 KB
80 KB 10ms
10ms Image
image/png 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2022/07/phishing-bec-overview-640x370.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: f89a6648d40aecbfe8675fa1e98a1e4be29368ca79d8534c8d1ab9f493bddee9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-cf3: M
x-amz-request-id: 6RRP7VCSH0MFT95F
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:M
x-cf-reqid: e1aa36a1428df41eb977e85265bace94
x-amz-replication-status: COMPLETED
content-length: 81472
x-amz-id-2: MYjVQGHHY4qAy+0d3vf2eDkpnV+nH+q5KQvvg8hwEGPv1qilffYmZAASx65zjk7+43OMWSe7vcQ=
x-cf-tsc: 1658919316
cf4ttl: 43200.000
x-cf2: H
last-modified: Tue, 12 Jul 2022 21:42:54 GMT
server: CFS 0215
x-cff: B
etag: "3854e11a3f3f92a97e257f9fff4cae55"
x-amz-version-id: kcTF7SMr2HW600Frexq1rNB77O9ae58.
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1252586
accept-ranges: bytes
content-type: image/png
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 sample-phishing-landing-page-640x481.png
cdn.arstechnica.net/wp-content/uploads/2022/07/ 80 KB
80 KB 10ms
9ms Image
image/png 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2022/07/sample-phishing-landing-page-640x481.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1f29817f97888d4bb5901bdab8f3e9edfedcdcf11839c27100870e2116480b83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-cf3: H
x-amz-request-id: 8JXKT57V6T0VVV2K
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:M
x-cf-reqid: 439f547ad004ee3823698df61cf62813
x-amz-replication-status: COMPLETED
content-length: 81784
x-amz-id-2: 86Yaiv1+aFUrHklFxILRyhCcunVFeBsGyAnZPZzixM38GG2fSyfRpnHaYU/iqZX9zd/eMcDVfNA=
x-cf-tsc: 1658908616
cf4ttl: 43200.000
x-cf2: H
last-modified: Tue, 12 Jul 2022 21:46:14 GMT
server: CFS 0215
x-cff: B
etag: "14e6bcfc46ec69a7430a5999bae9ed6b"
x-amz-version-id: .ghwhx_I7ftymYutUEFclROX08dCr4BJ
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1241885
accept-ranges: bytes
content-type: image/png
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
DATA 200
OK truncated
/ 279 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 400 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 700 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 fingerprint-authentication-360x200.jpeg
cdn.arstechnica.net/wp-content/uploads/2022/05/ 21 KB
22 KB 16ms
8ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2022/05/fingerprint-authentication-360x200.jpeg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 628d7e02da9f8f5036979245b1d290b93a5ebe02120dfab845a924a08301c590

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-cf3: H
x-amz-request-id: 8KDTX3XX0KKF101P
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:M
x-cf-reqid: 1da984dc74276f0960573e7329286386
x-amz-replication-status: COMPLETED
content-length: 21639
x-amz-id-2: O3F26zzLhl3MmDMatt1rm94s5tSHNLEvQQR2Y/KUDv4LbDllhU5x6KjEDYItDe/I2Lb9FHiiVT0=
x-cf-tsc: 1658897511
cf4ttl: 43200.000
x-cf2: H
last-modified: Fri, 06 May 2022 17:53:44 GMT
server: CFS 0215
x-cff: B
etag: "954a4b12f206fb9c6a547600ee8ac0cd"
x-amz-version-id: F7glCg3cddBH9H.2hicmtvc22YKItyo2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 2083005
accept-ranges: bytes
content-type: image/jpeg
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 bitter-italic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 24 KB
24 KB 20ms
12ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-italic-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 303a1e92bc745e0dae279f84d10a9654
content-length: 24212
x-cf-tsc: 1648023055
x-cf2: H
last-modified: Fri, 04 Mar 2022 15:05:09 GMT
server: CFS 0215
x-cff: B
etag: "62222aa5-5e94"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1603665
accept-ranges: bytes
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 bitter-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 22 KB
23 KB 18ms
10ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-regular-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 7e2e3112a312df8611d523ca0c3a2127
content-length: 22872
x-cf-tsc: 1648023055
x-cf2: H
last-modified: Fri, 04 Mar 2022 15:05:09 GMT
server: CFS 0215
x-cff: B
etag: "62222aa5-5958"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1603665
accept-ranges: bytes
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 opensans-semibold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 19 KB
19 KB 19ms
11ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: f6934ebc36671ade3ecaab6f6fdd6738
content-length: 18972
x-cf-tsc: 1648023055
x-cf2: H
last-modified: Fri, 04 Mar 2022 15:05:09 GMT
server: CFS 0215
x-cff: B
etag: "62222aa5-4a1c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1603481
accept-ranges: bytes
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 opensans-semibolditalic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 20 KB
21 KB 25ms
17ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibolditalic-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: e8b191b3fc655f796f41c496c85d0ea4
content-length: 20872
x-cf-tsc: 1653872061
x-cf2: H
last-modified: Tue, 24 May 2022 19:54:56 GMT
server: CFS 0215
x-cff: B
etag: "628d3810-5188"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 421765
accept-ranges: bytes
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 opensans-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 18 KB
19 KB 24ms
17ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-regular-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: aef97007e9632a5fe8de49c579d9063e
content-length: 18824
x-cf-tsc: 1648023055
x-cf2: H
last-modified: Fri, 04 Mar 2022 15:05:09 GMT
server: CFS 0215
x-cff: B
etag: "62222aa5-4988"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1603665
accept-ranges: bytes
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 203 KB
70 KB 69ms
7ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b797b3d3b0ede0512bbec2a5fcf5275ff9d0ab143319a40141750dc397be71c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
last-modified: Mon, 25 Jul 2022 11:07:56 GMT
etag: "15-zmnYA1o2sK3HTN/pRUjWT53h+R0"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: a3410bfcd801beb0b84c04b74ba95ba3
timing-allow-origin: *, *
content-length: 71651

GET
H2 200 main-a3cc766e23.js Show response
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 651 KB
212 KB 12ms
9ms Script
application/javascript 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-a3cc766e23.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 6005db7d329c98155b90076de0c9a68cf7316a51883ba92f78d3953ae6e1557b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 033e13fd1a8a2f04ed3c55a501f342b5
content-length: 216104
x-cf-tsc: 1653423970
x-cf2: H
last-modified: Tue, 24 May 2022 19:54:56 GMT
server: CFS 0215
x-cff: B
etag: W/"628d3810-a2a00"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1
accept-ranges: bytes
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 conde-asa-polar-master.js Show response
cdn.mediavoice.com/nativeads/script/condenastcorporate/ 5 KB
2 KB 99ms
48ms Script
text/javascript 2606:4700::6813:d983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 11763
cf-ray: 7315d49a2b258fd1-FRA
cf-ipcountry: DE
content-length: 2018
via: 1.1 varnish
last-modified: Wed, 27 Jul 2022 08:45:07 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 2075863788
x-country: DE
cache-control: max-age=21600
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 100098X1555750.skimlinks.js Show response
s.skimresources.com/js/ 35 KB
14 KB 111ms
19ms Script
application/octet-stream 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efc6b995a3b037727a4c8e7fe1756c192099f9658c4091ee55c61d3ba85e3920

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
last-modified: Tue, 15 Mar 2022 10:52:15 GMT
server: AmazonS3
x-amz-request-id: XGRFW2JJDCPBV9MJ
etag: "cd1919c614b1a51b072d5182dda15928"
x-hw: 1658929683.cds095.am5.hn,1658929683.cds272.am5.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13792
x-amz-id-2: NXNBqIHLiTIt9/TpUqz2olTcI91cNDAc56A98FUkCdgwfqR6Fs7v62iT6YiqAtviQvXNRuCwqvU=

GET
DATA 200
OK truncated
/ 841 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Dang.jpg
cdn.arstechnica.net/wp-content/uploads/2018/10/ 90 KB
91 KB 10ms
8ms Image
image/jpeg 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2018/10/Dang.jpg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: e0c6c856a1c46d837f15237c0e55efff
content-length: 92486
x-amz-request-id: Y9WXECG8Y6K25WKV
x-amz-id-2: OBqVTLOdERajgj7Zs7UvvbYPMxLrmBcsPqp0JKeoHAIAREGIqgBiGKokKq1cWTnVCXH5ognbVkA=
x-cf-tsc: 1658778517
x-cf2: H
last-modified: Sat, 21 Dec 2019 01:48:48 GMT
server: CFS 0215
x-cff: B
etag: "03e5fec9e7ca5f8064d945bd791bd4c3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 42049
x-amz-version-id: null
accept-ranges: bytes
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 channel-ars-be7bb52ba9.png
cdn.arstechnica.net/wp-content/themes/ars/assets/img/ 5 KB
5 KB 11ms
9ms Image
image/png 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/channel-ars-be7bb52ba9.png
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: b961cc4732fbe570d2aea95145d493d0
content-length: 4809
x-cf-tsc: 1656994603
x-cf2: H
last-modified: Wed, 08 Jun 2022 16:28:51 GMT
server: CFS 0215
x-cff: B
etag: "62a0ce43-12c9"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 2271431
accept-ranges: bytes
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 bitter-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 22 KB
22 KB 10ms
9ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-bold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: fc903c2d60e7febfcb374a4d3c50c44a
content-length: 22104
x-cf-tsc: 1648023055
x-cf2: H
last-modified: Fri, 04 Mar 2022 15:05:09 GMT
server: CFS 0215
x-cff: B
etag: "62222aa5-5658"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1603481
accept-ranges: bytes
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 opensans-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 19 KB
19 KB 11ms
10ms Font
font/woff2 205.234.175.175
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-bold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cf-reqid: 742d3dc9e591b71268a24bd76e9b47a4
content-length: 19516
x-cf-tsc: 1648023055
x-cf2: H
last-modified: Fri, 04 Mar 2022 15:05:09 GMT
server: CFS 0215
x-cff: B
etag: "62222aa5-4c3c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 1596259
accept-ranges: bytes
expires: Wed, 21 Sep 2022 13:48:03 GMT

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.35.0/ 360 KB
85 KB 15ms
14ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bDp57sS049dDkRqCL4m53Q==
age: 13345
vary: Accept-Encoding
content-length: 87115
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:21:06 GMT
server: cloudflare
etag: 0x8DA4784BD4AE529
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 74e8856d-c01e-0004-086f-792d64000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7315d49a2e4c924d-FRA

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 802 B
1 KB 10ms
10ms XHR
application/json 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3035&u=https%3A%2F%2Farstechnica.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 18ff9f7031a6474c6567199041c377bcc5d565ce35d6261269d81beb4ed6fb75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 07:55:16 GMT
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
server: Server
age: 21167
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://arstechnica.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-P6
content-length: 802
x-amz-cf-id: qOGU50bu26kzFKp1ufb9GbjQhYOFYmZDx59xKnKawCqMdiqwEDZKfw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 25ms
7ms XHR
application/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-4-10.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: ohN.Ia8q4H3SKA9S.12ooUiZoNn.3Gnl
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 36059
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 29 Jun 2022 23:14:57 GMT
server: AmazonS3
date: Wed, 27 Jul 2022 09:04:16 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-P6
x-amz-cf-id: NDRdRzaPGFIPHiMWrj-Yk_b3CfVb6tu51xy1O9knsnefdPXggc3UbA==

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 389 B
563 B 290ms
51ms Script
text/html 52.17.229.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CM%24%3D!!tTm7j3Mufy%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-uNhnW%2BgiY9PHPf0uHVjPGlx1P1tMeAYh8VJoiwm1U%2F9KTOa5pbr0xUE%3D&rs=1-ww2rgEk%2F0rYACQ%3D%3D&sc=1&os=1-CA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&pcode=condenastprebidheader987326845656&rx=828878344146&callback=MoatNadoAllJsonpRequest_73497217
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.229.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-229-209.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 12e636f02bc44a5f9b63a780dc0f86e4b017de4fcd39107ed46a64f7e2537aea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "990d432ea41140e05b17ff274e140b731e535c0f"
content-length: 389
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK video_groups Show response
api.cnevids.com/v1/ 4 KB
1 KB 426ms
98ms XHR
application/json 52.6.23.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cnevids.com/v1/video_groups?filters={%22channel_key%22:%22arstechnica%22}&pagesize=20&endpoint=oo.arstechnica

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-a3cc766e23.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.23.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-23-250.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

cb52c9b5c6b4f30eb9580d4414ecd97d408ffb0579fc9792f379da7e9e43221c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/*
Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 13:48:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 658
X-XSS-Protection: 1; mode=block
X-Request-Id: 8bdad174-3dc5-4983-aedb-b2a30c1ad782
X-Runtime: 0.001791
X-Backend-Node: 10.110.12.4
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
X-Frame-Options: SAMEORIGIN
ETag: W/"4c06e79798545bd7d402f2778a242a74"
X-Download-Options: noopen
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate

GET
H2 200 pubads_impl_2022071801.js Show response
securepubads.g.doubleclick.net/gpt/ 377 KB
129 KB 121ms
32ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

6f761aab3bf051efa97b8361efb44ec6aeab54bbdd9605bf673c401164fc9a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:29:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1093
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131644
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 08:35:47 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 27 Jul 2023 13:29:50 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 176 B
751 B 129ms
41ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=arstechnica.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

73c4228fa5b38d181899fbb43d408ac2138b29bfef6260136f66d926723d84d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115
x-xss-protection: 0
expires: Wed, 27 Jul 2022 13:48:03 GMT

GET
H2 200 memo.js Show response
cdn.memo.co/js/ 21 KB
7 KB 163ms
108ms Script
application/javascript 13.32.121.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.memo.co/js/memo.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-106.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4d7b91ed4a7804e22b94e4873af273def73469e80b740bd9787e287003058868

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: dIwRVCKiXrZkA8Vq0TRLD0Yyqjiw5iXT
content-encoding: gzip
etag: W/"09a117df3977ec5a869191fcea2ac408"
last-modified: Wed, 04 May 2022 18:49:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=utf-8
via: 1.1 d7433132a7c6595c9aab2dc2272e7060.cloudfront.net (CloudFront)
cache-control: no-cache
date: Wed, 27 Jul 2022 13:48:04 GMT
x-amz-cf-id: VK_cZSOUk8ZXMbihQfElGiwe1CluNw-rwSSlWiMNg71ltxKENFfjEQ==

GET
H/1.1 200
OK arstechnica.js Show response
player.cnevids.com/interlude/ 108 KB
27 KB 104ms
10ms Script
text/javascript 18.66.97.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/interlude/arstechnica.js?isRightRail=true

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-74.fra56.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

fe211d4793b0750c00caa91f8306bbe59e26e0d5d02b3bf3e0d687d5deb81a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 13:48:03 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA56-P2
X-Cache: Hit from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 27017
X-XSS-Protection: 1; mode=block
X-Request-Id: 68df1434-0f2c-4e86-be80-879efa6e7076
X-Runtime: 0.009115
X-Backend-Node: 10.110.10.54
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"1105383bdbf9250ed752225bfd3c5274"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Id: RzYNXMw4v4I1J43aYO5MP8t6aeHBs-crSr6VSsZgNp-0etWstayTng==

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 109 KB
37 KB 42ms
8ms Script
application/x-javascript 108.138.7.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: info.sysdig.com
URL: https://info.sysdig.com/MDY3LVFaVC04ODEAAAGF2qr5Nz6pacnGqFuQULuxUegtJyx-Oonulh1GEYw-uzJzJBp8MSU0HJM57YzKHElHEOMxef4=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-78.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 06:24:49 GMT
content-encoding: gzip
age: 26595
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:598424ed-c6de-48e8-8068-45662e39c3ce
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-sha256: 57180e34d853b9e6be67670dae22a049fb237e6bca37c60f7ba138272a8487cc
x-amz-meta-codebuild-content-md5: 58acf9e97c03c481f490be71338f7f57
last-modified: Tue, 17 May 2022 11:35:33 GMT
server: AmazonS3
etag: W/"148e21f812b555a13b2a9c6b616141f4"
vary: Accept-Encoding
x-amz-version-id: qhkEQKrW4Gg_gxbK41emvSsDXWYdvDMl
via: 1.1 0ece2d48b2ca1badca11fa675b7785ea.cloudfront.net (CloudFront)
cache-control: must-revalidate,public,max-age=86400
x-amz-cf-pop: FRA56-P6
content-type: application/x-javascript
x-amz-cf-id: b-KRylXt4pKDwnOmC7bpNH0zWBHAzC0fIrnfWpv0ZEAgOdjjZUSMzA==

POST
H2 200 / Show response
r.skimresources.com/api/ 165 B
383 B 58ms
21ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

1a212d8b4ae393bdbde7ca286b6998cc9ca52636b1f46f5ca439e92707cfb79a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://arstechnica.com
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via: 1.1 google

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame FECC 0
134 B 143ms
47ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.5032440172217951
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
276 B 150ms
19ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=4.586568335684312
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 151ms
20ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=4.586568335684312
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
content-type: image/gif

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/4358ff0f-2a02-4763-aae1-769adf1f328a/ 221 KB
36 KB 21ms
20ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/4358ff0f-2a02-4763-aae1-769adf1f328a/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e8cee856a0b21bdd96a2ee67f69f5069328896682b8c293197c374c051df06e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: zezbQFqPIx5NEwuD/ujnYg==
age: 3457
vary: Accept-Encoding
content-length: 36594
x-ms-lease-status: unlocked
last-modified: Fri, 01 Jul 2022 21:53:10 GMT
server: cloudflare
etag: 0x8DA5BAC170FB6BC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 3b613b6f-a01e-00f1-29a5-8d0975000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7315d49b99959be6-FRA
expires: Wed, 27 Jul 2022 17:48:03 GMT

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 326 KB
46 KB 22ms
22ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5d66b4370c15f415951a8572980b216ebec4308d6de3c51f0f289f5a13e01426

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uCoZFg2/5Pu1JDx/zLTXiA==
age: 13563
vary: Accept-Encoding
content-length: 47337
x-ms-lease-status: unlocked
last-modified: Wed, 27 Jul 2022 08:09:16 GMT
server: cloudflare
etag: 0x8DA6FA74CD29420
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 97d433ea-201e-008d-6490-a19440000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7315d49b999c9be6-FRA

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/6.35.0/ 68 KB
15 KB 17ms
16ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: h9906B8X4UODtkG9gxLmLQ==
age: 6387
vary: Accept-Encoding
content-length: 15011
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:21:04 GMT
server: cloudflare
etag: 0x8DA4784BC25C71C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8347cf45-b01e-006d-5c79-7972c8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7315d49b98c7924d-FRA

GET
H/1.1 200
OK YXJzdGVjaG5pY2EuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 79ms
6ms XHR
application/json 23.35.229.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/YXJzdGVjaG5pY2EuY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-181.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 13:48:03 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=21889
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 3ecb041dbb3bf0ab673ef51f1ae3f597
Content-Length: 16
Expires: Wed, 27 Jul 2022 19:52:52 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 22ms
7ms Image
image/gif 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Fri, 26 Aug 2022 13:48:03 GMT

GET
H2 200 plugin.js Show response
plugin.mediavoice.com/ 367 KB
137 KB 41ms
24ms Script
application/javascript 2606:4700::6813:d983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.mediavoice.com/plugin.js
Requested by: Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:d983 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cf7b1e98a88a1cff624cff6b252912d63ee6d9d20d8493f63511df44ec7cfdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 25973
content-type: application/javascript
content-length: 139721
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Tue, 12 Jul 2022 18:30:03 GMT
server: cloudflare
etag: W/"62cdbdab-5bd9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-varnish: 2459882215 2459712072
via: 1.1 varnish
cache-control: max-age=43200
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7315d49c0ced8fd1-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Wed, 27 Jul 2022 10:27:51 GMT

GET
H2 200 condenastcorporate Show response
polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/ 208 B
502 B 83ms
34ms XHR
application/json 2606:4700::6811:4132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/condenastcorporate
Requested by: Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc40a5096530714279199bd98ffbe44f3108bf9dd183ec74d85f69705d86e25

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 27 Jul 2022 13:48:03 GMT
content-encoding: gzip
server: cloudflare
etag: W/"f3cb63b5151ee861d177a2136e7d9989"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Country, CF-Ray
cache-control: max-age=3600
x-country: DE
cf-ray: 7315d49c3a9d9960-FRA

GET
H2 200 v2 Show response
z-na.associates-amazon.com/onetag/ 11 KB
4 KB 273ms
18ms Script
text/javascript 18.66.16.40
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.16.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-16-40.vie50.r.cloudfront.net
Software: Server /
Resource Hash: 7475f5c70d3b6020b6f4621b2e69fba3360bea00a913e60b085af165b93842ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 04:04:04 GMT
content-encoding: gzip
accept-charset: UTF-8
server: Server
age: 35040
x-amz-rid: D15HD9NGW77KD6JJPPNJ
vary: accept-encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
permissions-policy: interest-cohort=()
x-amz-cf-pop: VIE50-P1
x-amz-cf-id: aMjwUuxpkLhnpCXIgKC3_Wy4yhq4jKvhtEzK5nqtzE7aAhOHzTRq_Q==
via: 1.1 75373f3f77c169166bbce98d302dff7c.cloudfront.net (CloudFront)

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
592 B 38ms
7ms Fetch
application/json 13.32.99.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-122.fra60.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 02:04:17 GMT
via: 1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront), 1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
age: 42226
x-amzn-requestid: 7efb432d-1f28-4ab5-9ccb-0af799dd8f09
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62e09d21-15f84eb717265854268e295e;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA60-P3
x-amz-apigw-id: V519QGsXDoEFyYQ=
content-length: 30
x-amz-cf-id: Vw3kZ6Y19JnzSpVdKsO-iSpoZl3n6m3_7h65dld5HHCHcu33eW9nLQ==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H/1.1 200
OK recommendations Show response
api.condenast.io/v1/ 16 KB
6 KB 260ms
219ms Fetch
application/json 151.101.192.239
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.condenast.io/v1/recommendations?applicationID=cne-interlude-arstechnica&brand=arstechnica&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F&filter%5Bstrategy%5D=POPULAR&filter%5BcontentType%5D=CNEVIDEO&filter%5Blanguage%5D=en-US&page%5Bsize%5D=5
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/interlude/arstechnica.js?isRightRail=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.192.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 91c268055ba30ca9617dcc2eee4de29096780704959d6d14e7b56380a0124a97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 13:48:04 GMT
content-encoding: gzip
X-Backend: 2SrKDXXFWNz87LdtRpzPzK--F_api_eu_central_1_condenast_io
access-control-allow-origin: https://arstechnica.com
transfer-encoding: chunked
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-hhn4058-HHN
Server: nginx/1.15.8
X-Timer: S1658929684.948189,VS0,VE204
Vary: origin,accept-encoding, Accept-Encoding, Origin
Content-Type: application/json;charset=utf-8
Via: 1.1 varnish
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: private, max-age=0
access-control-allow-credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
166 B 352ms
126ms XHR
application/json 3.219.23.242
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=CONDENAST&sv_domain=arstechnica.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.219.23.242 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-219-23-242.compute-1.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://arstechnica.com
date: Wed, 27 Jul 2022 13:48:04 GMT
access-control-allow-credentials: true
server: nginx/1.20.2
content-length: 2
vary: Origin
content-type: application/json

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.35.0/assets/ 9 KB
3 KB 22ms
20ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1da25cf82f065474aadce40a8c7369f6df48e1847cb95c21bd9083488eff7390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 13:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: fTgzYGTDokH8tdiAiskzEg==
age: 6443
vary: Accept-Encoding
content-length: 2585
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:20:57 GMT
server: cloudflare
etag: 0x8DA4784B80C618C
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: ab71653d-001e-009a-438a-795423000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 7315d49d1c979be6-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.35.0/assets/ 21 KB
4 KB 23ms
22ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.35.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 27 Jul 2022 13:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
age: 4850
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Mon, 06 Jun 2022 06:21:12 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 53a4d8f1-301e-005e-768a-792be5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 7315d49d1c9b9be6-FRA

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
339 B 45ms
41ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 13:48:04 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://arstechnica.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

POST
H2 200 link Show response
t.skimresources.com/api/v2/ 22 B
114 B 62ms
60ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/link

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 13:48:04 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://arstechnica.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
warning: 299 - "Deprecated API"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22

GET
H2 200 get Show response
odb.outbrain.com/utils/ 80 KB
35 KB 322ms
229ms Script
text/javascript 199.232.18.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F&srcUrl=http%3A%2F%2Ffeeds.arstechnica.com%2Farstechnica%2Findex%2F&idx=0&rand=96398&key=NANOWDGT01&widgetJSId=AR_14&va=true&et=true&format=html&adblck=false&abwl=false&px=190&py=6146&vpd=4946&activeTab=true&darkMode=false&ab=0&wl=0&settings=true&recs=true&version=2000831&sig=NFJBiwD7&apv=false&false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cnsntv2=CPcxQAAPcxQAAAcABBENCZCgAAAAAAAAAChQAAAAAAJBAHIAAgADQAOAA8AC4AHwAWgA-ACMAEkALYAYgA_gCRAFcAL4AagA2gBxADkAHOAOoAfIA_wCBgEHAJEAT8AoYBSwDCAHVAQ2Ah8BF4CPQEhAJWATaAsIBcQC6AF1ALtAXkAwKBh4GIAMWAZCAygBoQDRgGlANTAbQA24BugDggkEcABAAC4AKAAqABkADgAHgAQAAwgBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCQCGAIkAR0AlgCXAE0AKUAW4AwwBkADLAGyAO-AewB8QD7AP0AgEBFwEYgI0AjgBKQCggFPAKuAXMAxQBrADaQG4AbwA9AB8gEOgJEATEAmUBNgCdgFDgKRAU0AsUBaAC2AFyALvAXmAwYBhIDDYGRAZIAycBlwDOQGfANIgawBrIYA8AAYABYAFwAjABJACfAFQAVQAtgBiADeAKQAaUA1ADVAHEAS0ApYBsgDqAIbAReAkIBQ4CxAFxAMCAYeAxYBkYDQgG6BoD4AVgAuACGAGQAMsAbIA7AB-AEAAIKARgAp4BV4C0ALSAawA3gB1QD5AIdARUAkQBNgCdgFIgLkAYSAxgBk4DOQGeAM-EAHgADAALAAuADUAIwASQAngBVAC2AGIAN4ApABXADUAHEAPkAkQBLQClwG4AbwBDYCLwEhAKHAXEAwIBh4DFgGhAN0EQGAArACGAGQAMsAbIA7AB-AEAAIwAU8Aq4BrADqgHyAQ6AkQBNgCdgFIgLkAYSAycBnIDPhUBcACgAQwAmABcAEcAMsAdgBGACOAFXgLQAtIBvAEggJiATYAtgBcgC8wGRAM5AZ4Az4BuQoAoAGIATIApABlQDUANUAbQA4gByADwAIKAS0ApYB1QEegLEAYEAw8BmgDQgGvDACoANQAxACZAFIAMoAagA2gBxADkAHgAS0ApYBYgDqgI9AScAsQBeQDAgGHgNCGQFAAhgBMAEcAMsAdgA-wCMAEcAKuAVsA3gCYgE2ALRAWwAvMBkQDOQGeAM-HAXwABAAGAARAA4ADwALgAfABaADmAH4AggBGAC2AF0AL4AZAA0AB_AEIAJEAToApABZgC-AGWANKAagBqgDaAHEAOQAc4A6gB2ADuAHzAQABBYCDgIQAREAkQBLQCbQE-AT8ApYBUACsgFtAL1AYABgQDCAGZANYAa8A3gBx4DnAOkAdUA8gB8gEIAIbgQ-BEACIgEegJCgSsBK4CYgEygJtAUKApABSYCmAFTAKqgVsBXYCygFpALUAXFAugC6gF7AL6AYFAw8DEAGLAMhAZQAy8BoUDRQNGAaUA00BqYDXgG0ANsAbcOgrgALgAoACoAGQAOAAgABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AGIAMwAbwA5gB6gEMARMAlgCYAE0AKMAUoAsQBbwDCAMOAZABlADRAGyAN8Ad4A9oB9gH6AP-AiwCMAEcgJSAlQBQQCngFXALFAWgBaYC5gLqAXkAxQBtADcQHTAdQA9ACHQEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC2AFwALkAXaAu8BeYDBgGEgMNAYwAx4BkgDJwGVAMsAZcAzkBnwDRIGkAaSA0sBrADYyADUABAAQQAvgBoAD-AJEAUgAtwBfADLgGoAaoA2gBxADkAHOAOwAeABBQCfAFLAKyAWIAwABhADMgG8AOcAdUA7YCHwEegJCAScAlcBMQCbQFCgKQAUmArYBbQC6AF5AL2AYEAw8BmgDQgGigNKAamA2wBtxCBqAAsACgAGQAXAAxACGAEwAKoAXAAxABmADeAHoARwAsQBhADKAG-AO8AfYA_wCMAEcAJTAUEBQwCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAJsAU0AsUBaIC2AFwALkAXaAyIBk4DOQGeAM-AaIA0kBpYDgCQCYAAQABgAHAAXAByAFQAMgAbwBCACRAFJALkAvgBlgDSAGoANoAdwBAACEgEtAJ8AVAArIBrwDeAHVAPsAlYBNoCkwFlALSAXsAw8BiIDFgGlANyJQNQAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADMAG2AQwBEgCOAFGAKUAW4AwgBlADZAHeAPwAjABHACTgFPAKvAWgBaQC6gGKANwAdQA-QCHQEVAIvASIAmwBYoC2AF2gLzAZEAycBlgDOQGeAM-AaQA1gBwBQCUAAIAAwAFwAPgAtAByAD8AIwAVAArABfADIAG2AN4A5ACEAEcAJEATIAnQBSQC5AL4AZYA0gBqADXAG0AOIAc4A6gB3ADwAHyAQAAg4BCQCKgEiAJOAS0Am0BPgE_AKWAVkAsQBdQDAQGEAYoA14BvADqgHbAPIAfIA_4CPQExAJlATaApABTACpgFbAK7AWgAvIBfQDAgGHgMWAaIA0qBqQGpgNeAcEUggAALgAoACoAGQAOAAggBgAGMANAA1AB5AEMARAAmABPACkAFUALAAYgAzABzgEMARIAowBSgCxAFuAMIAZQA0QBsgDvgH2AfoBFgCMAEcAJTAUEBQwCrgFbALmAXkA2gBuAD0AIdAReAkQBNgCdgFDgLFAWwAuABcgC7QF5gMNAYwAyIBkgDJwGXAM5AZ4Az6BpAGkwNYA1kBsYA.YAAAAAAAAAAA&cmpStat=1&ccpa=1---&ccpaStat=1&ref=https%3A%2F%2Finfo.sysdig.com%2F&ogn=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.18.132 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6c3bee4506798e96c574250d295accecc8c4bab4c24390259b62a2b0fb68ad78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:04 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, VIE, Europe1
x-timer: S1658929684.267875,VS0,VE213
accept-ranges: bytes
x-served-by: cache-lga21968-LGA, cache-vie6348-VIE
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 5d884a6d4a6d22c4c9204bc1c1a28aed
content-encoding: gzip
content-length: 35305
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 5b27ee7e8c1abc4e7900000f Show response
api.cnevids.com/v1/video_groups/ 104 KB
18 KB 198ms
198ms XHR
application/json 52.6.23.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cnevids.com/v1/video_groups/5b27ee7e8c1abc4e7900000f?endpoint=oo.arstechnica

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-a3cc766e23.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.6.23.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-6-23-250.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

898ee33ac3ffd3d602e737052f2ea29989675075581a221f8ce0b518248a8145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/*
Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 13:48:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 17173
X-XSS-Protection: 1; mode=block
X-Request-Id: 3a7a9639-5f3a-4882-8657-9b04953c61da
X-Runtime: 0.005350
X-Backend-Node: 10.110.77.65
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
X-Frame-Options: SAMEORIGIN
ETag: W/"9b57fdf0992a63f5403ceefedf85962d"
X-Download-Options: noopen
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK n Show response
elsa.memoinsights.com/ 387 B
962 B 432ms
98ms Script
application/javascript 3.95.101.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://elsa.memoinsights.com/n?pid=62012a7a19351c07620394e0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F&author%5B%5D=Dan%20Goodin&title=Ongoing%20phishing%20campaign%20can%20hack%20you%20even%20when%20you%E2%80%99re%20protected%20with%20MFA&date=2022-07-12T22%3A58%3A06Z&referrer=https%3A%2F%2Finfo.sysdig.com%2F&ref_url=https%3A%2F%2Finfo.sysdig.com%2F&page_url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&cb=MEMO.API.callbacks.cbuqgmexbt&v=v3.0.6
Requested by: Host: cdn.memo.co
URL: https://cdn.memo.co/js/memo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.101.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-101-195.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: ee64dee554fd4aa29ec2e8f12adfe103a57483c94836141bf532fa4d6674f9a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:04 GMT
content-encoding: gzip
server: istio-envoy
content-type: application/javascript
x-envoy-upstream-service-time: 1
Connection: keep-alive
Content-Length: 264
x-request-id: 403f964de07221e3a741a18d80845598

GET
H/1.1 200
OK andoncord Show response
assoc-na.associates-amazon.com/onetag/ 16 B
415 B 414ms
108ms XHR
application/json 72.21.195.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assoc-na.associates-amazon.com/onetag/andoncord
Requested by: Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: Server /
Resource Hash: c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 13:48:04 GMT
Server: Server
x-amz-rid: P8JB3KDWVKEGJWPQ5WK3
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 16

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
531 B 52ms
51ms XHR
text/javascript 108.138.4.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3035&u=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&pr=https%3A%2F%2Finfo.sysdig.com%2F&pid=ZKlHxHemb9hMy&cb=0&ws=1600x1200&v=8.1.0&t=1000&slots=%5B%7B%22sd%22%3A%22siderail_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22rail%2Fdesktop%22%7D%2C%7B%22sd%22%3A%22post_nav_0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22hero%2Fdesktop%22%7D%5D&pj=%7B%22si_section%22%3A%22information-technology%22%2C%22us_privacy%22%3A%221---%22%7D&gdpre=1&gdprc=CPcxQAAPcxQAAAcABBENCZCgAAAAAAAAAChQAAAAAAJBAHIAAgADQAOAA8AC4AHwAWgA-ACMAEkALYAYgA_gCRAFcAL4AagA2gBxADkAHOAOoAfIA_wCBgEHAJEAT8AoYBSwDCAHVAQ2Ah8BF4CPQEhAJWATaAsIBcQC6AF1ALtAXkAwKBh4GIAMWAZCAygBoQDRgGlANTAbQA24BugDggkEcABAAC4AKAAqABkADgAHgAQAAwgBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCQCGAIkAR0AlgCXAE0AKUAW4AwwBkADLAGyAO-AewB8QD7AP0AgEBFwEYgI0AjgBKQCggFPAKuAXMAxQBrADaQG4AbwA9AB8gEOgJEATEAmUBNgCdgFDgKRAU0AsUBaAC2AFyALvAXmAwYBhIDDYGRAZIAycBlwDOQGfANIgawBrIYA8AAYABYAFwAjABJACfAFQAVQAtgBiADeAKQAaUA1ADVAHEAS0ApYBsgDqAIbAReAkIBQ4CxAFxAMCAYeAxYBkYDQgG6BoD4AVgAuACGAGQAMsAbIA7AB-AEAAIKARgAp4BV4C0ALSAawA3gB1QD5AIdARUAkQBNgCdgFIgLkAYSAxgBk4DOQGeAM-EAHgADAALAAuADUAIwASQAngBVAC2AGIAN4ApABXADUAHEAPkAkQBLQClwG4AbwBDYCLwEhAKHAXEAwIBh4DFgGhAN0EQGAArACGAGQAMsAbIA7AB-AEAAIwAU8Aq4BrADqgHyAQ6AkQBNgCdgFIgLkAYSAycBnIDPhUBcACgAQwAmABcAEcAMsAdgBGACOAFXgLQAtIBvAEggJiATYAtgBcgC8wGRAM5AZ4Az4BuQoAoAGIATIApABlQDUANUAbQA4gByADwAIKAS0ApYB1QEegLEAYEAw8BmgDQgGvDACoANQAxACZAFIAMoAagA2gBxADkAHgAS0ApYBYgDqgI9AScAsQBeQDAgGHgNCGQFAAhgBMAEcAMsAdgA-wCMAEcAKuAVsA3gCYgE2ALRAWwAvMBkQDOQGeAM-HAXwABAAGAARAA4ADwALgAfABaADmAH4AggBGAC2AF0AL4AZAA0AB_AEIAJEAToApABZgC-AGWANKAagBqgDaAHEAOQAc4A6gB2ADuAHzAQABBYCDgIQAREAkQBLQCbQE-AT8ApYBUACsgFtAL1AYABgQDCAGZANYAa8A3gBx4DnAOkAdUA8gB8gEIAIbgQ-BEACIgEegJCgSsBK4CYgEygJtAUKApABSYCmAFTAKqgVsBXYCygFpALUAXFAugC6gF7AL6AYFAw8DEAGLAMhAZQAy8BoUDRQNGAaUA00BqYDXgG0ANsAbcOgrgALgAoACoAGQAOAAgABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AGIAMwAbwA5gB6gEMARMAlgCYAE0AKMAUoAsQBbwDCAMOAZABlADRAGyAN8Ad4A9oB9gH6AP-AiwCMAEcgJSAlQBQQCngFXALFAWgBaYC5gLqAXkAxQBtADcQHTAdQA9ACHQEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC2AFwALkAXaAu8BeYDBgGEgMNAYwAx4BkgDJwGVAMsAZcAzkBnwDRIGkAaSA0sBrADYyADUABAAQQAvgBoAD-AJEAUgAtwBfADLgGoAaoA2gBxADkAHOAOwAeABBQCfAFLAKyAWIAwABhADMgG8AOcAdUA7YCHwEegJCAScAlcBMQCbQFCgKQAUmArYBbQC6AF5AL2AYEAw8BmgDQgGigNKAamA2wBtxCBqAAsACgAGQAXAAxACGAEwAKoAXAAxABmADeAHoARwAsQBhADKAG-AO8AfYA_wCMAEcAJTAUEBQwCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAJsAU0AsUBaIC2AFwALkAXaAyIBk4DOQGeAM-AaIA0kBpYDgCQCYAAQABgAHAAXAByAFQAMgAbwBCACRAFJALkAvgBlgDSAGoANoAdwBAACEgEtAJ8AVAArIBrwDeAHVAPsAlYBNoCkwFlALSAXsAw8BiIDFgGlANyJQNQAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADMAG2AQwBEgCOAFGAKUAW4AwgBlADZAHeAPwAjABHACTgFPAKvAWgBaQC6gGKANwAdQA-QCHQEVAIvASIAmwBYoC2AF2gLzAZEAycBlgDOQGeAM-AaQA1gBwBQCUAAIAAwAFwAPgAtAByAD8AIwAVAArABfADIAG2AN4A5ACEAEcAJEATIAnQBSQC5AL4AZYA0gBqADXAG0AOIAc4A6gB3ADwAHyAQAAg4BCQCKgEiAJOAS0Am0BPgE_AKWAVkAsQBdQDAQGEAYoA14BvADqgHbAPIAfIA_4CPQExAJlATaApABTACpgFbAK7AWgAvIBfQDAgGHgMWAaIA0qBqQGpgNeAcEUggAALgAoACoAGQAOAAggBgAGMANAA1AB5AEMARAAmABPACkAFUALAAYgAzABzgEMARIAowBSgCxAFuAMIAZQA0QBsgDvgH2AfoBFgCMAEcAJTAUEBQwCrgFbALmAXkA2gBuAD0AIdAReAkQBNgCdgFDgLFAWwAuABcgC7QF5gMNAYwAyIBkgDJwGXAM5AZ4Az6BpAGkwNYA1kBsYA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.4.10 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-4-10.fra56.r.cloudfront.net

Software

Server /

Resource Hash

159bd804f3a207ce59088ef63f186ba5b3d906d5245b7bfa882a6a6c3f6a9314

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:04 GMT
via: 1.1 1c7275102c069b3b4bff7bcc191ded2e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P6
x-amz-rid: GE8M289WZBX77F0XRXHE
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: rVFoTHTPtKB5ee5vIxDTUyV1uaiPB7WMDtum_zDf14LcPycznlPEkw==

GET
H/1.1 200
OK 5fbe751038d069741986d243.js Show response
player.cnevids.com/script/video/ 64 KB
22 KB 109ms
109ms Script
text/javascript 18.66.97.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/script/video/5fbe751038d069741986d243.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_f80c4236-807d-4d32-91a3-d90d10de3dcf_cral2-2_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false&isRightRail=true

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/interlude/arstechnica.js?isRightRail=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-74.fra56.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

1d5d1f3ca5f87c9528d02a47a700d3bcfbf4cb7a05c63f48917412de98c9baf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 13:48:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA56-P2
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Request-Id: 8492554c-1d02-4098-93d0-ad63fb6d82dc
X-Runtime: 0.004505
X-Backend-Node: 10.110.79.181
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"2f32d7a46e75096227c6b944bcc96288"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Id: ih02_nnauuUQmc-fJrbMVcC-F4ov9lr5gB_LChQd-ZzPg1VICuJSzA==

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 327 B
1 KB 215ms
115ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552988&size_id=15&alt_size_ids=10&us_privacy=1---&eid_pubcid.org=e3218a7a-bd5e-4a11-bd12-15df661ee0f9%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&tg_i.cnt_tags=2-factor-authentication%2C2fa%2Ctwo-factor-authentication&tk_flint=pbjs_lite_v6.25.0&x_source.tid=ce09540b-a3fd-4338-9600-0c7820a74811&l_pb_bid_id=25758dbc3857e3&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9016116040297557
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1f0c7b5036a2e440d38d63c71470896c0a8d057ad263c679b60db0152d3cd4d9

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 13:48:04 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 327
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 327 B
1 KB 232ms
132ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552990&size_id=15&alt_size_ids=10&us_privacy=1---&eid_pubcid.org=e3218a7a-bd5e-4a11-bd12-15df661ee0f9%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&tg_i.cnt_tags=2-factor-authentication%2C2fa%2Ctwo-factor-authentication&tk_flint=pbjs_lite_v6.25.0&x_source.tid=ce09540b-a3fd-4338-9600-0c7820a74811&l_pb_bid_id=318d1daeddcbd4&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8628720290529166
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 3ccd0c282ca2b488eb7f41a6d5f97104532c397e11cde7fd7558dedff97ef36f

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 13:48:04 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 327
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
644 B 220ms
157ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=375865&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224d72747315cc3b%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Finfo.sysdig.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw%3Fcnt_tags%3D2-factor-authentication%252C2fa%252Ctwo-factor-authentication%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cnt_tags%22%3A%5B%222-factor-authentication%22%2C%222fa%22%2C%22two-factor-authentication%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%22%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2254fc7290063a62%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22375865%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22375864%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e3218a7a-bd5e-4a11-bd12-15df661ee0f9%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2162b2851f01366527b76a824d56db26b90cbcbefa318a514f9f5687b49dbd21

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 13:48:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4uB8JYK3nDNecNOd6KgAUzeRiMsTHXXVU%2BoYayz%2BOPjb2%2B%2BCYFZpSBKHR0mdic9ajYFmgi0YXWY%2FheV3599oySI%2BVBi75KWQeO8ybvE%2FInY5iCLlP7PPmY%2BErtW5gPbvChKb0GF"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7315d49edd63904e-FRA
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 192ms
108ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a969ce00175757040bb70c50db8002f&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 37d6a56bccac8e4cf741f7f2358449a5ec1bf10f1f828ff6744c127304c32447

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 13:48:04 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 210ms
127ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a9691380175757044fd70c50ec60030&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 087ba57c91e4b5c40a047bba7b6ddb98328b34fb9f69fbf8bb135402b3d67a0a

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 13:48:04 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 arj Show response
condenastus-d.openx.net/w/1.0/ 73 B
148 B 77ms
26ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ce09540b-a3fd-4338-9600-0c7820a74811%2Cce09540b-a3fd-4338-9600-0c7820a74811&nocache=1658929690014&us_privacy=1---&pubcid=e3218a7a-bd5e-4a11-bd12-15df661ee0f9&aus=300x250%2C300x600%7C300x250%2C300x600&divids=rail_300x250_300x600%2Crail_300x250_300x600&aucs=%2C&auid=541000589%2C541000592&aumfs=50%2C50
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: d1f91e655a9e406fc235e03d99fd2ccc948bbd7a134a66270eba56cef9714b7b

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 13:48:04 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://arstechnica.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
877 B 115ms
67ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 816b115aca154cbf0d74247d77c06067136b4836a74697a4374480ecf67e8921

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 13:48:04 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 326 B
1 KB 120ms
45ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552960&size_id=2&alt_size_ids=57&us_privacy=1---&eid_pubcid.org=e3218a7a-bd5e-4a11-bd12-15df661ee0f9%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&tg_i.cnt_tags=2-factor-authentication%2C2fa%2Ctwo-factor-authentication&tk_flint=pbjs_lite_v6.25.0&x_source.tid=c825415d-d482-4bb3-bdf1-12ef8b7d1247&l_pb_bid_id=20519edf765678a&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.14669157404948163
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c321421a6a38ffbb8e54fec88a8e7435963887275f9287ec806d63dbba0c33fa

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 13:48:04 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 326
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 326 B
1 KB 160ms
85ms XHR
application/json 2602:803:c003:200::61
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552962&size_id=2&alt_size_ids=57&us_privacy=1---&eid_pubcid.org=e3218a7a-bd5e-4a11-bd12-15df661ee0f9%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&tg_i.cnt_tags=2-factor-authentication%2C2fa%2Ctwo-factor-authentication&tk_flint=pbjs_lite_v6.25.0&x_source.tid=c825415d-d482-4bb3-bdf1-12ef8b7d1247&l_pb_bid_id=21b2981baaac9e6&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8064818010181019
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::61 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 48da39fec3c4f7ef58846e7bdb466a6632fe324a873c1c4035b6bb882699a30d

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 13:48:04 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 326
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
313 B 210ms
171ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=375849&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2222331319a02b59a%22%2C%22site%22%3A%7B%22ref%22%3A%22https%3A%2F%2Finfo.sysdig.com%2F%22%2C%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw%3Fcnt_tags%3D2-factor-authentication%252C2fa%252Ctwo-factor-authentication%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cnt_tags%22%3A%5B%222-factor-authentication%22%2C%222fa%22%2C%22two-factor-authentication%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.25.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%22%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2223f41c72eb2e605%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22375849%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22375848%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22e3218a7a-bd5e-4a11-bd12-15df661ee0f9%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4afac1b90153682298ebc6799a113177d8a80ee7825314bf04be1db4536e0a26

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 13:48:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VaedNpTGWfQGB7lOz7zMxoQL3nS5i451%2FmYVdXLBSzu7sehJhucdqqXns2lqWYNjFzeSsOXgewcdsonMjtbtAQhpubSf1QNssi2%2FcLUjLNUm%2FMBqxpef%2F1zKIRZ6FePPF1z3hG4Z"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7315d49edd65904e-FRA
expires: 0

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 169ms
102ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a969ce00175757040bb70c4ff01002a&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: e914042ca01b6f894abfe2f3390c1d0fa41453e932e9dc4084653e585fdb5f48

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 13:48:04 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
291 B 135ms
69ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a9691380175757044fd70c4fff3002b&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: 1fa84b33882c8343eefc309129e91e3d145340c94527832734b1cad6d6a39375

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 13:48:04 GMT
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 arj Show response
condenastus-d.openx.net/w/1.0/ 72 B
376 B 60ms
24ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c825415d-d482-4bb3-bdf1-12ef8b7d1247%2Cc825415d-d482-4bb3-bdf1-12ef8b7d1247&nocache=1658929690030&us_privacy=1---&pubcid=e3218a7a-bd5e-4a11-bd12-15df661ee0f9&aus=728x90%2C970x250%7C728x90%2C970x250&divids=hero_728x90_970x250%2Chero_728x90_970x250&aucs=%2C&auid=541000619%2C541000563&aumfs=50%2C50
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 108e0116db150225eeb3f00cc94bcca615ee17973e209ae1e8800957c33d3e1f

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 13:48:04 GMT
content-encoding: gzip
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://arstechnica.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
738 B 102ms
68ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 20f47e28c2c7f9e854f733e0d746952c49f760ea299b5989313e108c5a3ae0b5

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 13:48:04 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK embed-api.json Show response
player.cnevids.com/ 11 KB
5 KB 29ms
12ms Fetch
application/json 18.66.97.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/embed-api.json?videoId=5fbe751038d069741986d243&playerType=interlude&embedLocation=arstechnica

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5fbe751038d069741986d243.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_f80c4236-807d-4d32-91a3-d90d10de3dcf_cral2-2_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false&isRightRail=true

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-74.fra56.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

76137f665cd725b8769ebfdb486d27e73b9d6ef08a0ba5cf14c1f9c08e4ff41a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 13:46:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Age: 92
X-Cache: Hit from cloudfront
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 3666
X-XSS-Protection: 1; mode=block
X-Request-Id: 0b3cb73b-9cb7-48ea-9d13-9380ff84ffed
X-Runtime: 0.009840
X-Backend-Node: 10.110.79.181
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"feacc6d7be501ca6a7a702ddabcb4dd0"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control: max-age=300, public
X-Amz-Cf-Pop: FRA56-P2
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: -n6Ujex0M9uFK3NB20SUWLBMiJ947bR7KxAqgTT9R7owAhVEmLQd3Q==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8949 373 KB
124 KB 78ms
30ms Script
text/javascript 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a407bad2c5c1c6331c406392e74465bca0603fb1040b476e6592fe6fd4a56faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127179
x-xss-protection: 0
expires: Wed, 27 Jul 2022 13:48:04 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 83 KB
30 KB 62ms
15ms Script
text/javascript 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ddb980a95bf66aab57f96f42ec399f21297a2429cae569a24d6d6562ba24a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:39:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30528
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 20:06:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Wed, 27 Jul 2022 13:54:11 GMT

GET
H/1.1 200
OK player-style-b53d54db9671e9d427bd.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame 8949 90 KB
13 KB 66ms
8ms Stylesheet
text/css 108.138.2.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-b53d54db9671e9d427bd.css
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5fbe751038d069741986d243.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_f80c4236-807d-4d32-91a3-d90d10de3dcf_cral2-2_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false&isRightRail=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-156.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c26965b3758255462804203b738f7b446de4a66ec96fa8095a0dcc52b334918

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Mon, 16 May 2022 15:48:48 GMT
Content-Encoding: gzip
Age: 6213557
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 12888
Last-Modified: Wed, 11 May 2022 18:53:17 GMT
Server: AmazonS3
ETag: "fa4f9cf006104ef494127316840b2ea8"
x-amz-version-id: DdN5Y84Atx5yhBQvA82BKCNxeoeewWoR
Via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
X-Amz-Cf-Pop: FRA56-P6
Accept-Ranges: bytes
Content-Type: text/css; charset=utf-8
X-Amz-Cf-Id: JNGBOA7Lf3a219ATVp8-9V9IYDjPHA51pe51Bc98ZXJRmnJzMXXd0g==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK main-bccb1d7e3a2433560a4a.js Show response
d2c8v52ll5s99u.cloudfront.net/player/ Frame 8949 826 KB
225 KB 67ms
9ms Script
application/javascript 108.138.2.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5fbe751038d069741986d243.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_f80c4236-807d-4d32-91a3-d90d10de3dcf_cral2-2_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false&isRightRail=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-156.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3c4d9f4666b31ea4a41e1345392e0e32d318928f514199aa0467287588b595a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 15:34:07 GMT
Content-Encoding: gzip
Age: 3622438
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 230106
Last-Modified: Wed, 15 Jun 2022 14:19:59 GMT
Server: AmazonS3
ETag: "25d6bd0b528ddaeff8fd8207d54e1144"
x-amz-version-id: hPEm7zDE6nNI6_gl8To5o.LbMlXFYBSf
Via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
X-Amz-Cf-Pop: FRA56-P6
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: hAj2jZwR4GICcUG9D23nSUbp1dpIA2FjCG95MEULF1GWvMIaolyUvw==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
571 B 76ms
35ms XHR
text/plain 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=383250&u=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 13:48:04 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mziZnm8Ivaakv78r0Cri4ZrmMv1bu7nZAE06MjtQ3%2FNyNO8CaK2ZIwQIuqFGfEHj1t5WmVqw7kL9Eneso%2B3kZ6dSAUOzig0btKJub8mSvJTbxdoVxY31OFy8g6XALNDFeJ7Aplrr80A%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7315d49f8a789249-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H/1.1 200
OK 60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady37779495 Show response
player.cnevids.com/script/video/ 64 KB
22 KB 108ms
108ms Script
text/javascript 18.66.97.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady37779495

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-a3cc766e23.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-74.fra56.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

1d5d1f3ca5f87c9528d02a47a700d3bcfbf4cb7a05c63f48917412de98c9baf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 13:48:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA56-P2
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 21725
X-XSS-Protection: 1; mode=block
X-Request-Id: 138cae5d-fdb5-4b20-aee9-fe1f0457cbfb
X-Runtime: 0.004501
X-Backend-Node: 10.110.124.231
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"2f32d7a46e75096227c6b944bcc96288"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Id: O9j_jYa7NJi478deyOLRMrMOh3TEFAo78_wOaUucHlcgzAoE7sV2dQ==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1621877260/ 11 KB
12 KB 72ms
18ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

0396be2ab58ec30babd0838d7e37d6407475d4361be85ee7451dbac9186add57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA60-P3
X-Cache: RefreshHit from cloudfront
Date: Wed, 27 Jul 2022 13:48:04 GMT
Connection: keep-alive
Content-Length: 11625
Last-Modified: Thu, 20 Jan 2022 21:51:37 GMT
Server: Cloudinary
ETag: "0b80752552abdab1277829e7a4b2824a"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: jJAKFiNSLgCLmpino8-MT9knyyjSdoUSmkePFW3QNqajcmYIKTe_2g==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-the-warhammer-40k-universe-answered-by-author-dan-abnett.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1620135390/ 14 KB
15 KB 70ms
16ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1620135390/arstechnica_unsolved-mysteries-unsolved-mysteries-of-the-warhammer-40k-universe-answered-by-author-dan-abnett.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

a2bd43c80adc73ae26472a90ec3bd9df44a5b7d2dafb133b8660efd800c719b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA60-P3
X-Cache: RefreshHit from cloudfront
Date: Wed, 27 Jul 2022 13:48:04 GMT
Connection: keep-alive
Content-Length: 14620
Last-Modified: Thu, 20 Jan 2022 21:51:38 GMT
Server: Cloudinary
ETag: "7996e22c04be37a8677bb680607e6d12"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: A-67qh41o2XlIKSJFvx956-vDm4SqKxqo7M_m9pXlqe9g_CkVqhLgg==

GET
H/1.1 200
OK arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1619531614/ 5 KB
6 KB 62ms
9ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1619531614/arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

85c33811c2b04e4e02babe2fd6bd7ac0035f93e95827116429bbda2cf9c6c95d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 77
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:46:59 GMT
Connection: keep-alive
Content-Length: 5242
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "cfdeb1a825aca3ca1bf9ab3727325d27"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: jKD9K-59kzHHW5WQHHI5s74u2OpCMZlp8oCca2fqKs8xrPquV-UvTA==

GET
H/1.1 200
OK arstechnica_sitrep-boeing-707.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1615574323/ 12 KB
12 KB 63ms
9ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1615574323/arstechnica_sitrep-boeing-707.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

571479d52cd675db5573fe46973c62cba6d8224a76136fcefeb90f7dc42a6391

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 03 Jul 2022 14:13:21 GMT
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 2072083
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 11899
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "49fd6cf75b5acbe4ea95126496406585"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: GwEwc3FTYm2fzdeSlO5GGaH56OGVQGIFTLyWypB_CbCfiYoE8mOSvg==

GET
H/1.1 200
OK arstechnica_steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1611089409/ 16 KB
17 KB 19ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1611089409/arstechnica_steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

06b33c040105224101afcdaacd82b6dfb3ea1bf9ef3d7478cf5fa163a0ad65e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 238
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:44:13 GMT
Connection: keep-alive
Content-Length: 16317
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "4796345150de82db7572da4e13d5fbc1"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: VKmltUjGiffZ8zkuYUrb3N22zjqDuH5DwiXt_JOg3ty9fdNPqRp0jg==

GET
H/1.1 200
OK arstechnica_modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1607984287/ 14 KB
15 KB 16ms
15ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1607984287/arstechnica_modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

de5e37739b5797e8ba9dba4a2dcb65f37c36a65fe839cb306162e21c74ba166e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA60-P3
X-Cache: RefreshHit from cloudfront
Date: Wed, 27 Jul 2022 13:48:04 GMT
Connection: keep-alive
Content-Length: 14171
Last-Modified: Thu, 20 Jan 2022 21:51:37 GMT
Server: Cloudinary
ETag: "7f2bf661d68cedfcf91542c6e1dab7c6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: agVQcMeOxntgCA0GHOddu8Cmlh_7wVaYTCuF-iedhoBWlqjcZaI-_A==

GET
H/1.1 200
OK arstechnica_war-stories-gail-tilden.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603899385/ 15 KB
15 KB 22ms
18ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603899385/arstechnica_war-stories-gail-tilden.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

7d91c04c657709af03f6dad61d375c3208d18ab5ff7851c2472007dc05201342

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA60-P3
X-Cache: RefreshHit from cloudfront
Date: Wed, 27 Jul 2022 13:48:04 GMT
Connection: keep-alive
Content-Length: 15071
Last-Modified: Thu, 20 Jan 2022 21:51:38 GMT
Server: Cloudinary
ETag: "1f4aa6187c59e6ed79d0c3a2a0bc19d9"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: xmHgPFHsud1CGjPqQkGDSOnd7Yc7zOgLluApg48Ry1MPG-cm4QibjQ==

GET
H/1.1 200
OK arstechnica_personal-history-scott-manley.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603123470/ 14 KB
15 KB 15ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603123470/arstechnica_personal-history-scott-manley.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1f466b08649eef5ad16c20f6d7207bf8818cb107b6241950dbc568cdffc03d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 223
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:44:30 GMT
Connection: keep-alive
Content-Length: 14113
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "963bf0b22c745f95a06f32ee1317b872"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: at3w714GJiuX5iK1-1HnzkpnmqqVQqcnxr2ORtP_omHIUWeratxCew==

GET
H/1.1 200
OK arstechnica_scare-tactics-thomas-grip.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1602524702/ 15 KB
15 KB 9ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1602524702/arstechnica_scare-tactics-thomas-grip.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

617e0f9fee7ef0ca891735246b4b5a61caa3622db4a4256685b061c9f43bd053

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 26
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:47:41 GMT
Connection: keep-alive
Content-Length: 15079
Last-Modified: Thu, 20 Jan 2022 21:51:38 GMT
Server: Cloudinary
ETag: "d57f99149a48173e30de572cfa48ed93"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: rNwCARJ__9V098f80yzMWwKTvc8XqUu3A_XJqUeFNCv7QksLVO-soQ==

GET
H/1.1 200
OK arstechnica_personal-history-lgr.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1600711530/ 14 KB
15 KB 10ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1600711530/arstechnica_personal-history-lgr.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

29637e0647104ccc5d5583e652db29ce99e947c858c3d9502960e7ea7f1aea19

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 238
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:44:13 GMT
Connection: keep-alive
Content-Length: 14772
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "4049b10cd3281951b01beb4f36134234"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: pVPnZziQtEQWsrdSKbkP_TmsF1ZCaFR6dXQbo1ih_LQupnZXgjdiAQ==

GET
H/1.1 200
OK arstechnica_the-f-35-s-next-tech-upgrade.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1598890591/ 3 KB
4 KB 11ms
7ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1598890591/arstechnica_the-f-35-s-next-tech-upgrade.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3b0209841325362235c221628e471145726897e4e1c9b210b6e6b2217fdf2ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 1062574
X-Cache: Hit from cloudfront
Date: Fri, 15 Jul 2022 06:38:30 GMT
Connection: keep-alive
Content-Length: 3374
Last-Modified: Thu, 20 Jan 2022 21:49:06 GMT
Server: Cloudinary
ETag: "3f16924a1fdff64e971a0491115fc147"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 1lxoaFG343o1ChcSrzzyJvw_s1-qeGk9C5a5Cf7uY5WoI4nvr2Y4dQ==

GET
H/1.1 200
OK arstechnica_war-stories-diablo.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1597686086/ 14 KB
15 KB 9ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1597686086/arstechnica_war-stories-diablo.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

aa3b9513abbbf65a2c8483122648fce1b39b1afa2a69bdf863242f1411baba58

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 26
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:47:41 GMT
Connection: keep-alive
Content-Length: 14667
Last-Modified: Thu, 20 Jan 2022 21:51:39 GMT
Server: Cloudinary
ETag: "d4de63ae8b9ef5b77ad58eaae97d7d02"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 5hC0AVEGbJ_jE4uVJpo2fdJ8ZZGhXiRBujSgtEbOXBLKi1q0i8Bt_w==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-mortal-kombat.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1596476950/ 11 KB
12 KB 20ms
20ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1596476950/arstechnica_unsolved-mysteries-unsolved-mysteries-mortal-kombat.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

0b5c6a8d4a856db56da956eced8af9a5eb6e0a89dc67de5ffc4c83513472a3cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA60-P3
X-Cache: RefreshHit from cloudfront
Date: Wed, 27 Jul 2022 13:48:04 GMT
Connection: keep-alive
Content-Length: 11486
Last-Modified: Thu, 20 Jan 2022 21:51:38 GMT
Server: Cloudinary
ETag: "7a8a596aae95c9a900261808554523e6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: kuOdDfYbqz9y0h6SMnYxH1v-ALPEw87ALlA2HcjzJPkkmX2AAJNgpQ==

GET
H/1.1 200
OK arstechnica_us-navy-gets-an-italian-accent.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1595427354/ 6 KB
7 KB 7ms
7ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1595427354/arstechnica_us-navy-gets-an-italian-accent.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

85db95dbe15c810a710ca6d9094a2a29f2eeea05791cc7aaab7af8939684b978

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sat, 16 Jul 2022 19:13:36 GMT
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 930868
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 6124
Last-Modified: Thu, 20 Jan 2022 21:51:46 GMT
Server: Cloudinary
ETag: "51113bf4443c0cf453d0e8bf60489ac7"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 5JAcbGXM9vQ5gT5z3YNd34yQRs6tGEIRYmbzTuMe22VFI6KaW6Q1mQ==

GET
H/1.1 200
OK arstechnica_war-stories-war-stories-undone-w-slash-hisko-hulsing.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1594656439/ 10 KB
11 KB 9ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1594656439/arstechnica_war-stories-war-stories-undone-w-slash-hisko-hulsing.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e74b9cb9d8871d300d2a1d36ce2cd00dfbfe0c5d8066d1d415c4ce620a919d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 220
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:44:59 GMT
Connection: keep-alive
Content-Length: 10345
Last-Modified: Thu, 20 Jan 2022 21:52:15 GMT
Server: Cloudinary
ETag: "60622b64688dbb49917234d4091856fb"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: _oRuFhrzpm908sQbkh8-mOMGqHSlbBMIFEPStblbhBV7yA6IxW1vxA==

GET
H/1.1 200
OK arstechnica_fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1593453234/ 15 KB
16 KB 12ms
11ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1593453234/arstechnica_fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

9431bc6d1a6d036a70c92dfc9000d7965f939671a59705bdd01c3e652048ed9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 585112
X-Cache: Hit from cloudfront
Date: Wed, 20 Jul 2022 19:16:15 GMT
Connection: keep-alive
Content-Length: 15307
Last-Modified: Thu, 20 Jan 2022 21:49:07 GMT
Server: Cloudinary
ETag: "324e15e8b7d3edd23ffbf5df0a1a9e77"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: qw4sArsIJkyaGhrvC3-83zuL3fspkHWgS5geei9uAjcXKazk4db8oA==

GET
H/1.1 200
OK arstechnica_war-stories-war-stories-nba-jam.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1592315288/ 14 KB
15 KB 11ms
10ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1592315288/arstechnica_war-stories-war-stories-nba-jam.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

5be5b0170ad4bbd2be91182d137933e7de9c7e86b09ec855a4bac015ebfd746f

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 251
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:44:13 GMT
Connection: keep-alive
Content-Length: 14149
Last-Modified: Thu, 20 Jan 2022 21:51:39 GMT
Server: Cloudinary
ETag: "bd63326fa81d10df9e2da1245d3c122c"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: qXTIGbmOIqwlrs01tk0IkVy563AIyUQ5Gz1Rc_FvQfx-cUa5Ycf_fQ==

GET
H/1.1 200
OK arstechnica_linus-tech-tips-reacts-to-his-top-1000-youtube-comments.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1591804041/ 9 KB
10 KB 10ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1591804041/arstechnica_linus-tech-tips-reacts-to-his-top-1000-youtube-comments.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e8830a414dfeb4c0e0f519d3419f69849df9226f329357c938333dbf2c956f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 290
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:43:17 GMT
Connection: keep-alive
Content-Length: 9054
Last-Modified: Thu, 20 Jan 2022 21:49:07 GMT
Server: Cloudinary
ETag: "b17d3aab70cb56fbf2df892c8415ab16"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: e3uUuDbEjI5eNF8k8C3tf-sS-A5FaR6p8c8F7PH-lS7KwdORM6nVYw==

GET
H/1.1 200
OK arstechnica_war-stories-how-alan-wake-was-rebuilt-3-years-into-development.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1589408118/ 11 KB
11 KB 14ms
14ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1589408118/arstechnica_war-stories-how-alan-wake-was-rebuilt-3-years-into-development.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3f2cf5f857c617761a251ceef8f6ed452a7690e21f16eff0a70dddf9beea8633

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA60-P3
X-Cache: RefreshHit from cloudfront
Date: Wed, 27 Jul 2022 13:48:04 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2022-07-22T06:33:38.580Z;desc=hit,rtt;dur=0
Content-Length: 10817
Last-Modified: Thu, 20 Jan 2022 21:51:39 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "9417ada34c9b6b07ccd41a463b717969"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: rv4nHCpDk_LPMqNgbC-SlatoKNSwnDhcJ2pUuaxGw22zMcR4odGijg==

GET
H/1.1 200
OK arstechnica_war-stories-prince-of-persia.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1584454477/ 15 KB
16 KB 18ms
18ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1584454477/arstechnica_war-stories-prince-of-persia.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

56f8838a24cb0cc47dc34a19d6b84d6ce8bf8086b1682bbb990abc13b1e2da65

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA60-P3
X-Cache: RefreshHit from cloudfront
Date: Wed, 27 Jul 2022 13:48:04 GMT
Server-Timing: fastly;dur=1;start=2022-07-22T04:37:22.817Z;desc=hit,rtt;dur=0
Content-Length: 15682
Last-Modified: Thu, 20 Jan 2022 21:51:39 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "e9cccef2a4a4cf217be0ba162f6b4296"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 63IkOMUix072oseO-ewTWzG2pKjvxK7C__t3KT5JWdkvrzGuviHWgw==

GET
H/1.1 200
OK arstechnica_war-stories-how-crash-bandicoot-hacked-the-playstation-to-run.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582755533/ 17 KB
18 KB 17ms
17ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582755533/arstechnica_war-stories-how-crash-bandicoot-hacked-the-playstation-to-run.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

46a9ddb1f206a46900872e0a832750ae06925528f81883a3d3517fdb42aefb6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA60-P3
X-Cache: RefreshHit from cloudfront
Date: Wed, 27 Jul 2022 13:48:04 GMT
Connection: keep-alive
Content-Length: 17475
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "7588b83c6eb2a1165344abad7e12e715"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: UNIBgGU4MJme2s0JtfvQbpv2ADnnxnhIbNeB3M9LPBdyqULb15scKw==

GET
H/1.1 200
OK arstechnica_war-stories-myst.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1580223113/ 13 KB
14 KB 8ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1580223113/arstechnica_war-stories-myst.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1bf55bc00dbf13180884211c3d301729e67b81f3456225c1fbf97d271d636509

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 250
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:44:13 GMT
Connection: keep-alive
Content-Length: 13522
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "ed8c6a9aa19e7d5c7aa46a3aead23a87"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 7f3gkoDeayZe5bownh9ZiHcyvGBanpeZiIeuFOPPHu2CcgFG32qdZQ==

GET
H/1.1 200
OK arstechnica_markiplier-reacts-to-his-top-1000-youtube-comments.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1579194313/ 9 KB
9 KB 15ms
15ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1579194313/arstechnica_markiplier-reacts-to-his-top-1000-youtube-comments.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e336ff50623cff960c2396944be4392139f63dcc032e5f3428d81489fdfe697a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA60-P3
X-Cache: RefreshHit from cloudfront
Date: Wed, 27 Jul 2022 13:48:04 GMT
Connection: keep-alive
Content-Length: 8832
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "2bad386c14ac040d530ceb2ae89c8bbb"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: LmpVjwdjedX39xy_xCLHAQE9fEJfVFetShTJPvLNXrhHWxOugmOg2A==

GET
H/1.1 200
OK arstechnica_war-stories-war-stories-oddworld.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582815531/ 12 KB
13 KB 8ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582815531/arstechnica_war-stories-war-stories-oddworld.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1097abb6f0992cccc79428374463e7f23b99dae5eb85d7317b20bd57c96031bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 121
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:46:03 GMT
Connection: keep-alive
Content-Length: 12614
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "4a7903cbe66890b5688d843661943ccd"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: XL7uCWvBw1X4b03E6wo76CRzXAQO4cLoCnxb3M4vfO7byOhIt6bXQQ==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1573140819/ 11 KB
12 KB 8ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1573140819/arstechnica_unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

de24551bd4396fc8579b2d87ce01944553dd48fb52775d14373725a50efa0c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 49
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:47:41 GMT
Connection: keep-alive
Content-Length: 11417
Last-Modified: Thu, 20 Jan 2022 21:52:15 GMT
Server: Cloudinary
ETag: "3e8509d06c6610d54babcac0d91e5d93"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 5faa0Tfc1GDrlFUC1NTVBzHlBqntdlVI4sHjey1CWR7ecd9tCRApEA==

GET
H/1.1 200
OK arstechnica_war-stories-civilization.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1569003425/ 16 KB
17 KB 8ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1569003425/arstechnica_war-stories-civilization.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1c7dcc8216c6f82da2998ceeac2523632c7f9bffe510824b6d082621201f2012

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 264
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:44:13 GMT
Connection: keep-alive
Content-Length: 16236
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "72002610618f7bf8bf0e52c760e39897"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: szUWPJCsPZEVmmxfHkuXG8zR_57o2HRlVJXG6URGZWtM5x_eH8vFqA==

GET
H/1.1 200
OK arstechnica_sitrep-dod-resets-ballistic-missile-interceptor-program.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1568662260/ 11 KB
11 KB 8ms
7ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1568662260/arstechnica_sitrep-dod-resets-ballistic-missile-interceptor-program.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

7fc88c65d46e83b3f3e9f098f05fd639480332fc3718cd714725e2e4633af4e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 2082883
X-Cache: Hit from cloudfront
Date: Sun, 03 Jul 2022 11:16:21 GMT
Connection: keep-alive
Content-Length: 10793
Last-Modified: Thu, 20 Jan 2022 21:51:46 GMT
Server: Cloudinary
ETag: "0e1ff58ccf6d97759de3d774a7ff835a"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 4x8LFm_lo74yOxaRUQomLGOIE2o440r8vxlA7c2RgMlB8WZl1SY4tg==

GET
H/1.1 200
OK arstechnica_warframe-reviews.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1561556730/ 14 KB
15 KB 8ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1561556730/arstechnica_warframe-reviews.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

83a366075eb2387c6d9f848f42b08df0546027333eccf5813edf95ba45709be2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 264
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:44:13 GMT
Connection: keep-alive
Content-Length: 14837
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "1d90d6aef7585f963e1270a1a02a4dd4"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: gLdgZCl-7XIFQS7vT8GbqHNUBRBu6YZAWx1ijexl020Ava5hJ_i-xQ==

GET
H/1.1 200
OK arstechnica_war-stories-subnautica.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559747425/ 15 KB
16 KB 8ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559747425/arstechnica_war-stories-subnautica.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

20660a9ef7ec454c15b2dc62b3db084e0cc9f74c5bb6de71a96fb1a54aef00f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 264
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:44:13 GMT
Connection: keep-alive
Content-Length: 15222
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "8c45b6c645caba59f4b14d3fbdc09062"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: hVKHQgJc-6K0mSCJMamJlAdjqwwap1769xuj6mWums3Ku6NS_FF8FA==

GET
H/1.1 200
OK arstechnica_war-stories-slay-the-spire-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556741487/ 15 KB
16 KB 10ms
9ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556741487/arstechnica_war-stories-slay-the-spire-war-stories.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

f9d9e96c4439beeca49a1a10f9dffe6f5cd0b604d13aa13af170d0bc62d8ca1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 264
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:44:13 GMT
Connection: keep-alive
Content-Length: 15634
Last-Modified: Thu, 20 Jan 2022 21:51:41 GMT
Server: Cloudinary
ETag: "abee90e53f29ba0127fca9442ab50902"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: wnowt4S95WBOzadFz2cnqvl0PuTSu0mKwJlJsguKjEdtx8M87YGXcg==

GET
H/1.1 200
OK arstechnica_war-stories-amnesia-the-dark-descent-the-horror-facade.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1555359865/ 15 KB
16 KB 9ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1555359865/arstechnica_war-stories-amnesia-the-dark-descent-the-horror-facade.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1defb6bc54a7ee9c066136908360e8455c23ee9ad0dec9924e7255d7948cd4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 987865b81ba895db5b3f56f8ae175c84.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 264
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:44:13 GMT
Connection: keep-alive
Content-Length: 15251
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "3e7cdc13e718680bf5e1efa64468b560"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: yJPcaHYEAGxe46gCzetWS1KV0SHUuE2lBAdWNYN4xCAvG9niaEbGaQ==

GET
H/1.1 200
OK arstechnica_war-stories-c-and-c-tiberian-sun.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/ 19 KB
19 KB 9ms
9ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/arstechnica_war-stories-c-and-c-tiberian-sun.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 264
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:44:13 GMT
Connection: keep-alive
Content-Length: 19022
Last-Modified: Thu, 20 Jan 2022 21:51:41 GMT
Server: Cloudinary
ETag: "fe52b9acd391d8bee8de15a0f429b377"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: X-AiqGJ9IwJ31WO_f_T7NXr3Ds4Qguh4AStpKqDecAm0PjYvkJM4Kg==

GET
H/1.1 200
OK arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/ 18 KB
18 KB 9ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 264
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:44:13 GMT
Connection: keep-alive
Content-Length: 18172
Last-Modified: Thu, 20 Jan 2022 21:51:40 GMT
Server: Cloudinary
ETag: "32f1b8954559c8d598e9861f5b8360b9"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 1mx57rQIUS3mIXMM39eQIB0pval93oWTjSbnhM2XXkUjmBe_fKSz9g==

GET
H/1.1 200
OK arstechnica_war-stories-dead-space-the-drag-tentacle.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/ 7 KB
8 KB 8ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/arstechnica_war-stories-dead-space-the-drag-tentacle.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 1747783
X-Cache: Hit from cloudfront
Date: Thu, 07 Jul 2022 08:18:31 GMT
Connection: keep-alive
Content-Length: 7393
Last-Modified: Thu, 20 Jan 2022 21:51:41 GMT
Server: Cloudinary
ETag: "17a6e4b5eb75eb12f5d8c89eb3d0ace8"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: jAQvq5IBlbq7Pmkj-lxqnSfYFNE7gbW31spQDvnPZ-6OQwbO7ZpaQw==

GET
H/1.1 200
OK arstechnica_teach-the-controversy-flat-earthers.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/ 10 KB
11 KB 8ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/arstechnica_teach-the-controversy-flat-earthers.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 290
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:43:20 GMT
Connection: keep-alive
Content-Length: 10595
Last-Modified: Thu, 20 Jan 2022 21:52:14 GMT
Server: Cloudinary
ETag: "6c0c4f8a9d61ed2b5863a8058c624a37"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 89E4064ob5SOmnfZAtwmBsz-XLXa1HMRKmm37ln1iOUox_bwFi2mUA==

GET
H/1.1 200
OK arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/ 12 KB
13 KB 9ms
9ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 ab21b6436bc1d51d57b228ad39b1fa54.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 290
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:43:20 GMT
Connection: keep-alive
Content-Length: 12509
Last-Modified: Thu, 20 Jan 2022 21:52:14 GMT
Server: Cloudinary
ETag: "b9c502ffc902b60d0eb13698b37a945d"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: IexYzZQvFac9m66zX7g5lIg7ATMbg0s8aVzUgUX8nbjPQVSet8IR8A==

GET
H/1.1 200
OK arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/ 7 KB
8 KB 8ms
7ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Tue, 05 Jul 2022 10:31:22 GMT
Via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 1912602
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 7181
Last-Modified: Thu, 20 Jan 2022 21:52:14 GMT
Server: Cloudinary
ETag: "0549828edcecd339d8d10ebe6119de70"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, immutable, max-age=2592000
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 21sVkEgjautIj-GhBz_OtMYsgycFA-OUHlrq8Om-Z1fYFjk3zzWBIg==

GET
H/1.1 200
OK arstechnica_apollo-mission-episode-1.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/ 14 KB
14 KB 15ms
15ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/arstechnica_apollo-mission-episode-1.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA60-P3
X-Cache: RefreshHit from cloudfront
Date: Wed, 27 Jul 2022 13:48:04 GMT
Connection: keep-alive
Content-Length: 14040
Last-Modified: Thu, 20 Jan 2022 21:52:14 GMT
Server: Cloudinary
ETag: "ecc047c6eed3dc571a78eab647201220"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: c9nkYvJiA__hVGXT5O5x2UoVAGhFugPu-nerlwh6Ry3Mu4FuVLN2qg==

GET
H/1.1 200
OK arstechnica_richard-garriot-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/ 14 KB
14 KB 15ms
14ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/arstechnica_richard-garriot-war-stories.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA60-P3
X-Cache: RefreshHit from cloudfront
Date: Wed, 27 Jul 2022 13:48:04 GMT
Connection: keep-alive
Content-Length: 13885
Last-Modified: Thu, 20 Jan 2022 21:51:41 GMT
Server: Cloudinary
ETag: "13d45a1733ad4d2f3ae707584d6a8a32"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 9L_TlQyn0XCka0q_r_FHOm8qzDrnpHI6stb6aEE72u9eRBH7KkBn_A==

GET
DATA 200
OK truncated
/ 408 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET s2s-hb
pbs.getpublica.com/v1/ 0
0

GET
BLOB 200
OK 39bfe09a-0048-4da2-8d73-0f67172d1c60
https://arstechnica.com/ Frame 8949 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/39bfe09a-0048-4da2-8d73-0f67172d1c60
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1 200
OK embed-api.json Show response
player.cnevids.com/ 11 KB
5 KB 9ms
8ms Fetch
application/json 18.66.97.74
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/embed-api.json?videoId=60abade4dc31e5375248cba6&embedLocation=arstechnica

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady37779495

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.74 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-74.fra56.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

3399efa4756f80b55d8c0a86353a1cecf23d28555be239cc6d8efd6dc86b328b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 13:46:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Age: 92
X-Cache: Hit from cloudfront
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 3704
X-XSS-Protection: 1; mode=block
X-Request-Id: ab67be0a-4860-4790-a144-370eb775b093
X-Runtime: 0.013537
X-Backend-Node: 10.110.74.216
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"d64a43c98ee0e80263e856fbe9d299a5"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Via: 1.1 e9101023ffbe04130b9d4cac0cf9eebc.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control: max-age=300, public
X-Amz-Cf-Pop: FRA56-P2
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: 0pUf68jpzeuUpiJcOTUjhXMgrics_qszTjuor77u20wNfcfjaJIpqQ==

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 24FC 373 KB
124 KB 51ms
21ms Script
text/javascript 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady37779495

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a407bad2c5c1c6331c406392e74465bca0603fb1040b476e6592fe6fd4a56faf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127179
x-xss-protection: 0
expires: Wed, 27 Jul 2022 13:48:04 GMT

GET
H/1.1 200
OK player-style-b53d54db9671e9d427bd.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame 24FC 90 KB
13 KB 9ms
8ms Stylesheet
text/css 108.138.2.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-b53d54db9671e9d427bd.css
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady37779495
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-156.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c26965b3758255462804203b738f7b446de4a66ec96fa8095a0dcc52b334918

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Sun, 05 Jun 2022 01:34:04 GMT
Content-Encoding: gzip
Age: 4536841
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 12888
Last-Modified: Wed, 11 May 2022 18:53:17 GMT
Server: AmazonS3
ETag: "fa4f9cf006104ef494127316840b2ea8"
x-amz-version-id: DdN5Y84Atx5yhBQvA82BKCNxeoeewWoR
Via: 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
X-Amz-Cf-Pop: FRA56-P6
Accept-Ranges: bytes
Content-Type: text/css; charset=utf-8
X-Amz-Cf-Id: Axp_toK0IM2D2EXuCd02u208Iubn9f43B3po9TPLy8sV8pCSS6nIyg==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK main-bccb1d7e3a2433560a4a.js Show response
d2c8v52ll5s99u.cloudfront.net/player/ Frame 24FC 826 KB
225 KB 8ms
7ms Script
application/javascript 108.138.2.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady37779495
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-156.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f3c4d9f4666b31ea4a41e1345392e0e32d318928f514199aa0467287588b595a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 15 Jun 2022 15:34:07 GMT
Content-Encoding: gzip
Age: 3622438
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 230106
Last-Modified: Wed, 15 Jun 2022 14:19:59 GMT
Server: AmazonS3
ETag: "25d6bd0b528ddaeff8fd8207d54e1144"
x-amz-version-id: hPEm7zDE6nNI6_gl8To5o.LbMlXFYBSf
Via: 1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
X-Amz-Cf-Pop: FRA56-P6
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: yFNN4gVX8AKJKlrxhWUhzzn3nVVCfNXp-ROPCBonvWAY_bkl3bWPtA==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 9ms
7ms Image
image/png 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:04 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1656855974.293667"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Fri, 26 Aug 2022 13:48:04 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 10ms
8ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:04 GMT
last-modified: Sun, 03 Jul 2022 06:49:40 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1656855957.074767"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Fri, 26 Aug 2022 13:48:04 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 370ms
86ms Fetch
text/plain 64.202.112.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=ce65421ab0849b83bf26ffa38ddf3961_6817_1658929684406&tm=859&eT=0&widgetWidth=1220&widgetHeight=235&widgetX=190&widgetY=6727&wRV=2000831&pVis=1&lsd=-1&eIdx=&ccpa=1---&cnsntV2=CPcxQAAPcxQAAAcABBENCZCgAAAAAAAAAChQAAAAAAJBAHIAAgADQAOAA8AC4AHwAWgA-ACMAEkALYAYgA_gCRAFcAL4AagA2gBxADkAHOAOoAfIA_wCBgEHAJEAT8AoYBSwDCAHVAQ2Ah8BF4CPQEhAJWATaAsIBcQC6AF1ALtAXkAwKBh4GIAMWAZCAygBoQDRgGlANTAbQA24BugDggkEcABAAC4AKAAqABkADgAHgAQAAwgBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCQCGAIkAR0AlgCXAE0AKUAW4AwwBkADLAGyAO-AewB8QD7AP0AgEBFwEYgI0AjgBKQCggFPAKuAXMAxQBrADaQG4AbwA9AB8gEOgJEATEAmUBNgCdgFDgKRAU0AsUBaAC2AFyALvAXmAwYBhIDDYGRAZIAycBlwDOQGfANIgawBrIYA8AAYABYAFwAjABJACfAFQAVQAtgBiADeAKQAaUA1ADVAHEAS0ApYBsgDqAIbAReAkIBQ4CxAFxAMCAYeAxYBkYDQgG6BoD4AVgAuACGAGQAMsAbIA7AB-AEAAIKARgAp4BV4C0ALSAawA3gB1QD5AIdARUAkQBNgCdgFIgLkAYSAxgBk4DOQGeAM-EAHgADAALAAuADUAIwASQAngBVAC2AGIAN4ApABXADUAHEAPkAkQBLQClwG4AbwBDYCLwEhAKHAXEAwIBh4DFgGhAN0EQGAArACGAGQAMsAbIA7AB-AEAAIwAU8Aq4BrADqgHyAQ6AkQBNgCdgFIgLkAYSAycBnIDPhUBcACgAQwAmABcAEcAMsAdgBGACOAFXgLQAtIBvAEggJiATYAtgBcgC8wGRAM5AZ4Az4BuQoAoAGIATIApABlQDUANUAbQA4gByADwAIKAS0ApYB1QEegLEAYEAw8BmgDQgGvDACoANQAxACZAFIAMoAagA2gBxADkAHgAS0ApYBYgDqgI9AScAsQBeQDAgGHgNCGQFAAhgBMAEcAMsAdgA-wCMAEcAKuAVsA3gCYgE2ALRAWwAvMBkQDOQGeAM-HAXwABAAGAARAA4ADwALgAfABaADmAH4AggBGAC2AF0AL4AZAA0AB_AEIAJEAToApABZgC-AGWANKAagBqgDaAHEAOQAc4A6gB2ADuAHzAQABBYCDgIQAREAkQBLQCbQE-AT8ApYBUACsgFtAL1AYABgQDCAGZANYAa8A3gBx4DnAOkAdUA8gB8gEIAIbgQ-BEACIgEegJCgSsBK4CYgEygJtAUKApABSYCmAFTAKqgVsBXYCygFpALUAXFAugC6gF7AL6AYFAw8DEAGLAMhAZQAy8BoUDRQNGAaUA00BqYDXgG0ANsAbcOgrgALgAoACoAGQAOAAgABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AGIAMwAbwA5gB6gEMARMAlgCYAE0AKMAUoAsQBbwDCAMOAZABlADRAGyAN8Ad4A9oB9gH6AP-AiwCMAEcgJSAlQBQQCngFXALFAWgBaYC5gLqAXkAxQBtADcQHTAdQA9ACHQEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC2AFwALkAXaAu8BeYDBgGEgMNAYwAx4BkgDJwGVAMsAZcAzkBnwDRIGkAaSA0sBrADYyADUABAAQQAvgBoAD-AJEAUgAtwBfADLgGoAaoA2gBxADkAHOAOwAeABBQCfAFLAKyAWIAwABhADMgG8AOcAdUA7YCHwEegJCAScAlcBMQCbQFCgKQAUmArYBbQC6AF5AL2AYEAw8BmgDQgGigNKAamA2wBtxCBqAAsACgAGQAXAAxACGAEwAKoAXAAxABmADeAHoARwAsQBhADKAG-AO8AfYA_wCMAEcAJTAUEBQwCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAJsAU0AsUBaIC2AFwALkAXaAyIBk4DOQGeAM-AaIA0kBpYDgCQCYAAQABgAHAAXAByAFQAMgAbwBCACRAFJALkAvgBlgDSAGoANoAdwBAACEgEtAJ8AVAArIBrwDeAHVAPsAlYBNoCkwFlALSAXsAw8BiIDFgGlANyJQNQAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADMAG2AQwBEgCOAFGAKUAW4AwgBlADZAHeAPwAjABHACTgFPAKvAWgBaQC6gGKANwAdQA-QCHQEVAIvASIAmwBYoC2AF2gLzAZEAycBlgDOQGeAM-AaQA1gBwBQCUAAIAAwAFwAPgAtAByAD8AIwAVAArABfADIAG2AN4A5ACEAEcAJEATIAnQBSQC5AL4AZYA0gBqADXAG0AOIAc4A6gB3ADwAHyAQAAg4BCQCKgEiAJOAS0Am0BPgE_AKWAVkAsQBdQDAQGEAYoA14BvADqgHbAPIAfIA_4CPQExAJlATaApABTACpgFbAK7AWgAvIBfQDAgGHgMWAaIA0qBqQGpgNeAcEUggAALgAoACoAGQAOAAggBgAGMANAA1AB5AEMARAAmABPACkAFUALAAYgAzABzgEMARIAowBSgCxAFuAMIAZQA0QBsgDvgH2AfoBFgCMAEcAJTAUEBQwCrgFbALmAXkA2gBuAD0AIdAReAkQBNgCdgFDgLFAWwAuABcgC7QF5gMNAYwAyIBkgDJwGXAM5AZ4Az6BpAGkwNYA1kBsYA.YAAAAAAAAAAA&cheq=0&rtt=471&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.31 Leesburg, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Wed, 27 Jul 2022 13:48:04 GMT
content-encoding: gzip
X-TraceId: 0065789286ca04e7fd0d6cad5b61f1b7
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK onetag Show response
assoc-na.associates-amazon.com/ 64 B
463 B 103ms
103ms XHR
application/json 72.21.195.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22arstech20-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw%22%7D&u=https://arstechnica.com/information-technology/2022/07/microsoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts/?mkt_tok=MDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Requested by: Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: Server /
Resource Hash: a4d4729c8261a1a15f892bd473cda2cc31ec63c3b6e218a86ddb38ed7b757109

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 13:48:04 GMT
Server: Server
x-amz-rid: B6PKB4G5S1939EGFB2Y2
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 64

GET
BLOB 200
OK f59e3d50-adca-44e5-85da-66b3c6489738
https://arstechnica.com/ Frame 24FC 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/f59e3d50-adca-44e5-85da-66b3c6489738
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1 200
OK sf-ui-display-medium-webfont.woff2
d2c8v52ll5s99u.cloudfront.net/assets/fonts/ Frame 24FC 29 KB
30 KB 127ms
111ms Font
application/font-woff2 108.138.2.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-b53d54db9671e9d427bd.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-156.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

Referer: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-b53d54db9671e9d427bd.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
ETag: "7d18db04f980971f2a9c5026bbc34bed"
X-Amz-Cf-Pop: FRA56-P6
X-Cache: RefreshHit from cloudfront
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 29632
Access-Control-Allow-Origin: *
Last-Modified: Mon, 26 Jun 2017 15:24:42 GMT
Server: AmazonS3
Date: Wed, 27 Jul 2022 13:48:05 GMT
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff2
Via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: OB9g2L6I117KNzib6UXWYSuFwiwrWHrtdlOVd3tJxSqvtsNcZwZtxQ==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H3 200 bridge3.522.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame DD74 633 KB
205 KB 14ms
14ms Document
text/html 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.522.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30809be8855fd7127208ae071c5da033f2a51446fdeb02ba322fdc3dd6e5629f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 109030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209388
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Jul 2022 07:30:54 GMT
expires: Wed, 26 Jul 2023 07:30:54 GMT
last-modified: Mon, 18 Jul 2022 20:04:33 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 24FC 44 KB
17 KB 171ms
57ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Jul 2022 13:48:05 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 24FC 98 KB
26 KB 34ms
9ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be7fd4a76d16eaf0869c22ccbe53a3baa540ae5cabcc08dd9dc40f68268b883d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26085
x-xss-protection: 0
pragma: public
x-fb-debug: 8u2wKtI9hR1UOBtSjtxiSZiwK5Pbnwx0tOmXwMD/1uYPsJQRi6Ur2V4bZFB8GEaqoUJSkPOFXdv2U9+Zcf9YXQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Wed, 27 Jul 2022 13:48:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 24FC 48 B
48 B 435ms
97ms Image
image/gif 44.207.143.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2022-07-27T13%3A48%3A10.563Z&_c=&_t=Player%20Requested&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.143.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-143-147.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 27 Jul 2022 13:48:05 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 24FC 48 B
48 B 435ms
97ms Image
image/gif 44.207.143.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2022-07-27T13%3A48%3A10.674Z&_c=initial&_t=gptData&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&dim1=%7B%22adBlocked%22%3Afalse%2C%22adUnits%22%3A%5B%223379%2Fconde.ars%2Finterstitial%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fhero%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F2%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F3%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F2%22%5D%2C%22embedLocation%22%3A%22arstechnica%22%2C%22error%22%3A%22%22%2C%22lineItems%22%3A%5B%5D%2C%22publicaEnabled%22%3Afalse%2C%22videoId%22%3A%2260abade4dc31e5375248cba6%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.143.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-143-147.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 27 Jul 2022 13:48:05 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame 24FC 50 KB
51 KB 9ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 127
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:46:08 GMT
Connection: keep-alive
Content-Length: 51500
Last-Modified: Tue, 25 May 2021 15:04:45 GMT
Server: Cloudinary
ETag: "1631177d1131925333a3b2b652f3d8b2"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: b5u8BUcpasi0BlurSSqNP8S4mL6Jg9cDd82zIoYMntL5HH5i8QLzFA==

GET
H/1.1 206
Partial Content 1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame 24FC 866 KB
0 70ms
18ms Media
video/mp4 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 27 Jul 2022 02:24:46 GMT
Via: 1.1 650962b00c259fe47c193b15b2fe4b88.cloudfront.net (CloudFront)
Last-Modified: Mon, 24 May 2021 13:51:20 GMT
Server: AmazonS3
Age: 41000
ETag: "580642a938142bddde48207109f78d2b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-2480938/2480939
Connection: keep-alive
X-Amz-Cf-Pop: VIE50-C1
Accept-Ranges: bytes
Content-Length: 2480939
X-Amz-Cf-Id: 0-TD4xxMK1-Ta2kxsasOLsGEFYnS-l2Mk2wJxgF3KbT-SfvILt5vbw==

GET
H/1.1 206
Partial Content 1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame 24FC 976 KB
0 71ms
20ms Media
video/mp4 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 27 Jul 2022 02:24:46 GMT
Via: 1.1 87459a7837f980cdc57ba8a2c23a55ae.cloudfront.net (CloudFront)
Last-Modified: Mon, 24 May 2021 13:51:20 GMT
Server: AmazonS3
Age: 41000
ETag: "580642a938142bddde48207109f78d2b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-2480938/2480939
Connection: keep-alive
X-Amz-Cf-Pop: VIE50-C1
Accept-Ranges: bytes
Content-Length: 2480939
X-Amz-Cf-Id: hBp2XoHlwT9MvEVpFm5QjxZauugAPz8tQF76_DQqxqX4XaxzArMSlA==

GET
H/1.1 200
OK track
capture.condenastdigital.com/ 48 B
48 B 389ms
100ms Image
image/gif 44.207.143.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&app=playerservice&cCh=videos%2Fshow&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&pID=&sID=&uId=&xid=&_ts=2022-07-27T13%3A48%3A10.781Z&_c=error&_t=PrebidError&dim1=%7B%22errorData%22%3A%7B%22timeout%22%3A500%7D%7D&dim3=Timeout
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.143.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-143-147.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 27 Jul 2022 13:48:05 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK sf-ui-display-medium-webfont.woff2
d2c8v52ll5s99u.cloudfront.net/assets/fonts/ Frame 8949 29 KB
30 KB 112ms
112ms Font
application/font-woff2 108.138.2.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-b53d54db9671e9d427bd.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.2.156 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-2-156.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

Referer: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-b53d54db9671e9d427bd.css
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
ETag: "7d18db04f980971f2a9c5026bbc34bed"
X-Amz-Cf-Pop: FRA56-P6
X-Cache: RefreshHit from cloudfront
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 29632
Access-Control-Allow-Origin: *
Last-Modified: Mon, 26 Jun 2017 15:24:42 GMT
Server: AmazonS3
Date: Wed, 27 Jul 2022 13:48:06 GMT
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff2
Via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: gBBBXYhCNCP7E2S4qktZ6VecVjGgrFgvipljoF4dk4jFC39TIpPjIQ==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H3 200 bridge3.522.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9555 633 KB
205 KB 15ms
14ms Document
text/html 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.522.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30809be8855fd7127208ae071c5da033f2a51446fdeb02ba322fdc3dd6e5629f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 109031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209388
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Jul 2022 07:30:54 GMT
expires: Wed, 26 Jul 2023 07:30:54 GMT
last-modified: Mon, 18 Jul 2022 20:04:33 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8949 44 KB
16 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Jul 2022 13:48:05 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 8949 98 KB
26 KB 28ms
14ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be7fd4a76d16eaf0869c22ccbe53a3baa540ae5cabcc08dd9dc40f68268b883d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26085
x-xss-protection: 0
pragma: public
x-fb-debug: 8u2wKtI9hR1UOBtSjtxiSZiwK5Pbnwx0tOmXwMD/1uYPsJQRi6Ur2V4bZFB8GEaqoUJSkPOFXdv2U9+Zcf9YXQ==
x-frame-options: DENY
date: Wed, 27 Jul 2022 13:48:05 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 8949 48 B
48 B 376ms
98ms Image
image/gif 44.207.143.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2022-07-27T13%3A48%3A10.784Z&_c=&_t=Player%20Requested&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.143.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-143-147.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 27 Jul 2022 13:48:05 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 8949 48 B
48 B 376ms
98ms Image
image/gif 44.207.143.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2022-07-27T13%3A48%3A10.834Z&_c=initial&_t=gptData&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&dim1=%7B%22adBlocked%22%3Afalse%2C%22adUnits%22%3A%5B%223379%2Fconde.ars%2Finterstitial%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fhero%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F2%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F3%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F2%22%5D%2C%22embedLocation%22%3A%22arstechnica%22%2C%22error%22%3A%22%22%2C%22lineItems%22%3A%5B%5D%2C%22publicaEnabled%22%3Afalse%2C%22videoId%22%3A%225fbe751038d069741986d243%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.207.143.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-207-143-147.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 27 Jul 2022 13:48:05 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK arstechnica_blade-runner-game-designer-louis-castle-extended-interview.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1606334519/ Frame 8949 54 KB
54 KB 9ms
8ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1606334519/arstechnica_blade-runner-game-designer-louis-castle-extended-interview.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

fec42251b609d8b4fe4af4f0d5a4b2389feabd5f61aec3ad12e136be94e68d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 128
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:47:44 GMT
Connection: keep-alive
Content-Length: 54947
Last-Modified: Mon, 30 Nov 2020 16:04:28 GMT
Server: Cloudinary
ETag: "93bb85b226bf266717d9d17346d786f6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 0_jcckGrCbnbr2fw_uiCkRSF6HviCYH9BTtl4gstoGteBvpuJP7NlQ==

GET
H/1.1 200
OK 1c5e052d-9221-44ad-9785-4ca784ceb60dmanifest-ios.m3u8 Show response
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame 24FC 918 B
1 KB 298ms
260ms XHR
application/x-mpegurl 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dmanifest-ios.m3u8?videoIndex=0&requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 005f315d6f7cf50f04161a51e17287b5040b513267560b083a3cf39d0b892ba8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 02:34:32 GMT
Via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
Vary: Accept-Encoding,Origin
Age: 40414
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 918
Last-Modified: Mon, 24 May 2021 13:49:14 GMT
Server: AmazonS3
ETag: "4300fd3b9bba40f219ea54c572764fe0"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: VIE50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: EpE8QSVbjResF0YvaM3MKwnIIC7CQquOTq3GGEfCeGnQ2iNcZlXbmQ==

GET
H/1.1 206
Partial Content 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4thumbs.mp4
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8949 1 MB
0 40ms
18ms Media
video/mp4 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4thumbs.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 27 Jul 2022 04:04:21 GMT
Via: 1.1 87459a7837f980cdc57ba8a2c23a55ae.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Nov 2020 15:50:34 GMT
Server: AmazonS3
Age: 35025
ETag: "bea14c892156385680ebbbcf6f396a0b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-6489245/6489246
Connection: keep-alive
X-Amz-Cf-Pop: VIE50-C1
Accept-Ranges: bytes
Content-Length: 6489246
X-Amz-Cf-Id: 4xybaJXFx2lifu-BHpxHjXreekrv75f6ZQPqIKmZlzDy2I1D_zw6xw==

GET
H/1.1 206
Partial Content 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4thumbs.mp4
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8949 383 KB
0 52ms
23ms Media
video/mp4 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4thumbs.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Range: bytes=0-

Response headers

Date: Wed, 27 Jul 2022 04:04:21 GMT
Via: 1.1 650962b00c259fe47c193b15b2fe4b88.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Nov 2020 15:50:34 GMT
Server: AmazonS3
Age: 35025
ETag: "bea14c892156385680ebbbcf6f396a0b"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-6489245/6489246
Connection: keep-alive
X-Amz-Cf-Pop: VIE50-C1
Accept-Ranges: bytes
Content-Length: 6489246
X-Amz-Cf-Id: Ujn44WFlHhp6B6EbMv5WJ7NQCuZkAvaDDNU8cs3AUs3n7S0gQLEQ6w==

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4manifest-ios.m3u8 Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8949 918 B
1 KB 341ms
294ms XHR
application/x-mpegurl 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4manifest-ios.m3u8?videoIndex=0&requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e1a8b1bb3e5e1e5a8bb92ea1d8131ebb0fe1b2835b3d66f4886ccd4b5dabb27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 07:30:44 GMT
Via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
Vary: Origin
Age: 22642
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 918
Last-Modified: Wed, 25 Nov 2020 15:45:48 GMT
Server: AmazonS3
ETag: "4dc9f35d061edf6357322c1385e440dc"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: VIE50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: vIzIpCzoJuin9VMKjUz0NdsOMrjxceasJERTwVoX-wYsYyQjoLcpTg==

GET
BLOB 200
OK f99756e1-3b61-4a14-8e8a-f90710b8a3fd
https://arstechnica.com/ Frame 24FC 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/f99756e1-3b61-4a14-8e8a-f90710b8a3fd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 173d7c7e266672df75c4e048a934c55ee24d9a9028a87fd2957e74d1bd6a8d08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 5409
Content-Type: application/javascript

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame 24FC 50 KB
51 KB 272ms
250ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 128
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:46:08 GMT
Connection: keep-alive
Content-Length: 51500
Last-Modified: Tue, 25 May 2021 15:04:45 GMT
Server: Cloudinary
ETag: "1631177d1131925333a3b2b652f3d8b2"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: oQwkAZefpl8EiL-GC46Grz-QMUJY4MQMChvvwAoUJl8uKNM-z1Vp8g==

GET
H/1.1 200
OK arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame 24FC 50 KB
51 KB 222ms
222ms Image
image/jpeg 52.222.250.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 7395d1816622756cd6753f5e1281200c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 128
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:46:08 GMT
Connection: keep-alive
Content-Length: 51500
Last-Modified: Tue, 25 May 2021 15:04:45 GMT
Server: Cloudinary
ETag: "1631177d1131925333a3b2b652f3d8b2"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: WvjoefBK7ajYLX2Ojb3ns8zcj9DedNe-XKlDtPR0En3WrsVVK9ndZQ==

GET
BLOB 200
OK 0d299df3-f1cb-485b-9207-62d32db7634c
https://arstechnica.com/ Frame 8949 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/0d299df3-f1cb-485b-9207-62d32db7634c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 173d7c7e266672df75c4e048a934c55ee24d9a9028a87fd2957e74d1bd6a8d08

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 5409
Content-Type: application/javascript

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

fec42251b609d8b4fe4af4f0d5a4b2389feabd5f61aec3ad12e136be94e68d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Origin: https://arstechnica.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 128
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:47:44 GMT
Connection: keep-alive
Content-Length: 54947
Last-Modified: Mon, 30 Nov 2020 16:04:28 GMT
Server: Cloudinary
ETag: "93bb85b226bf266717d9d17346d786f6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 3gmKX7zT6PJJQk9-htsFpj7Bfb-pNmO6WUZRyj90gZz7j1kN9gS_NA==

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 24FC 4 KB
1 KB 65ms
65ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=640x480|480x70&iu=/3379/conde.ars/player/information-technology/article&ciu_szs=300x60&gdfp_req=1&env=vp&output=vmap&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.62.0%26ctx_page_slug%3Dmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%26cnt_tags%3D2-factor-authentication%252C2fa%252Ctwo-factor-authentication%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D73%26usr_bkt_pv%3D8%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dinfo.sysdig.com%26usr_auth%3Dfalse%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D%26ctx_line_items%3D%26height%3D329%26muted%3D0%26right_rail%3D0%26sensitive%3D0%26series%3D5c82bcebbcdfff6f132fc5e6%26width%3D584%26feature_flags%3Dclick-to-play&correlator=2522711648444937&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&vid=60abade4dc31e5375248cba6&cmsid=1495&ppid=

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

d92ba467850153723993674c83ddccc66213df5acbca7c0292e123bb5e9b262c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1199
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

52.222.250.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-250-121.fra60.r.cloudfront.net

Software

Cloudinary /

Resource Hash

fec42251b609d8b4fe4af4f0d5a4b2389feabd5f61aec3ad12e136be94e68d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 128
X-Cache: Hit from cloudfront
Date: Wed, 27 Jul 2022 13:47:44 GMT
Connection: keep-alive
Content-Length: 54947
Last-Modified: Mon, 30 Nov 2020 16:04:28 GMT
Server: Cloudinary
ETag: "93bb85b226bf266717d9d17346d786f6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Cache-Control: public, no-transform, max-age=300
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: hS6y1HkiEO2SXY_gNlxG7xdRgLJL0Xzplv2ARx7GNgG96sF5UMHinQ==

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8949 8 KB
1 KB 130ms
65ms XHR
text/xml 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=640x360|480x70&iu=/3379/conde.ars/rail-player/information-technology/article&ciu_szs=300x60&gdfp_req=1&env=vp&output=vmap&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.62.0%26ctx_page_slug%3Dmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%26cnt_tags%3D2-factor-authentication%252C2fa%252Ctwo-factor-authentication%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D73%26usr_bkt_pv%3D8%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dinfo.sysdig.com%26usr_auth%3Dfalse%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D%26ctx_line_items%3D%26timeout%3D500%26height%3D155%26muted%3D1%26right_rail%3D1%26sensitive%3D0%26width%3D276%26feature_flags%3Dsticky-player-rail&correlator=2522711648444937&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fblade-runner-game-director-louis-castle-extended-interview&vid=5fbe751038d069741986d243&cmsid=1495&ppid=

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9eb76b96882e952586c13834a48e3d63a653f7af91e0af167e591eb5a561582d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1255
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768.m3u8 Show response
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame 24FC 11 KB
1 KB 18ms
18ms XHR
application/x-mpegurl 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768.m3u8?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4fb846048afd0ee79141b669572402fc0a024d937c00977e124405d11cd319fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 07:18:22 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 23383
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Mon, 24 May 2021 13:54:58 GMT
Server: AmazonS3
ETag: W/"cc4f278863bddb064b3e70268d5f02f8"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: mwpM8ArxZrss8ThtLBx_MuBzqMhRk6Ssl1Es1oCmI23duWAbBB2dhw==

GET
BLOB 200
OK 2b8c8233-a764-4c6b-993c-f2774e922fc1
https://arstechnica.com/ Frame 24FC 63 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/2b8c8233-a764-4c6b-993c-f2774e922fc1
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87b2408523892f375c00a9d521c67f6eb516ecac25c479a7b15705bfab08fcd3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 64606
Content-Type: application/javascript

GET
H/1.1 200
OK 1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768-00001.ts Show response
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame 24FC 821 KB
805 KB 22ms
21ms XHR
application/x-mpegurl 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768-00001.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e944e6d1b0904bc0c1298fe828ec727bc6a9b46f0b4799e197a1a2acc46fb685

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 07:44:47 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 21799
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Mon, 24 May 2021 13:54:44 GMT
Server: AmazonS3
ETag: W/"9c6e79c618e52ccae61fce8e62e8cd50"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: RPKZexqbL2jDixq4a2r70N23LF0zZCqb9f0KFxRI2bIhcJa9uzPaFw==

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-1422k-128-48000-768.m3u8 Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8949 33 KB
2 KB 18ms
18ms XHR
application/x-mpegurl 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-1422k-128-48000-768.m3u8?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e5dbc70548742ced0b9d86447bc609eb7656f8b771bc75ea076b09dae01eb774

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 02:26:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 40876
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:59:20 GMT
Server: AmazonS3
ETag: W/"d10d81c803baf3d3b5b117d8d96b4097"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: ZtNmvP2O-ZZ56vk3PDA15HzrH3CLQqfsvGMiLLGQPfhoJTK9oviGSA==

GET
BLOB 200
OK 599ce927-1393-4f15-9132-3117925b24ca
https://arstechnica.com/ Frame 8949 63 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/599ce927-1393-4f15-9132-3117925b24ca
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 87b2408523892f375c00a9d521c67f6eb516ecac25c479a7b15705bfab08fcd3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 64606
Content-Type: application/javascript

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-1422k-128-48000-768-00001.ts Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8949 165 KB
146 KB 23ms
20ms XHR
application/x-mpegurl 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-1422k-128-48000-768-00001.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4976d521ab3918286d3cd1de1095e5ca97cf5371ec960d0c35b03b20ea1d7330

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 06:56:02 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 24724
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:59:16 GMT
Server: AmazonS3
ETag: W/"b9e00d6045b970a715955d93ba3dbc52"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: dMWIZVvbWq5ksevZsS-EQrcNEDcEr7UU3NTYHK8-v2pwktuiZX_8sQ==

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame DD74 0
540 B 491ms
59ms XHR
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?sz=640x480%7C480x70&iu=%2F3379%2Fconde.ars%2Fplayer%2Finformation-technology%2Farticle&ciu_szs=1x1&gdfp_req=1&env=vp&output=xml_vmap1&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.62.0%26ctx_page_slug%3Dmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%26cnt_tags%3D2-factor-authentication%252C2fa%252Ctwo-factor-authentication%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D73%26usr_bkt_pv%3D8%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dinfo.sysdig.com%26usr_auth%3Dfalse%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D%26ctx_line_items%3D%26height%3D329%26muted%3D0%26right_rail%3D0%26sensitive%3D0%26series%3D5c82bcebbcdfff6f132fc5e6%26width%3D584%26feature_flags%3Dclick-to-play&correlator=2522711648444937&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&vid=60abade4dc31e5375248cba6&cmsid=1495&ppid&sdkv=h.3.522.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&ptt=20&adk=3408565466&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.522.0&sid=477A8FAC-C6BD-42E2-8655-CF6E0B2CA1DF&nel=0&eid=44725356%2C44750824%2C44752657%2C44754420%2C44760950%2C44762904%2C44765701%2C44767130&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&dlt=1658929690393&idt=680&dt=1658929691690&scor=735028820202770&ged=ve4_td2_tt1_pd2_la2000_er6319.310.6472.610_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.522.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:06 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 9555 0
60 B 388ms
61ms XHR
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?sz=640x360%7C480x70&iu=%2F3379%2Fconde.ars%2Frail-player%2Finformation-technology%2Farticle&ciu_szs=1x1&gdfp_req=1&env=vp&output=xml_vmap1&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.62.0%26ctx_page_slug%3Dmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%26cnt_tags%3D2-factor-authentication%252C2fa%252Ctwo-factor-authentication%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D73%26usr_bkt_pv%3D8%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dinfo.sysdig.com%26usr_auth%3Dfalse%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D%26ctx_line_items%3D%26timeout%3D500%26height%3D155%26muted%3D1%26right_rail%3D1%26sensitive%3D0%26width%3D276%26feature_flags%3Dsticky-player-rail&correlator=2522711648444937&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fblade-runner-game-director-louis-castle-extended-interview&vid=5fbe751038d069741986d243&cmsid=1495&ppid&sdkv=h.3.522.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&ptt=20&adk=3930290185&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.522.0&sid=81FC2A87-4868-410C-96F5-5BEC9C695E42&nel=0&eid=44747319%2C44750822%2C44754420%2C44758266%2C44760950%2C44762904%2C44765701%2C44767130&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&dlt=1658929690112&idt=1072&dt=1658929691796&scor=735028820202770&ged=ve4_td2_tt1_pd2_la2000_er637.1122.790.1422_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.522.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:06 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4cc.vtt Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8949 99 KB
100 KB 21ms
21ms XHR
text/vtt 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4cc.vtt
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e99828cefaa6f9693ef337e90845b5d552f41f60f7c307c58a98c188154b7cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 13:47:42 GMT
Via: 1.1 f1a23d3ef0f9fd221ae2e300de878916.cloudfront.net (CloudFront)
Vary: Accept-Encoding,Origin
Age: 29
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 101695
Last-Modified: Wed, 25 Nov 2020 23:37:42 GMT
Server: AmazonS3
ETag: "bc1afe99a5b2115be21a54a59ccfa4f9"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: text/vtt; charset=utf-8
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: VIE50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: W3RNJrEv20uUGK-6xnLuKegygo10vyp8lw1q773jNDW-v5BppgFoOA==

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-1422k-128-48000-768-00002.ts Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8949 384 KB
375 KB 19ms
19ms XHR
application/x-mpegurl 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-1422k-128-48000-768-00002.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf3ac346996bb6026f9b290f1674b6865c20c7a7bfd878ecd5943cc372d529f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 07:02:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 24308
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:59:14 GMT
Server: AmazonS3
ETag: W/"ac9d833db6f6a28039f701c21719c904"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: syRHm7zJTe9Lb75nCElkTUmohYrmrxL4u7mJ_FzyzqHVY1oM0ytwbw==

GET
H2 200 1409 Show response
check.analytics.rlcdn.com/check/ 23 B
381 B 80ms
43ms XHR
application/json 108.138.7.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.analytics.rlcdn.com/check/1409
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-24.fra56.r.cloudfront.net
Software: /
Resource Hash: d0ef936654ba84031c1ef90617069aceaab3dac1dd0912b76ebd449f9a566e55

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 13:48:06 GMT
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amzn-requestid: 8ff96c8c-73ba-4af8-9146-6c3ead0c2132
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62e14216-00cb2e8a5efa07954ad1079c
x-amz-apigw-id: V7dDjEjWDoEFTkQ=
content-length: 23
x-amz-cf-id: nlKLRyCGNE0dIZ8PgO0mm5ghMo8scN0S2MtoVMBGMqKKjyzd9lcwzw==

GET
H2 200 1409 Show response
check.analytics.rlcdn.com/check/ 23 B
380 B 84ms
84ms XHR
application/json 108.138.7.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://check.analytics.rlcdn.com/check/1409
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-24.fra56.r.cloudfront.net
Software: /
Resource Hash: d0ef936654ba84031c1ef90617069aceaab3dac1dd0912b76ebd449f9a566e55

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 13:48:06 GMT
via: 1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P6
x-amzn-requestid: 78ac4817-3887-400c-89f1-709ba28f6255
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-62e14216-02fbff6f44de8e653a80a3c0
x-amz-apigw-id: V7dDkE3IjoEF4AQ=
content-length: 23
x-amz-cf-id: F40HK3Lef2lW97He_JlJWlpTVybpO6s_QHNy1sxKqaa5bN6oYHQDMQ==

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920.m3u8 Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8949 33 KB
2 KB 20ms
20ms XHR
application/x-mpegurl 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920.m3u8?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c093f493e07bb5abb46735a133912880470d2aece8ef9937bbefff9b93e3ddf8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 08:38:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 18599
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:58:05 GMT
Server: AmazonS3
ETag: W/"2edcb5543b29cddbe98ea0e6e6076935"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: AO2avyz3UUvE57ZXJwIMLz_fpnB3X4O-20adBMxG6LNNyEvKiBzM5A==

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00002.ts Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8949 2 MB
2 MB 19ms
19ms XHR
application/x-mpegurl 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00002.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6607887e6c31ca484193f052a418f2c548d27d2409c0041697ae071a2255924

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 05:14:36 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 30811
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:57:20 GMT
Server: AmazonS3
ETag: W/"37ec9fd3550915896f3f3087b85ad1c3"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: UOswcGlz35fwAbBgeun4Eq4vmjLoel1cscqqQ8H4IA2svrX6XTp4sA==

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00003.ts Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8949 3 MB
3 MB 18ms
18ms XHR
application/x-mpegurl 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00003.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b741c508a03df7294a47d302a7793f9cb3e6edf624dfb33ce4995790db6c705

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 02:12:46 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 41721
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:57:28 GMT
Server: AmazonS3
ETag: W/"1bd07890e903a0d61e5d709ccc866298"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: P6SzoHXqVj9Mvmua2u40bfDZRgH7YuE7Mszs-3w4IcAJpKlGKRfFrA==

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00004.ts Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8949 3 MB
3 MB 18ms
18ms XHR
application/x-mpegurl 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00004.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ee8c93fb98398e780a1d2654fe36bf40b6cca6bf01c187c62d01156ee2dc5d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 08:06:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 20479
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:57:11 GMT
Server: AmazonS3
ETag: W/"285f9bd261810dabbbc79ca24e910512"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: CTKIqM2bJCS8FZjmdRxDeQS7WlkCmDUJnuBmTCyJfoWEhWHBsTu2hg==

GET
H2 200 rid Show response
match.adsrvr.org/track/ 0
302 B 153ms
39ms XHR
application/javascript 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=3egfyfq&fmt=json
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 13:48:07 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://arstechnica.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0
expires: Thu, 27 Jul 2023 13:48:07 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
359 B 365ms
38ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1409

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 27 Jul 2022 13:48:07 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 184F 3 KB
2 KB 23ms
17ms Document
text/html 23.47.209.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.209.6 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Jul 2022 13:48:07 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame F1DE 0
80 B 39ms
22ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 27 Jul 2022 13:48:07 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame C122 3 KB
2 KB 35ms
18ms Document
text/html 23.47.209.6
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.47.209.6 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-47-209-6.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1387
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Jul 2022 13:48:07 GMT
ETag: "e20015-b68-5e4a60c97afb7"
Last-Modified: Mon, 25 Jul 2022 19:18:30 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 0DA5 281 B
554 B 191ms
17ms Document
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 27 Jul 2022 13:48:07 GMT
ETag: "40014-119-5d32342a551c0"
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 pd Show response
u.openx.net/w/1.0/ Frame 26EE 0
91 B 27ms
20ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Wed, 27 Jul 2022 13:48:07 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 7706 23 KB
8 KB 198ms
60ms Document
text/html 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C238%2C359%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C337%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1&uspstring=1---

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c60adac7eaacab9b80c8d390093da9d733b0995bfd6c97b26b23131341724613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=61978
content-encoding: gzip
content-length: 8330
content-type: text/html; charset=UTF-8
date: Wed, 27 Jul 2022 13:48:07 GMT
expires: Thu, 28 Jul 2022 07:01:05 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame D675 23 KB
8 KB 197ms
61ms Document
text/html 92.123.38.97
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1658929419

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.38.97 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-38-97.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c60adac7eaacab9b80c8d390093da9d733b0995bfd6c97b26b23131341724613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://arstechnica.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=61978
content-encoding: gzip
content-length: 8330
content-type: text/html; charset=UTF-8
date: Wed, 27 Jul 2022 13:48:07 GMT
expires: Thu, 28 Jul 2022 07:01:05 GMT
server: Apache
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-mnet-hl2: E

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00005.ts Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8949 2 MB
2 MB 18ms
18ms XHR
application/x-mpegurl 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00005.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b72f8b6e1195ddf2e574efdf2de473e3dd42579d828a6d66c868fc59a1f12bb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 04:25:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 33737
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:57:30 GMT
Server: AmazonS3
ETag: W/"7aaa4751375dc0c2738b841364e3a903"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: IIqHX6K8zu--4PC17l-V7R2EJ6krLy9tLdLDLoPsZSJ9TA8kmjk5Dg==

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 2225 54 B
632 B 95ms
36ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPcxQAAPcxQAAAcABBENCZCgAAAAAAAAAChQAAAAAAJBAHIAAgADQAOAA8AC4AHwAWgA-ACMAEkALYAYgA_gCRAFcAL4AagA2gBxADkAHOAOoAfIA_wCBgEHAJEAT8AoYBSwDCAHVAQ2Ah8BF4CPQEhAJWATaAsIBcQC6AF1ALtAXkAwKBh4GIAMWAZCAygBoQDRgGlANTAbQA24BugDggkEcABAAC4AKAAqABkADgAHgAQAAwgBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCQCGAIkAR0AlgCXAE0AKUAW4AwwBkADLAGyAO-AewB8QD7AP0AgEBFwEYgI0AjgBKQCggFPAKuAXMAxQBrADaQG4AbwA9AB8gEOgJEATEAmUBNgCdgFDgKRAU0AsUBaAC2AFyALvAXmAwYBhIDDYGRAZIAycBlwDOQGfANIgawBrIYA8AAYABYAFwAjABJACfAFQAVQAtgBiADeAKQAaUA1ADVAHEAS0ApYBsgDqAIbAReAkIBQ4CxAFxAMCAYeAxYBkYDQgG6BoD4AVgAuACGAGQAMsAbIA7AB-AEAAIKARgAp4BV4C0ALSAawA3gB1QD5AIdARUAkQBNgCdgFIgLkAYSAxgBk4DOQGeAM-EAHgADAALAAuADUAIwASQAngBVAC2AGIAN4ApABXADUAHEAPkAkQBLQClwG4AbwBDYCLwEhAKHAXEAwIBh4DFgGhAN0EQGAArACGAGQAMsAbIA7AB-AEAAIwAU8Aq4BrADqgHyAQ6AkQBNgCdgFIgLkAYSAycBnIDPhUBcACgAQwAmABcAEcAMsAdgBGACOAFXgLQAtIBvAEggJiATYAtgBcgC8wGRAM5AZ4Az4BuQoAoAGIATIApABlQDUANUAbQA4gByADwAIKAS0ApYB1QEegLEAYEAw8BmgDQgGvDACoANQAxACZAFIAMoAagA2gBxADkAHgAS0ApYBYgDqgI9AScAsQBeQDAgGHgNCGQFAAhgBMAEcAMsAdgA-wCMAEcAKuAVsA3gCYgE2ALRAWwAvMBkQDOQGeAM-HAXwABAAGAARAA4ADwALgAfABaADmAH4AggBGAC2AF0AL4AZAA0AB_AEIAJEAToApABZgC-AGWANKAagBqgDaAHEAOQAc4A6gB2ADuAHzAQABBYCDgIQAREAkQBLQCbQE-AT8ApYBUACsgFtAL1AYABgQDCAGZANYAa8A3gBx4DnAOkAdUA8gB8gEIAIbgQ-BEACIgEegJCgSsBK4CYgEygJtAUKApABSYCmAFTAKqgVsBXYCygFpALUAXFAugC6gF7AL6AYFAw8DEAGLAMhAZQAy8BoUDRQNGAaUA00BqYDXgG0ANsAbcOgrgALgAoACoAGQAOAAgABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AGIAMwAbwA5gB6gEMARMAlgCYAE0AKMAUoAsQBbwDCAMOAZABlADRAGyAN8Ad4A9oB9gH6AP-AiwCMAEcgJSAlQBQQCngFXALFAWgBaYC5gLqAXkAxQBtADcQHTAdQA9ACHQEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC2AFwALkAXaAu8BeYDBgGEgMNAYwAx4BkgDJwGVAMsAZcAzkBnwDRIGkAaSA0sBrADYyADUABAAQQAvgBoAD-AJEAUgAtwBfADLgGoAaoA2gBxADkAHOAOwAeABBQCfAFLAKyAWIAwABhADMgG8AOcAdUA7YCHwEegJCAScAlcBMQCbQFCgKQAUmArYBbQC6AF5AL2AYEAw8BmgDQgGigNKAamA2wBtxCBqAAsACgAGQAXAAxACGAEwAKoAXAAxABmADeAHoARwAsQBhADKAG-AO8AfYA_wCMAEcAJTAUEBQwCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAJsAU0AsUBaIC2AFwALkAXaAyIBk4DOQGeAM-AaIA0kBpYDgCQCYAAQABgAHAAXAByAFQAMgAbwBCACRAFJALkAvgBlgDSAGoANoAdwBAACEgEtAJ8AVAArIBrwDeAHVAPsAlYBNoCkwFlALSAXsAw8BiIDFgGlANyJQNQAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADMAG2AQwBEgCOAFGAKUAW4AwgBlADZAHeAPwAjABHACTgFPAKvAWgBaQC6gGKANwAdQA-QCHQEVAIvASIAmwBYoC2AF2gLzAZEAycBlgDOQGeAM-AaQA1gBwBQCUAAIAAwAFwAPgAtAByAD8AIwAVAArABfADIAG2AN4A5ACEAEcAJEATIAnQBSQC5AL4AZYA0gBqADXAG0AOIAc4A6gB3ADwAHyAQAAg4BCQCKgEiAJOAS0Am0BPgE_AKWAVkAsQBdQDAQGEAYoA14BvADqgHbAPIAfIA_4CPQExAJlATaApABTACpgFbAK7AWgAvIBfQDAgGHgMWAaIA0qBqQGpgNeAcEUggAALgAoACoAGQAOAAggBgAGMANAA1AB5AEMARAAmABPACkAFUALAAYgAzABzgEMARIAowBSgCxAFuAMIAZQA0QBsgDvgH2AfoBFgCMAEcAJTAUEBQwCrgFbALmAXkA2gBuAD0AIdAReAkQBNgCdgFDgLFAWwAuABcgC7QF5gMNAYwAyIBkgDJwGXAM5AZ4Az6BpAGkwNYA1kBsYA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7315d4b37ed9690a-FRA
content-encoding: br
content-type: text/html
date: Wed, 27 Jul 2022 13:48:07 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7agZS2iZYIGVTHHGVNaOrcFexupreOXmud%2FOHxykgn82vXGIQpWNA7oOZ2G%2BUpdXO0ky58OUEl3oofmlfL2ZPWDwP0WwjW%2FqukQtd%2FIXgrAbOhPbJ1novfQrie%2B2EKWqgAFv3Zw7Klrkiw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H2 200 usermatch Show response
ssum-sec.casalemedia.com/ Frame 4AD1 54 B
342 B 63ms
42ms Document
text/html 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPcxQAAPcxQAAAcABBENCZCgAAAAAAAAAChQAAAAAAJBAHIAAgADQAOAA8AC4AHwAWgA-ACMAEkALYAYgA_gCRAFcAL4AagA2gBxADkAHOAOoAfIA_wCBgEHAJEAT8AoYBSwDCAHVAQ2Ah8BF4CPQEhAJWATaAsIBcQC6AF1ALtAXkAwKBh4GIAMWAZCAygBoQDRgGlANTAbQA24BugDggkEcABAAC4AKAAqABkADgAHgAQAAwgBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCQCGAIkAR0AlgCXAE0AKUAW4AwwBkADLAGyAO-AewB8QD7AP0AgEBFwEYgI0AjgBKQCggFPAKuAXMAxQBrADaQG4AbwA9AB8gEOgJEATEAmUBNgCdgFDgKRAU0AsUBaAC2AFyALvAXmAwYBhIDDYGRAZIAycBlwDOQGfANIgawBrIYA8AAYABYAFwAjABJACfAFQAVQAtgBiADeAKQAaUA1ADVAHEAS0ApYBsgDqAIbAReAkIBQ4CxAFxAMCAYeAxYBkYDQgG6BoD4AVgAuACGAGQAMsAbIA7AB-AEAAIKARgAp4BV4C0ALSAawA3gB1QD5AIdARUAkQBNgCdgFIgLkAYSAxgBk4DOQGeAM-EAHgADAALAAuADUAIwASQAngBVAC2AGIAN4ApABXADUAHEAPkAkQBLQClwG4AbwBDYCLwEhAKHAXEAwIBh4DFgGhAN0EQGAArACGAGQAMsAbIA7AB-AEAAIwAU8Aq4BrADqgHyAQ6AkQBNgCdgFIgLkAYSAycBnIDPhUBcACgAQwAmABcAEcAMsAdgBGACOAFXgLQAtIBvAEggJiATYAtgBcgC8wGRAM5AZ4Az4BuQoAoAGIATIApABlQDUANUAbQA4gByADwAIKAS0ApYB1QEegLEAYEAw8BmgDQgGvDACoANQAxACZAFIAMoAagA2gBxADkAHgAS0ApYBYgDqgI9AScAsQBeQDAgGHgNCGQFAAhgBMAEcAMsAdgA-wCMAEcAKuAVsA3gCYgE2ALRAWwAvMBkQDOQGeAM-HAXwABAAGAARAA4ADwALgAfABaADmAH4AggBGAC2AF0AL4AZAA0AB_AEIAJEAToApABZgC-AGWANKAagBqgDaAHEAOQAc4A6gB2ADuAHzAQABBYCDgIQAREAkQBLQCbQE-AT8ApYBUACsgFtAL1AYABgQDCAGZANYAa8A3gBx4DnAOkAdUA8gB8gEIAIbgQ-BEACIgEegJCgSsBK4CYgEygJtAUKApABSYCmAFTAKqgVsBXYCygFpALUAXFAugC6gF7AL6AYFAw8DEAGLAMhAZQAy8BoUDRQNGAaUA00BqYDXgG0ANsAbcOgrgALgAoACoAGQAOAAgABdADAAMYAaABqADwAH0AQwBEACYAE-AKoArABYAC4AGIAMwAbwA5gB6gEMARMAlgCYAE0AKMAUoAsQBbwDCAMOAZABlADRAGyAN8Ad4A9oB9gH6AP-AiwCMAEcgJSAlQBQQCngFXALFAWgBaYC5gLqAXkAxQBtADcQHTAdQA9ACHQEVAIvASCAkQBKgCbAE7AKHAU0AqwBYoC2AFwALkAXaAu8BeYDBgGEgMNAYwAx4BkgDJwGVAMsAZcAzkBnwDRIGkAaSA0sBrADYyADUABAAQQAvgBoAD-AJEAUgAtwBfADLgGoAaoA2gBxADkAHOAOwAeABBQCfAFLAKyAWIAwABhADMgG8AOcAdUA7YCHwEegJCAScAlcBMQCbQFCgKQAUmArYBbQC6AF5AL2AYEAw8BmgDQgGigNKAamA2wBtxCBqAAsACgAGQAXAAxACGAEwAKoAXAAxABmADeAHoARwAsQBhADKAG-AO8AfYA_wCMAEcAJTAUEBQwCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAJsAU0AsUBaIC2AFwALkAXaAyIBk4DOQGeAM-AaIA0kBpYDgCQCYAAQABgAHAAXAByAFQAMgAbwBCACRAFJALkAvgBlgDSAGoANoAdwBAACEgEtAJ8AVAArIBrwDeAHVAPsAlYBNoCkwFlALSAXsAw8BiIDFgGlANyJQNQAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABiADMAG2AQwBEgCOAFGAKUAW4AwgBlADZAHeAPwAjABHACTgFPAKvAWgBaQC6gGKANwAdQA-QCHQEVAIvASIAmwBYoC2AF2gLzAZEAycBlgDOQGeAM-AaQA1gBwBQCUAAIAAwAFwAPgAtAByAD8AIwAVAArABfADIAG2AN4A5ACEAEcAJEATIAnQBSQC5AL4AZYA0gBqADXAG0AOIAc4A6gB3ADwAHyAQAAg4BCQCKgEiAJOAS0Am0BPgE_AKWAVkAsQBdQDAQGEAYoA14BvADqgHbAPIAfIA_4CPQExAJlATaApABTACpgFbAK7AWgAvIBfQDAgGHgMWAaIA0qBqQGpgNeAcEUggAALgAoACoAGQAOAAggBgAGMANAA1AB5AEMARAAmABPACkAFUALAAYgAzABzgEMARIAowBSgCxAFuAMIAZQA0QBsgDvgH2AfoBFgCMAEcAJTAUEBQwCrgFbALmAXkA2gBuAD0AIdAReAkQBNgCdgFDgLFAWwAuABcgC7QF5gMNAYwAyIBkgDJwGXAM5AZ4Az6BpAGkwNYA1kBsYA.YAAAAAAAAAAA&us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7315d4b37edc690a-FRA
content-encoding: br
content-type: text/html
date: Wed, 27 Jul 2022 13:48:07 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QvW944iCAQAX%2B5DaFADLBF8mbJ%2FeLBzmYfLSuCas4BaUMu3TmJwbDiKL6VWSiKjGEzcfoBLVgWKJ70r2%2BiIkHNXCgDR1D0mAKf7nzVTnHCX%2FdWAfM5vMnjVJbKGBfoSkrQEYM%2BQu%2BO%2F8ww%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Is-Traffic-Usersync, Accept-Encoding

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 0DA5 31 KB
10 KB 19ms
18ms Script
text/html 92.123.9.160
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.123.9.160 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-123-9-160.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bce483ce05e34af34c91bf765756b9bb814731a1a6dd1bb73fc3a05ec93b5dc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 13:48:07 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 Jul 2022 20:44:25 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=60064
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9453
Expires: Thu, 28 Jul 2022 06:29:11 GMT

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00006.ts Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8949 2 MB
2 MB 18ms
17ms XHR
application/x-mpegurl 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00006.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b5f97631f684e383aa8433196eadfd30e32e14e6cc3ca5be476a4b66f58a51

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 02:39:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 40091
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:58:04 GMT
Server: AmazonS3
ETag: W/"619c89aa02d359d8bf26bf48cae62093"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: JSigPUs79LO9CtYBe1soJDtMeFK6c0chtKu0U-0V3V_n9h5s4yqyAA==

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 0DA5
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=oAF3QZb0RJGqWMc01julZQ&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=oAF3QZb0RJGqWMc01julZQ

43 B
556 B

43ms
42ms

Image
image/gif

52.94.222.140
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=oAF3QZb0RJGqWMc01julZQ

Protocol

HTTP/1.1

Server

52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 13:48:08 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: M7E1ANC3SF544Z2VJHSY
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=oAF3QZb0RJGqWMc01julZQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 0DA5
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/L3Tk-7i1FJvViD40v4LH8Mn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8684393549036524629

0
239 B

58ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8684393549036524629
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

date: Wed, 27 Jul 2022 13:48:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8684393549036524629
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 0DA5
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vt-8Y-uPQRagtl-O030ycA&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vt-8Y-uPQRagtl-O030ycA

43 B
556 B

104ms
102ms

Image
image/gif

52.46.155.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vt-8Y-uPQRagtl-O030ycA

Protocol

HTTP/1.1

Server

52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 27 Jul 2022 13:48:09 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: EQTDE4BGQWE7W7XKFVD1
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vt-8Y-uPQRagtl-O030ycA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 0DA5
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L63NWGOH-13-26UX&sigv=1&esig=2~19c3cf75b111962d14c7e43f386ff25d8dabb678&us_privacy=1---

0
194 B

83ms
21ms

Image
text/plain

2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L63NWGOH-13-26UX&sigv=1&esig=2~19c3cf75b111962d14c7e43f386ff25d8dabb678&us_privacy=1---

Protocol

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:08 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L63NWGOH-13-26UX&sigv=1&esig=2~19c3cf75b111962d14c7e43f386ff25d8dabb678&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DA5
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzTldHT0gtMTMtMjZVWA==&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzTldHT0gtMTMtMjZVWA==&us_privacy=1---&google_tc=

170 B
188 B

110ms
44ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzTldHT0gtMTMtMjZVWA==&us_privacy=1---&google_tc=

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 13:48:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 13:48:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDYzTldHT0gtMTMtMjZVWA==&us_privacy=1---&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 319
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 0DA5
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L63NWGOH-13-26UX&us_privacy=1---

0
710 B

324ms
196ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L63NWGOH-13-26UX&us_privacy=1---
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:08 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 7AE4D0D34C0E48C2BDA8459A94A0CBCD Ref B: FRAEDGE1209 Ref C: 2022-07-27T13:48:08Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXkyarOLLBs3Tx7O2G/mg==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L63NWGOH-13-26UX&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 0DA5 70 B
264 B 36ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 13:48:08 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0DA5
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjY2M2M0NWIxNDg3YzgwNWQ4N2Q4NzJlZjFiOWU4ODQwYThmYzU1Nw&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjY2M2M0NWIxNDg3YzgwNWQ4N2Q4NzJlZjFiOWU4ODQwYThmYzU1Nw&us_privacy=1---&google_tc=

170 B
188 B

106ms
43ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjY2M2M0NWIxNDg3YzgwNWQ4N2Q4NzJlZjFiOWU4ODQwYThmYzU1Nw&us_privacy=1---&google_tc=

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 27 Jul 2022 13:48:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 27 Jul 2022 13:48:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjY2M2M0NWIxNDg3YzgwNWQ4N2Q4NzJlZjFiOWU4ODQwYThmYzU1Nw&us_privacy=1---&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 354
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK t Show response
elsa.memoinsights.com/ 105 B
347 B 103ms
103ms Script
application/javascript 3.95.101.195
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://elsa.memoinsights.com/t?pid=62012a7a19351c07620394e0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F&author%5B%5D=Dan%20Goodin&title=Ongoing%20phishing%20campaign%20can%20hack%20you%20even%20when%20you%E2%80%99re%20protected%20with%20MFA&date=2022-07-12T22%3A58%3A06Z&referrer=https%3A%2F%2Finfo.sysdig.com%2F&ref_url=https%3A%2F%2Finfo.sysdig.com%2F&page_url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&cb=MEMO.API.callbacks.cbcfajpze&v=v3.0.6&t=5000&e=5000&s=0
Requested by: Host: cdn.memo.co
URL: https://cdn.memo.co/js/memo.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.95.101.195 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-95-101-195.compute-1.amazonaws.com
Software: istio-envoy /
Resource Hash: c3087d2dbece874eadae20fcc49900064a5c45def9baabd549dd450bb085f39d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 27 Jul 2022 13:48:09 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 105
x-request-id: 00d2f11f4c1b8c184b8309517257ce00
content-type: application/javascript

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00007.ts
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8949 2 MB
2 MB 19ms
19ms XHR
application/x-mpegurl 99.86.240.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00007.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-bccb1d7e3a2433560a4a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.240.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-240-70.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Date: Wed, 27 Jul 2022 02:12:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 41721
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:57:16 GMT
Server: AmazonS3
ETag: W/"dd50b9dc065aa02ee0929e08768c9217"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 60b130d1fc70d3593e6c3e738e3f4416.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: VIE50-C1
X-Amz-Cf-Id: 9QaCjKy5doJYpbH86nw48MM4Vg9JfJXuI_qcdWkZpgGn-D8puWlo1A==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pbs.getpublica.com
URL: https://pbs.getpublica.com/v1/s2s-hb?site_id=2564&format=json&app_name=CNEVIDEO&adserver=gam&slot_count=3&site_name=arstechnica&content_episode=null&content_length=2488&content_season=&content_id=5fbe751038d069741986d243&content_title=Blade%20Runner%20Game%20Director%20Louis%20Castle%3A%20Extended%20Interview&content_series=&content_language=en&content_category=technology%2Cgaming%20%26%20entertainment%2CScience%20%26%20Tech%2CPop%20Culture--Video%20Games&content_keywords=ars%20technica%20war%20stories%2Cblade%20runner%20the%20game%2Cblade%20runner%20war%20stories%2Cars%20blade%20runner%2Cblade%20runner%20louis%20castle%2Clouis%20castle%20westwood%2Cblade%20runner%20game%2Cblade%20runner%20pc%20game%2Cblade%20runner%20game%20development%2Cblade%20runner%20game%20developer%2Cblade%20runner%201997%2Cblade%20runner%20game%201997%2Clouis%20castle%20game%20director%2Clouis%20castle%20interview%2Cwar%20stories%20extended%2Cblade%20runner%20gameplay%2Cblade%20runner%20game%20review%2Cmaking%20of%20blade%20runner%20game%2Clouis%20castle%20westwood%20studios&site_page=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&cb=2903812

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.info.sysdig.com/	1970-01-20 04:48:51	Name: __cf_bm Value: IG1gAUJMo8pffcOn0y.tbeLi._xjSQcG22sH2V3CiWQ-1658929682-0-AblLV8vL8KJfBkyD4E0xn3czgNQ6aMJcNEGUxCk0PLjc7ofq+WdvavS9j7jDOItr5Tmlnvod4wBnxmnrnouzxoM=
arstechnica.com/	1970-01-20 05:32:01	Name: _pbjs_userid_consent_data Value: 3524755945110770
.arstechnica.com/	1970-01-20 06:15:13	Name: _pubcid Value: e3218a7a-bd5e-4a11-bd12-15df661ee0f9
arstechnica.com/	1970-01-20 13:34:25	Name: usprivacy Value: 1---
.arstechnica.com/	1970-01-20 04:48:50	Name: session_seen_posts Value: 0
.arstechnica.com/	1970-01-20 05:32:01	Name: seen_posts Value:
arstechnica.com/	1970-01-20 04:55:12	Name: CN_visits_m Value: 1659312000625%26vn%3D1
arstechnica.com/	1970-01-20 04:48:51	Name: CN_in_visit_m Value: true
arstechnica.com/	1970-01-20 13:34:25	Name: OneTrustWPCCPAGoogleOptOut Value: true
arstechnica.com/	1970-01-20 13:34:25	Name: __srret Value: 1
arstechnica.com/	1970-01-20 04:50:16	Name: _lr_geo_location Value: DE
.arstechnica.com/	1970-01-20 13:34:25	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Jul+27+2022+13%3A48%3A09+GMT%2B0000+(GMT)&version=6.35.0&isIABGlobal=false&hosts=&consentId=2105cbba-4fa1-4e35-8735-50fbda69f087&interactionCount=0&landingPath=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F07%2Fmicrosoft-details-phishing-campaign-that-can-hijack-mfa-protected-accounts%2F%3Fmkt_tok%3DMDY3LVFaVC04ODEAAAGF2qr5N6gicQ-MabJ_c3qbaH4r7lzdkkPBp-EaDv76wM-jE0D1_-dh_IVkGG0VRP0iJsZv1rxUBZMG5hlYp68NNh71edtD5tr3Q64IXPM4s7Nw&groups=C0001%3A1%2CC0003%3A0%2CC0004%3A0%2CC0002%3A0%2CSTACK42%3A0
.rubiconproject.com/	1970-01-20 13:34:25	Name: khaos Value: L63NWGOH-13-26UX
.rubiconproject.com/	1970-01-20 13:34:25	Name: audit Value: 1\|naVuGyos1qoWz4GD+iI41j5APvdogVCbaTd6KyMQnau0RTcz8e+19a6NxTk4XfA1Y911e+5TFTAbP22rillvZyYbB5SW5XQ3r2IsKRhWH5ema+WVcS1g3g==
arstechnica.com/	1970-01-20 13:34:25	Name: __srui Value: bd0dc101-0db2-11ed-943d-da33d7ae7df9
arstechnica.com/	1970-01-20 07:12:49	Name: cneplayercount Value: 2
arstechnica.com/	1970-01-20 07:12:49	Name: cneplayercaptions Value: showing
arstechnica.com/	1970-01-20 04:50:16	Name: _lr_sampling_rate Value: 0
.arstechnica.com/	1970-01-20 06:15:13	Name: _pubcid_last Value: Wed%2C%2027%20Jul%202022%2013%3A48%3A13%20GMT
arstechnica.com/	1970-01-20 04:48:53	Name: _lr_retry_request Value: true
arstechnica.com/	1970-01-20 05:32:01	Name: _lr_env_src_ats Value: false
.yahoo.com/	1970-01-20 13:34:47	Name: A3 Value: d=AQABBBhC4WICEAXa9vjNjOa0d5qk-PLGvUoFEgEBAQGT4mLrYgAAAAAA_eMAAA&S=AQAAArqy9RWIIjj-nW3ZBhiO98Y
.doubleclick.net/	1970-01-20 04:48:50	Name: test_cookie Value: CheckForPermission
.amazon-adsystem.com/	1970-01-22 02:13:18	Name: ad-privacy Value: 0
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 22:20:43	Name: bcookie Value: "v=2&eb8e7068-c08e-4d08-85e9-f39c0d2b479a"
.linkedin.com/	1970-01-20 22:05:30	Name: li_gc Value: MTswOzE2NTg5Mjk2ODg7MjswMjFXaFUmnZ9yGgA/AlmzDkDgjrv3mGKYR27q4Dd/Jljyjw==
.linkedin.com/	1970-01-20 04:50:16	Name: lidc Value: "b=OGST09:s=O:r=O:a=O:p=O:g=2304:u=1:x=1:i=1658929688:t=1659016088:v=2:sig=AQGYwU1OOwRHG9TSm4OKZMKdhWfTLS_U"
.amazon-adsystem.com/	1970-01-20 10:45:56	Name: ad-id Value: A1pzX2EXuElBlvdjJwJqM6A

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://info.sysdig.com/MDY3LVFaVC04ODEAAAGF2qr5Nz6pacnGqFuQULuxUegtJyx-Oonulh1GEYw-uzJzJBp8MSU0HJM57YzKHElHEOMxef4= Message: The Content-Security-Policy directive name 'form-action:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://info.sysdig.com/MDY3LVFaVC04ODEAAAGF2qr5Nz6pacnGqFuQULuxUegtJyx-Oonulh1GEYw-uzJzJBp8MSU0HJM57YzKHElHEOMxef4= Message: The Content-Security-Policy directive name 'frame-src:'none'' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1409 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self'; img-src 'self';script-src 'self' 'sha256-XjHSB9VF/e2q6exHKFPBepn6Kos0iLBNeidhaGeLSmw=';object-src 'none';form-action:'none';frame-src:'none'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
ads.yahoo.com
api.cnevids.com
api.condenast.io
api.rlcdn.com
arstechnica.com
as-sec.casalemedia.com
assoc-na.associates-amazon.com
ats.rlcdn.com
c.amazon-adsystem.com
c2shb.ssp.yahoo.com
capture.condenastdigital.com
cdn.arstechnica.net
cdn.cookielaw.org
cdn.mediavoice.com
cdn.memo.co
check.analytics.rlcdn.com
cm.g.doubleclick.net
condenastus-d.openx.net
connect.facebook.net
contextual.media.net
d2c8v52ll5s99u.cloudfront.net
dp8hsntg6do36.cloudfront.net
dwgyu36up6iuz.cloudfront.net
elsa.memoinsights.com
eus.rubiconproject.com
fastlane.rubiconproject.com
geo.privacymanager.io
geolocation.onetrust.com
htlb.casalemedia.com
id.sv.rkdms.com
imasdk.googleapis.com
info.sysdig.com
js-sec.indexww.com
match.adsrvr.org
mb.moatads.com
mcdp-nydc1.outbrain.com
odb.outbrain.com
p.skimresources.com
pagead2.googlesyndication.com
pbs.getpublica.com
pixel.rubiconproject.com
player.cnevids.com
plugin.mediavoice.com
polarcdn-terrax.com
pr-bh.ybp.yahoo.com
prebid.media.net
pubads.g.doubleclick.net
px.ads.linkedin.com
r.skimresources.com
s.amazon-adsystem.com
s.skimresources.com
s0.2mdn.net
securepubads.g.doubleclick.net
segment-data.zqtk.net
ssum-sec.casalemedia.com
t.skimresources.com
tcheck.outbrainimg.com
token.rubiconproject.com
u.openx.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.googletagmanager.com
www.googletagservices.com
z-na.associates-amazon.com
z.moatads.com
pbs.getpublica.com
104.17.72.206
104.18.19.126
108.138.2.156
108.138.4.10
108.138.7.24
108.138.7.78
13.32.121.106
13.32.99.122
142.250.185.98
142.250.186.162
151.101.192.239
151.139.128.11
18.156.195.47
18.66.16.40
18.66.97.74
199.232.18.132
205.234.175.175
23.35.229.181
23.35.237.151
23.35.237.86
23.47.209.6
2602:803:c003:200::61
2606:4700:4400::ac40:929e
2606:4700::6810:9540
2606:4700::6811:4132
2606:4700::6813:d983
2620:1ec:21::14
2a00:1288:80:807::2
2a00:1450:4001:810::2006
2a00:1450:4001:813::2002
2a00:1450:4001:828::2008
2a00:1450:4001:82f::2002
2a00:1450:400e:801::200a
2a03:2880:f01c:216:face:b00c:0:3
2a05:d018:d29:3605:38f8:ac58:6cf7:3607
3.137.38.223
3.219.23.242
3.95.101.195
34.107.148.139
34.120.133.55
34.98.64.218
35.190.59.101
35.190.91.160
35.201.67.47
44.207.143.147
52.17.229.209
52.222.250.121
52.223.40.198
52.46.155.104
52.6.23.250
52.94.222.140
54.73.179.32
64.202.112.31
69.173.144.165
72.21.195.65
92.123.38.97
92.123.9.160
99.86.240.70
005f315d6f7cf50f04161a51e17287b5040b513267560b083a3cf39d0b892ba8
0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c
030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06
0396be2ab58ec30babd0838d7e37d6407475d4361be85ee7451dbac9186add57
039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15
06b33c040105224101afcdaacd82b6dfb3ea1bf9ef3d7478cf5fa163a0ad65e0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
087ba57c91e4b5c40a047bba7b6ddb98328b34fb9f69fbf8bb135402b3d67a0a
08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e
0b5c6a8d4a856db56da956eced8af9a5eb6e0a89dc67de5ffc4c83513472a3cc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf7b1e98a88a1cff624cff6b252912d63ee6d9d20d8493f63511df44ec7cfdf
0e99828cefaa6f9693ef337e90845b5d552f41f60f7c307c58a98c188154b7cc
0fd429b95adc1755ffb3f7d831ac7e33dad31379239750f32c49c98f7019e45f
108e0116db150225eeb3f00cc94bcca615ee17973e209ae1e8800957c33d3e1f
1097abb6f0992cccc79428374463e7f23b99dae5eb85d7317b20bd57c96031bb
1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83
12e636f02bc44a5f9b63a780dc0f86e4b017de4fcd39107ed46a64f7e2537aea
159bd804f3a207ce59088ef63f186ba5b3d906d5245b7bfa882a6a6c3f6a9314
1643b5fc5337d1652870dfdbf782494397703e94220d5d47830eb629c8266617
16708dda2536b4b3782313db4a6ec8456cd84da7ae0f56d7d2455e68fc9bc4f0
16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8
173d7c7e266672df75c4e048a934c55ee24d9a9028a87fd2957e74d1bd6a8d08
18ff9f7031a6474c6567199041c377bcc5d565ce35d6261269d81beb4ed6fb75
1a212d8b4ae393bdbde7ca286b6998cc9ca52636b1f46f5ca439e92707cfb79a
1bf55bc00dbf13180884211c3d301729e67b81f3456225c1fbf97d271d636509
1c7dcc8216c6f82da2998ceeac2523632c7f9bffe510824b6d082621201f2012
1d5d1f3ca5f87c9528d02a47a700d3bcfbf4cb7a05c63f48917412de98c9baf0
1da25cf82f065474aadce40a8c7369f6df48e1847cb95c21bd9083488eff7390
1defb6bc54a7ee9c066136908360e8455c23ee9ad0dec9924e7255d7948cd4be
1f0c7b5036a2e440d38d63c71470896c0a8d057ad263c679b60db0152d3cd4d9
1f29817f97888d4bb5901bdab8f3e9edfedcdcf11839c27100870e2116480b83
1f2f9a2b7ecc05cdfa873e8fb69f63feb67d0e12994cf8beb29022ec6b9e133f
1f466b08649eef5ad16c20f6d7207bf8818cb107b6241950dbc568cdffc03d63
1f94185bf320b088eb3c40b75de95ac8516680f4036bd287131b34f9c058146a
1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378
1fa84b33882c8343eefc309129e91e3d145340c94527832734b1cad6d6a39375
20660a9ef7ec454c15b2dc62b3db084e0cc9f74c5bb6de71a96fb1a54aef00f8
20f47e28c2c7f9e854f733e0d746952c49f760ea299b5989313e108c5a3ae0b5
2162b2851f01366527b76a824d56db26b90cbcbefa318a514f9f5687b49dbd21
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5
29637e0647104ccc5d5583e652db29ce99e947c858c3d9502960e7ea7f1aea19
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2ddb980a95bf66aab57f96f42ec399f21297a2429cae569a24d6d6562ba24a5a
2e8cee856a0b21bdd96a2ee67f69f5069328896682b8c293197c374c051df06e
30809be8855fd7127208ae071c5da033f2a51446fdeb02ba322fdc3dd6e5629f
30b5f97631f684e383aa8433196eadfd30e32e14e6cc3ca5be476a4b66f58a51
3399efa4756f80b55d8c0a86353a1cecf23d28555be239cc6d8efd6dc86b328b
37d6a56bccac8e4cf741f7f2358449a5ec1bf10f1f828ff6744c127304c32447
3b0209841325362235c221628e471145726897e4e1c9b210b6e6b2217fdf2ee8
3b741c508a03df7294a47d302a7793f9cb3e6edf624dfb33ce4995790db6c705
3ccd0c282ca2b488eb7f41a6d5f97104532c397e11cde7fd7558dedff97ef36f
3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c
3f2cf5f857c617761a251ceef8f6ed452a7690e21f16eff0a70dddf9beea8633
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46a9ddb1f206a46900872e0a832750ae06925528f81883a3d3517fdb42aefb6d
47466887ca673b75f0eea095a47547991308576915e171f13878cb652a588d77
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48da39fec3c4f7ef58846e7bdb466a6632fe324a873c1c4035b6bb882699a30d
49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39
4976d521ab3918286d3cd1de1095e5ca97cf5371ec960d0c35b03b20ea1d7330
4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd
4afac1b90153682298ebc6799a113177d8a80ee7825314bf04be1db4536e0a26
4b05d7f4339a505c65d2fcb1b21addd2a13a0c155ddf7ca766d1e7203b2b6cae
4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105
4d7b91ed4a7804e22b94e4873af273def73469e80b740bd9787e287003058868
4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8
4fb846048afd0ee79141b669572402fc0a024d937c00977e124405d11cd319fe
5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b
562b053a38fb48f2605d87189ab764186a5bd3db1a776737cdbd313bafceaca9
56f8838a24cb0cc47dc34a19d6b84d6ce8bf8086b1682bbb990abc13b1e2da65
571479d52cd675db5573fe46973c62cba6d8224a76136fcefeb90f7dc42a6391
59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282
5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c
5be5b0170ad4bbd2be91182d137933e7de9c7e86b09ec855a4bac015ebfd746f
5c5dcbdd805b4603a4ac478d0e3966033767767309ac8eb2ddb6a1aea68ad2c7
5d66b4370c15f415951a8572980b216ebec4308d6de3c51f0f289f5a13e01426
5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba
5ee8c93fb98398e780a1d2654fe36bf40b6cca6bf01c187c62d01156ee2dc5d0
6005db7d329c98155b90076de0c9a68cf7316a51883ba92f78d3953ae6e1557b
617e0f9fee7ef0ca891735246b4b5a61caa3622db4a4256685b061c9f43bd053
628d7e02da9f8f5036979245b1d290b93a5ebe02120dfab845a924a08301c590
62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235
67c228ab9b3e44a43f71193bd03d9264ea0b274bfc7ecb38588a882981439d87
6c26965b3758255462804203b738f7b446de4a66ec96fa8095a0dcc52b334918
6c3bee4506798e96c574250d295accecc8c4bab4c24390259b62a2b0fb68ad78
6e1a8b1bb3e5e1e5a8bb92ea1d8131ebb0fe1b2835b3d66f4886ccd4b5dabb27
6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a
6f761aab3bf051efa97b8361efb44ec6aeab54bbdd9605bf673c401164fc9a21
7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3
73c4228fa5b38d181899fbb43d408ac2138b29bfef6260136f66d926723d84d6
7417f6c2a20566a922613e2df2fb61cb179039f9352294ea706a90b6471689fe
7475f5c70d3b6020b6f4621b2e69fba3360bea00a913e60b085af165b93842ec
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
76137f665cd725b8769ebfdb486d27e73b9d6ef08a0ba5cf14c1f9c08e4ff41a
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207
7d91c04c657709af03f6dad61d375c3208d18ab5ff7851c2472007dc05201342
7fc88c65d46e83b3f3e9f098f05fd639480332fc3718cd714725e2e4633af4e8
807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752
816b115aca154cbf0d74247d77c06067136b4836a74697a4374480ecf67e8921
82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83289b925ff981786913c6d685e87cbbf124a81c2a43e21d55d49d563fe9f498
83a366075eb2387c6d9f848f42b08df0546027333eccf5813edf95ba45709be2
85c33811c2b04e4e02babe2fd6bd7ac0035f93e95827116429bbda2cf9c6c95d
85db95dbe15c810a710ca6d9094a2a29f2eeea05791cc7aaab7af8939684b978
86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
87b2408523892f375c00a9d521c67f6eb516ecac25c479a7b15705bfab08fcd3
88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf
88fea091218e5019330acec0ff5633d1507a6f09231a53f168f23f05bbe02027
898ee33ac3ffd3d602e737052f2ea29989675075581a221f8ce0b518248a8145
8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc40a5096530714279199bd98ffbe44f3108bf9dd183ec74d85f69705d86e25
91c268055ba30ca9617dcc2eee4de29096780704959d6d14e7b56380a0124a97
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9431bc6d1a6d036a70c92dfc9000d7965f939671a59705bdd01c3e652048ed9a
9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab
9eb76b96882e952586c13834a48e3d63a653f7af91e0af167e591eb5a561582d
a24534ed328a0ae9e4f094e9224475c7e4d0cced0f58f09865d05eb7aee2967b
a2bd43c80adc73ae26472a90ec3bd9df44a5b7d2dafb133b8660efd800c719b1
a407bad2c5c1c6331c406392e74465bca0603fb1040b476e6592fe6fd4a56faf
a4d4729c8261a1a15f892bd473cda2cc31ec63c3b6e218a86ddb38ed7b757109
a6607887e6c31ca484193f052a418f2c548d27d2409c0041697ae071a2255924
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
aa3b9513abbbf65a2c8483122648fce1b39b1afa2a69bdf863242f1411baba58
b72f8b6e1195ddf2e574efdf2de473e3dd42579d828a6d66c868fc59a1f12bb6
b797b3d3b0ede0512bbec2a5fcf5275ff9d0ab143319a40141750dc397be71c0
b95939599754deb2250672a0ecba1494e7af2352a3598695df9684d77f953d73
bce483ce05e34af34c91bf765756b9bb814731a1a6dd1bb73fc3a05ec93b5dc6
be7fd4a76d16eaf0869c22ccbe53a3baa540ae5cabcc08dd9dc40f68268b883d
c093f493e07bb5abb46735a133912880470d2aece8ef9937bbefff9b93e3ddf8
c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34
c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3087d2dbece874eadae20fcc49900064a5c45def9baabd549dd450bb085f39d
c321421a6a38ffbb8e54fec88a8e7435963887275f9287ec806d63dbba0c33fa
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c60adac7eaacab9b80c8d390093da9d733b0995bfd6c97b26b23131341724613
caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a
cb52c9b5c6b4f30eb9580d4414ecd97d408ffb0579fc9792f379da7e9e43221c
cd216bc5cece19866e688ce56e5c5243f32241dfc9cd4045d393f4f111f9333e
cf3ac346996bb6026f9b290f1674b6865c20c7a7bfd878ecd5943cc372d529f1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d06c1d1f95928227b923f8e2b201da367b26a9f30cce47c39eb994bdc1120eea
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0ef936654ba84031c1ef90617069aceaab3dac1dd0912b76ebd449f9a566e55
d1f91e655a9e406fc235e03d99fd2ccc948bbd7a134a66270eba56cef9714b7b
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3
d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa
d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927
d92ba467850153723993674c83ddccc66213df5acbca7c0292e123bb5e9b262c
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de24551bd4396fc8579b2d87ce01944553dd48fb52775d14373725a50efa0c37
de5e37739b5797e8ba9dba4a2dcb65f37c36a65fe839cb306162e21c74ba166e
e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250
e336ff50623cff960c2396944be4392139f63dcc032e5f3428d81489fdfe697a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5dbc70548742ced0b9d86447bc609eb7656f8b771bc75ea076b09dae01eb774
e74b9cb9d8871d300d2a1d36ce2cd00dfbfe0c5d8066d1d415c4ce620a919d47
e8830a414dfeb4c0e0f519d3419f69849df9226f329357c938333dbf2c956f63
e914042ca01b6f894abfe2f3390c1d0fa41453e932e9dc4084653e585fdb5f48
e944e6d1b0904bc0c1298fe828ec727bc6a9b46f0b4799e197a1a2acc46fb685
ee64dee554fd4aa29ec2e8f12adfe103a57483c94836141bf532fa4d6674f9a1
efc6b995a3b037727a4c8e7fe1756c192099f9658c4091ee55c61d3ba85e3920
f3c4d9f4666b31ea4a41e1345392e0e32d318928f514199aa0467287588b595a
f89a6648d40aecbfe8675fa1e98a1e4be29368ca79d8534c8d1ab9f493bddee9
f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d
f9d9e96c4439beeca49a1a10f9dffe6f5cd0b604d13aa13af170d0bc62d8ca1b
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd9308db31181fde13aca740757dcb439baf71d731011a87da483a28faae444f
fe211d4793b0750c00caa91f8306bbe59e26e0d5d02b3bf3e0d687d5deb81a7b
fec42251b609d8b4fe4af4f0d5a4b2389feabd5f61aec3ad12e136be94e68d89

arstechnica.com Open in urlscan Pro 3.137.38.223 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

213 Requests

93 %HTTPS

24 %IPv6

39 Domains

66 Subdomains

58 IPs

7 Countries

19445 kBTransfer

29650 kBSize

29 Cookies

67 Outgoing links

Page URL History

Redirected requests

213 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

arstechnica.com Open in urlscan Pro
3.137.38.223 Public Scan

Screenshot
Live screenshot

Full Image

213
Requests

93 %
HTTPS

24 %
IPv6

39
Domains

66
Subdomains

58
IPs

7
Countries

19445 kB
Transfer

29650 kB
Size

29
Cookies

213 HTTP transactions
10 data transactions