arstechnica.com Open in urlscan Pro
18.190.84.233 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_soci...
Submission: On November 22 via api (November 22nd 2021, 9:03:39 pm UTC) from US — Scanned from DE

Summary HTTP 269 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 62 IPs in 7 countries across 43 domains to perform 269 HTTP transactions. The main IP is 18.190.84.233, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is arstechnica.com.
TLS certificate: Issued by Amazon on December 29th 2020. Valid for: a year.

This is the only time arstechnica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	18.190.84.233 18.190.84.233	16509 (AMAZON-02) (AMAZON-02)
19	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
9	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	143.204.95.188 143.204.95.188	16509 (AMAZON-02) (AMAZON-02)
7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
13	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
5	143.204.98.125 143.204.98.125	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6813:da83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6814:b844	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.154.239.62 54.154.239.62	16509 (AMAZON-02) (AMAZON-02)
2	52.201.83.88 52.201.83.88	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.64.239 151.101.64.239	54113 (FASTLY) (FASTLY)
1	35.190.59.101 35.190.59.101	15169 (GOOGLE) (GOOGLE)
3	35.201.67.47 35.201.67.47	15169 (GOOGLE) (GOOGLE)
2	35.190.91.160 35.190.91.160	15169 (GOOGLE) (GOOGLE)
1	35.179.78.10 35.179.78.10	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:4132	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.128.239 151.101.128.239	54113 (FASTLY) (FASTLY)
4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	104.85.5.185 104.85.5.185	16625 (AKAMAI-AS) (AKAMAI-AS)
10	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	143.204.97.28 143.204.97.28	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	70.42.32.63 70.42.32.63	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	34.235.15.213 34.235.15.213	14618 (AMAZON-AES) (AMAZON-AES)
2	3.228.34.240 3.228.34.240	14618 (AMAZON-AES) (AMAZON-AES)
18	34.195.247.44 34.195.247.44	14618 (AMAZON-AES) (AMAZON-AES)
2	72.21.195.65 72.21.195.65	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
5	2602:803:c004... 2602:803:c004:200::140	26667 (RUBICONPR...) (RUBICONPROJECT)
3	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
3	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
5	18.156.195.47 18.156.195.47	16509 (AMAZON-02) (AMAZON-02)
18	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
3	34.107.148.139 34.107.148.139	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
23	143.204.101.94 143.204.101.94	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
8	143.204.101.162 143.204.101.162	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
19	143.204.98.71 143.204.98.71	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1 2	143.204.98.86 143.204.98.86	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
5	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
3	104.85.4.23 104.85.4.23	16625 (AKAMAI-AS) (AKAMAI-AS)
3	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
4 4	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
6 6	37.157.2.237 37.157.2.237	198622 (ADFORM) (ADFORM)
10 14	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
3 3	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8	16509 (AMAZON-02) (AMAZON-02)
269	62

3 18.190.84.233 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-190-84-233.us-east-2.compute.amazonaws.com

arstechnica.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.arstechnica.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 143.204.98.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-125.fra50.r.cloudfront.net

player.cnevids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:da83 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.mediavoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
plugin.mediavoice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

s.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.239.62 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-239-62.eu-west-1.compute.amazonaws.com

segment-data.zqtk.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.201.83.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-83-88.compute-1.amazonaws.com

api.cnevids.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.239 (United States)

ASN54113 (FASTLY, US)

pixel.condenastdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com

r.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com

t.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com

p.skimresources.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.179.78.10 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-179-78-10.eu-west-2.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4132 (United States)

ASN13335 (CLOUDFLARENET, US)

polarcdn-terrax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.128.239 (United States)

ASN54113 (FASTLY, US)

api.condenast.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.85.5.185 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-5-185.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.97.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-97-28.fra50.r.cloudfront.net

z-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.63 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.15.213 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-15-213.compute-1.amazonaws.com

infinityid.condenastdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.228.34.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-34-240.compute-1.amazonaws.com

4d.condenastdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 34.195.247.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-247-44.compute-1.amazonaws.com

capture.condenastdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.21.195.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

assoc-na.associates-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com

c2shb.ssp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

condenastus-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 143.204.101.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-94.fra50.r.cloudfront.net

dwgyu36up6iuz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 143.204.101.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-162.fra50.r.cloudfront.net

d2c8v52ll5s99u.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 143.204.98.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-71.fra50.r.cloudfront.net

dp8hsntg6do36.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.98.86 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.85.4.23 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-85-4-23.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.134.248 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 3 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.157.2.237 (Denmark) 6 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.184.226 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.139 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	cloudfront.net dwgyu36up6iuz.cloudfront.net d2c8v52ll5s99u.cloudfront.net dp8hsntg6do36.cloudfront.net	16 MB
23	condenastdigital.com pixel.condenastdigital.com infinityid.condenastdigital.com 4d.condenastdigital.com capture.condenastdigital.com	19 KB
19	doubleclick.net 10 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net pubads.g.doubleclick.net cm.g.doubleclick.net	123 KB
19	arstechnica.net cdn.arstechnica.net	994 KB
18	openx.net condenastus-d.openx.net eu-u.openx.net us-u.openx.net	4 KB
14	rubiconproject.com 3 redirects fastlane.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	19 KB
14	moatads.com z.moatads.com mb.moatads.com px.moatads.com	289 KB
10	google-analytics.com www.google-analytics.com	22 KB
9	cookielaw.org cdn.cookielaw.org	189 KB
7	yahoo.com 1 redirects c2shb.ssp.yahoo.com ads.yahoo.com pr-bh.ybp.yahoo.com	2 KB
7	skimresources.com s.skimresources.com r.skimresources.com t.skimresources.com p.skimresources.com	15 KB
7	cnevids.com player.cnevids.com api.cnevids.com	90 KB
6	adform.net 6 redirects c1.adform.net	3 KB
6	media.net prebid.media.net contextual.media.net	27 KB
6	adnxs.com ib.adnxs.com acdn.adnxs.com	55 KB
6	casalemedia.com htlb.casalemedia.com ssum-sec.casalemedia.com	8 KB
6	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-nydc1.outbrain.com	85 KB
5	adsrvr.org match.adsrvr.org	1 KB
5	googleapis.com imasdk.googleapis.com	653 KB
4	mathtag.com 4 redirects sync.mathtag.com	3 KB
4	googlesyndication.com pagead2.googlesyndication.com	26 KB
4	facebook.net connect.facebook.net	226 KB
4	indexww.com js-sec.indexww.com	19 KB
4	amazon-adsystem.com c.amazon-adsystem.com	40 KB
3	quantserve.com 3 redirects pixel.quantserve.com	1 KB
3	associates-amazon.com z-na.associates-amazon.com assoc-na.associates-amazon.com	4 KB
3	arstechnica.com arstechnica.com	17 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	657 B
2	rlcdn.com api.rlcdn.com id.rlcdn.com	327 B
2	facebook.com www.facebook.com	386 B
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com	1 KB
2	2mdn.net s0.2mdn.net	33 KB
2	google.de ampcid.google.de www.google.de	961 B
2	google.com ampcid.google.com www.google.com	1 KB
2	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	789 B
2	onetrust.com geolocation.onetrust.com	603 B
2	mediavoice.com cdn.mediavoice.com plugin.mediavoice.com	137 KB
1	condenast.io api.condenast.io	6 KB
1	polarcdn-terrax.com polarcdn-terrax.com	502 B
1	zqtk.net segment-data.zqtk.net	572 B
1	googletagmanager.com www.googletagmanager.com	120 KB
1	googletagservices.com www.googletagservices.com	27 KB
0	getpublica.com Failed pbs.getpublica.com Failed
269	43

	Domain	Requested by
23	dwgyu36up6iuz.cloudfront.net	arstechnica.com d2c8v52ll5s99u.cloudfront.net
19	dp8hsntg6do36.cloudfront.net	d2c8v52ll5s99u.cloudfront.net
19	cdn.arstechnica.net	arstechnica.com cdn.arstechnica.net
18	capture.condenastdigital.com	arstechnica.com
14	cm.g.doubleclick.net	10 redirects eu-u.openx.net
10	px.moatads.com
10	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com arstechnica.com
9	eu-u.openx.net	cdn.arstechnica.net eu-u.openx.net
9	cdn.cookielaw.org	arstechnica.com cdn.cookielaw.org
8	d2c8v52ll5s99u.cloudfront.net	player.cnevids.com d2c8v52ll5s99u.cloudfront.net
6	c1.adform.net	6 redirects
6	us-u.openx.net	eu-u.openx.net
5	match.adsrvr.org	cdn.arstechnica.net eu-u.openx.net
5	imasdk.googleapis.com	player.cnevids.com imasdk.googleapis.com
5	c2shb.ssp.yahoo.com	cdn.arstechnica.net
5	fastlane.rubiconproject.com	cdn.arstechnica.net
5	player.cnevids.com	arstechnica.com player.cnevids.com cdn.arstechnica.net
4	pixel.rubiconproject.com
4	sync.mathtag.com	4 redirects
4	pagead2.googlesyndication.com	srcdoc imasdk.googleapis.com
4	connect.facebook.net	d2c8v52ll5s99u.cloudfront.net connect.facebook.net
4	js-sec.indexww.com	arstechnica.com cdn.arstechnica.net
4	c.amazon-adsystem.com	arstechnica.com c.amazon-adsystem.com
3	token.rubiconproject.com	3 redirects
3	pixel.quantserve.com	3 redirects
3	ssum-sec.casalemedia.com	js-sec.indexww.com
3	acdn.adnxs.com	cdn.arstechnica.net
3	contextual.media.net	cdn.arstechnica.net
3	prebid.media.net	cdn.arstechnica.net
3	condenastus-d.openx.net	cdn.arstechnica.net
3	ib.adnxs.com	cdn.arstechnica.net
3	htlb.casalemedia.com	cdn.arstechnica.net
3	t.skimresources.com	arstechnica.com s.skimresources.com
3	widgets.outbrain.com	arstechnica.com
3	z.moatads.com	arstechnica.com d2c8v52ll5s99u.cloudfront.net
3	arstechnica.com	cdn.arstechnica.net pixel.condenastdigital.com
2	sync-tm.everesttech.net	2 redirects
2	eus.rubiconproject.com	cdn.arstechnica.net eus.rubiconproject.com
2	www.facebook.com
2	sb.scorecardresearch.com	1 redirects
2	pubads.g.doubleclick.net	d2c8v52ll5s99u.cloudfront.net
2	s0.2mdn.net	imasdk.googleapis.com
2	assoc-na.associates-amazon.com	z-na.associates-amazon.com
2	4d.condenastdigital.com	pixel.condenastdigital.com
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	p.skimresources.com	arstechnica.com
2	pixel.condenastdigital.com	arstechnica.com
2	api.cnevids.com	cdn.arstechnica.net
2	geolocation.onetrust.com	cdn.cookielaw.org
1	pr-bh.ybp.yahoo.com	1 redirects
1	id.rlcdn.com
1	ads.yahoo.com
1	api.rlcdn.com	cdn.arstechnica.net
1	mcdp-nydc1.outbrain.com	widgets.outbrain.com
1	odb.outbrain.com	widgets.outbrain.com
1	www.google.de	arstechnica.com
1	www.google.com	arstechnica.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	infinityid.condenastdigital.com	pixel.condenastdigital.com
1	ampcid.google.de	www.google-analytics.com
1	log.outbrainimg.com	widgets.outbrain.com
1	ampcid.google.com	www.google-analytics.com
1	z-na.associates-amazon.com	www.googletagmanager.com
1	widget-pixels.outbrain.com	arstechnica.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	api.condenast.io	player.cnevids.com
1	polarcdn-terrax.com	cdn.mediavoice.com
1	plugin.mediavoice.com	cdn.mediavoice.com
1	mb.moatads.com	z.moatads.com
1	r.skimresources.com	s.skimresources.com
1	segment-data.zqtk.net	cdn.arstechnica.net
1	www.googletagmanager.com	arstechnica.com
1	s.skimresources.com	arstechnica.com
1	cdn.mediavoice.com	arstechnica.com
1	www.googletagservices.com	arstechnica.com
0	pbs.getpublica.com Failed	player.cnevids.com
269	76

This site contains links to these domains. Also see Links.

Domain
video.arstechnica.com
cdn.arstechnica.net
www.facebook.com
twitter.com
www.reddit.com
us-cert.cisa.gov
www.fortinet.com
www.microsoft.com
www.arstechnica.com
www.twitter.com
www.wired.com
guard.io
track.loadingnowsecure.com
www.indiegogo.com
naploungewear.com
ctotrk.com
trueedition.com
www.outbrain.com
condenast.com
www.condenast.com

Subject Issuer	Validity	Valid
*.arstechnica.com Amazon	`2020-12-29` - `2022-01-27`	a year	crt.sh
*.cachefly.net GlobalSign RSA OV SSL CA 2018	`2021-10-18` - `2022-11-19`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.cnevids.com Amazon	`2021-09-18` - `2022-10-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-16` - `2022-07-15`	a year	crt.sh
*.skimresources.com DigiCert SHA2 Secure Server CA	`2021-09-27` - `2022-10-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.zqtk.net Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
cnevideos.com Amazon	`2020-12-30` - `2022-01-28`	a year	crt.sh
*.admagazine.fr GlobalSign Atlas R3 DV TLS CA 2020	`2021-07-22` - `2022-08-23`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-25` - `2022-06-25`	a year	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
z-na.associates-amazon.com Amazon	`2021-05-21` - `2022-06-19`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
conde.io Amazon	`2021-06-30` - `2022-07-29`	a year	crt.sh
assoc-na.associates-amazon.com Amazon	`2021-10-25` - `2022-09-30`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-14` - `2022-04-06`	6 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.media.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-12` - `2022-05-05`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-09-01` - `2021-11-30`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
cdn.adnxs.com GlobalSign Organization Validated CA - SHA256 - G4	`2021-05-10` - `2022-06-11`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Frame ID: FFEC7576B6DC72A2E2040AB5594A3BC7
Requests: 161 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.004135641055395434
Frame ID: 4621BBF469988F076CA8D70E1EDE376A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 8FFA236DF444A7990E80AC9C015E9DD7
Requests: 42 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 7DA872195B82C326A833F3D668B07EEE
Requests: 26 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: AC013F2640032D0368DADD29BCCAB81E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D2E7184E8BDECBDAA7AC0923809F4DC7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html
Frame ID: C0885A3597A8AFB8E194F28054B4EDE7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3A8C60A6636866AF976BB25C03342501
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 7B3ABBC6266DD6F1406438EB8A2980B3
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 289AD38BF01F2B548D871CEACF1411A7
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Frame ID: 6A3E6879686EA6542AAE762CDB2F7BCE
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Frame ID: 24CFF2549C0E8B8AA3BA5290D342354E
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C171%2C2030%2C273%2C251%2C175%2C132%2C178%2C3018%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C3015%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C3011%2C3010%2C182%2C261%2C184%2C141%2C188%2C222%2C3007%2C201%2C4%2C246%2C225%2C203%2C126%2C226%2C326%2C80%2C10000%2C9%2C229%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Frame ID: C28C25A07C17CB1E2EFBBFA010590261
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C80AD74D3A1CD58F6D4B192378C94B77
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: DF2A7226420750EACB1D4185CAB5B0D1
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C171%2C2030%2C273%2C251%2C175%2C132%2C178%2C3018%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C3015%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C3011%2C3010%2C182%2C261%2C184%2C141%2C188%2C222%2C3007%2C201%2C4%2C246%2C225%2C203%2C126%2C226%2C326%2C80%2C10000%2C9%2C229%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Frame ID: AD616952F9B9D9885018FEB8FD44F36E
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Frame ID: B991CDA5CDF724EE48C06B68BED9F037
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C171%2C2030%2C273%2C251%2C175%2C132%2C178%2C3018%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C3015%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C3011%2C3010%2C182%2C261%2C184%2C141%2C188%2C222%2C3007%2C201%2C4%2C246%2C225%2C203%2C126%2C226%2C326%2C80%2C10000%2C9%2C229%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Frame ID: 81769F049B44517F996256AB7067C1A0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 61CC509F0186276AC6A45F5F6D8CCF42
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 26F8A85468C902FAE84EF8D294AFB660
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 5E62894F5237F06C22203BE4971B6C34
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPQGDh2PQGDh2AcABBENB2CgAAAAAAAAAChQAAAAAAJBAGgAAoAHAAeABcAD4ALQAfABGACSAFsAMQAfwBIgCuAGaANQAbQA4gByADnAHUAP8AgYBBwCRAE_AKGAYQA6oCHwEXgI9ASEAlYBNoCwgF0ALqAXaAvIBiADFgGQgMjAZQA0IBowDSgGpgNoAbcA3QBwQSCmAAgABcAFAAVAAyABwADwAIAAYAAygBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCACGgEQARIAjoBLAEuAJoAUoAtwBhgDIAGWANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBigDWAG0ANwAbwA9AB8gENgIdASIAmIBMoCbAE7AKHAUiApoBYoC0AFsALkAXeAvMBgQDBgGEgMNAYeAyIBkgDJwGXAM5AZ8A0gBp0DWANZDAFwAFgAXACMAEmAKgAqgBbADEAG8AUgA0oBqAGqAOIAloBsgDqAIvASEAocBYgDFgGRgNCAboGgRABWAC4AIYAZAAywBsgDsAH4AQAAgoBGAClgFPAKvAWgBaQDWAG8AOqAfIBDoCKgEiAJsATsApEBcgDAgGEgMPAYwAycBnIDPAGfCAC4ACwALgA1ACMAEkAKoAWwAxABvAFIAK6AagBqgDiAJEAS0A3ABvAEXgJCAUOAxYBoQDdBEBsAKwAhgBkADLAGyAOwAfgBAACMAFLAKeAVcA1gB1QD5AIdASIAmwBOwCkQFyAMCAYSAw8Bk4DOQGfCoDgAFAAhgBMAC4AI4AZYA7AB-AEYAI4AUsAq8BaAFpAN4AkEBMQCbAFNgLYAXIAvMBgQDDwGRAM5AZ4Az4BuQoAgAGIATIApIBqAGqANoAcQA5AB4AEFAJaAdUBHoCxAGaANCAa8MgMAAUACGAEwARwAywB2QD7APwAjABHAClgFXAK2AbwBMQCbAFogLYAXmAwIBh4DIgGcgM8AZ8MAIgA1ADEAJkAUkA1ADVAG0AOIAcgA8ACWgFiAOqAj0BJwCxAF5ANCHAXgABAAIgAcAB4AFwAPgAtAByAD8AIIARgAtgBdADIAGgAP4AhABIgCdAFIALMAZYAzQBpQDUANUAbQA4gByADnAHUAOwAdwBAACBgEFgIOAhABEQCRAEtAJtAT4BPwClgFQALaAXqAwADAgGEAMyAawA14BvADjgHSAOqAeQA-QCEIEPgRAAj0BIUCVgJXATEAmUBNoChQFIAKTAUwAqYBVQCtgFcgK7AWUAtIBagC4oF0AXUAvYBfQDAgGIAMWAZCAygBl4DQoGigaMA0oBpoDUwGvANoAbYA24dBiAAXABQAFQAMgAcABAAC6AGAAZQA0ADUAHgAPoAhgCIAEwAJ8AVQBWACwAFwAL4AYgAzABvADmAHoAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA2QBvgDvAHtAPsA_QB_wEWARgAjkBKQEqAKCAU8Aq4BYoC0ALSAXMAuoBeQDFAG0ANxAdMB1AD0AIbAQ6AiIBFQCLwEggJEASoAmwBOwChwFNAKsAWKAtCBbAFsgLgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFIALcAZcA1ADVAG0AOIAcgA5wB2ADwAIKAT4ApYBYgDAAGEAMyAbwA6oB2wEPgI9ASEAk4BK4CYgE2gKFAUgApMBWwC6AF5AL2AYEAzQBoQDRQGlANTAbYA24hA4AAWABQADIALgAYgBDACYAFUALgAXwAxABmADeAHoARwAsQBhADfAHfAPsA_AB_gEYAI4ASkAoIBQwCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAJsAU0AsUBaMC2ALaAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAkAAEAA4AC4AIQAcgBUADIAG8AQgAkQBSAC5AF8AMsAagA2gB3AEAAISAS0AnwBUADXgG8AOqAfYBKwCbQFJgLKAWkAvYBiIDFgGlANyJQOAAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhoBEAESAI4AUYApQBbgDCAGqANkAd4A_ACMAEcAJOAU8Aq8BaAFpALqAYoA3AB1AD5AIdARUAi8BIgCbAFigLYAXaAvMBh4DIgGTgMsAZyAzwBnwDSAGsAOAKASQABAAXAA-ACEAFoAOQAfgBGACoAFYAMgAbQA3gByAEIAI4ASIAmQBOgCkAFyAMsAagA1wBtADiAHOAOoAdwA8ACAAEHAISARUAkQBJwCWgE2gJ8An4BSwCxAF1AMAAYQAxQBrwDeAHVAO2AeQA-QB_wEegJiATKAm0BSACmAFTAK2AV2AtABdAC8gF9AMCAYsA0QBpQDTYGpAamA14BwRSCKAAuACgAKgAZAA4ACCAGAAZQA0ADUAHkAQwBEACYAE8AKQAVQAsABfADEAGYAOYAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CxQFsALgAXIAu0BeYDDQGHgMYAZEAyQBk4DLgGcgM8AZ9A0gDSYGsAayA2MAAA.YAAAAAAAAAAA&d=https://arstechnica.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 885CB9303D09478A77303216E111E0BC
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPQGDh2PQGDh2AcABBENB2CgAAAAAAAAAChQAAAAAAJBAGgAAoAHAAeABcAD4ALQAfABGACSAFsAMQAfwBIgCuAGaANQAbQA4gByADnAHUAP8AgYBBwCRAE_AKGAYQA6oCHwEXgI9ASEAlYBNoCwgF0ALqAXaAvIBiADFgGQgMjAZQA0IBowDSgGpgNoAbcA3QBwQSCmAAgABcAFAAVAAyABwADwAIAAYAAygBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCACGgEQARIAjoBLAEuAJoAUoAtwBhgDIAGWANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBigDWAG0ANwAbwA9AB8gENgIdASIAmIBMoCbAE7AKHAUiApoBYoC0AFsALkAXeAvMBgQDBgGEgMNAYeAyIBkgDJwGXAM5AZ8A0gBp0DWANZDAFwAFgAXACMAEmAKgAqgBbADEAG8AUgA0oBqAGqAOIAloBsgDqAIvASEAocBYgDFgGRgNCAboGgRABWAC4AIYAZAAywBsgDsAH4AQAAgoBGAClgFPAKvAWgBaQDWAG8AOqAfIBDoCKgEiAJsATsApEBcgDAgGEgMPAYwAycBnIDPAGfCAC4ACwALgA1ACMAEkAKoAWwAxABvAFIAK6AagBqgDiAJEAS0A3ABvAEXgJCAUOAxYBoQDdBEBsAKwAhgBkADLAGyAOwAfgBAACMAFLAKeAVcA1gB1QD5AIdASIAmwBOwCkQFyAMCAYSAw8Bk4DOQGfCoDgAFAAhgBMAC4AI4AZYA7AB-AEYAI4AUsAq8BaAFpAN4AkEBMQCbAFNgLYAXIAvMBgQDDwGRAM5AZ4Az4BuQoAgAGIATIApIBqAGqANoAcQA5AB4AEFAJaAdUBHoCxAGaANCAa8MgMAAUACGAEwARwAywB2QD7APwAjABHAClgFXAK2AbwBMQCbAFogLYAXmAwIBh4DIgGcgM8AZ8MAIgA1ADEAJkAUkA1ADVAG0AOIAcgA8ACWgFiAOqAj0BJwCxAF5ANCHAXgABAAIgAcAB4AFwAPgAtAByAD8AIIARgAtgBdADIAGgAP4AhABIgCdAFIALMAZYAzQBpQDUANUAbQA4gByADnAHUAOwAdwBAACBgEFgIOAhABEQCRAEtAJtAT4BPwClgFQALaAXqAwADAgGEAMyAawA14BvADjgHSAOqAeQA-QCEIEPgRAAj0BIUCVgJXATEAmUBNoChQFIAKTAUwAqYBVQCtgFcgK7AWUAtIBagC4oF0AXUAvYBfQDAgGIAMWAZCAygBl4DQoGigaMA0oBpoDUwGvANoAbYA24dBiAAXABQAFQAMgAcABAAC6AGAAZQA0ADUAHgAPoAhgCIAEwAJ8AVQBWACwAFwAL4AYgAzABvADmAHoAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA2QBvgDvAHtAPsA_QB_wEWARgAjkBKQEqAKCAU8Aq4BYoC0ALSAXMAuoBeQDFAG0ANxAdMB1AD0AIbAQ6AiIBFQCLwEggJEASoAmwBOwChwFNAKsAWKAtCBbAFsgLgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFIALcAZcA1ADVAG0AOIAcgA5wB2ADwAIKAT4ApYBYgDAAGEAMyAbwA6oB2wEPgI9ASEAk4BK4CYgE2gKFAUgApMBWwC6AF5AL2AYEAzQBoQDRQGlANTAbYA24hA4AAWABQADIALgAYgBDACYAFUALgAXwAxABmADeAHoARwAsQBhADfAHfAPsA_AB_gEYAI4ASkAoIBQwCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAJsAU0AsUBaMC2ALaAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAkAAEAA4AC4AIQAcgBUADIAG8AQgAkQBSAC5AF8AMsAagA2gB3AEAAISAS0AnwBUADXgG8AOqAfYBKwCbQFJgLKAWkAvYBiIDFgGlANyJQOAAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhoBEAESAI4AUYApQBbgDCAGqANkAd4A_ACMAEcAJOAU8Aq8BaAFpALqAYoA3AB1AD5AIdARUAi8BIgCbAFigLYAXaAvMBh4DIgGTgMsAZyAzwBnwDSAGsAOAKASQABAAXAA-ACEAFoAOQAfgBGACoAFYAMgAbQA3gByAEIAI4ASIAmQBOgCkAFyAMsAagA1wBtADiAHOAOoAdwA8ACAAEHAISARUAkQBJwCWgE2gJ8An4BSwCxAF1AMAAYQAxQBrwDeAHVAO2AeQA-QB_wEegJiATKAm0BSACmAFTAK2AV2AtABdAC8gF9AMCAYsA0QBpQDTYGpAamA14BwRSCKAAuACgAKgAZAA4ACCAGAAZQA0ADUAHkAQwBEACYAE8AKQAVQAsABfADEAGYAOYAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CxQFsALgAXIAu0BeYDDQGHgMYAZEAyQBk4DLgGcgM8AZ9A0gDSYGsAayA2MAAA.YAAAAAAAAAAA&d=https://arstechnica.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 9147098D126FB545D5318E34BC682C43
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPQGDh2PQGDh2AcABBENB2CgAAAAAAAAAChQAAAAAAJBAGgAAoAHAAeABcAD4ALQAfABGACSAFsAMQAfwBIgCuAGaANQAbQA4gByADnAHUAP8AgYBBwCRAE_AKGAYQA6oCHwEXgI9ASEAlYBNoCwgF0ALqAXaAvIBiADFgGQgMjAZQA0IBowDSgGpgNoAbcA3QBwQSCmAAgABcAFAAVAAyABwADwAIAAYAAygBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCACGgEQARIAjoBLAEuAJoAUoAtwBhgDIAGWANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBigDWAG0ANwAbwA9AB8gENgIdASIAmIBMoCbAE7AKHAUiApoBYoC0AFsALkAXeAvMBgQDBgGEgMNAYeAyIBkgDJwGXAM5AZ8A0gBp0DWANZDAFwAFgAXACMAEmAKgAqgBbADEAG8AUgA0oBqAGqAOIAloBsgDqAIvASEAocBYgDFgGRgNCAboGgRABWAC4AIYAZAAywBsgDsAH4AQAAgoBGAClgFPAKvAWgBaQDWAG8AOqAfIBDoCKgEiAJsATsApEBcgDAgGEgMPAYwAycBnIDPAGfCAC4ACwALgA1ACMAEkAKoAWwAxABvAFIAK6AagBqgDiAJEAS0A3ABvAEXgJCAUOAxYBoQDdBEBsAKwAhgBkADLAGyAOwAfgBAACMAFLAKeAVcA1gB1QD5AIdASIAmwBOwCkQFyAMCAYSAw8Bk4DOQGfCoDgAFAAhgBMAC4AI4AZYA7AB-AEYAI4AUsAq8BaAFpAN4AkEBMQCbAFNgLYAXIAvMBgQDDwGRAM5AZ4Az4BuQoAgAGIATIApIBqAGqANoAcQA5AB4AEFAJaAdUBHoCxAGaANCAa8MgMAAUACGAEwARwAywB2QD7APwAjABHAClgFXAK2AbwBMQCbAFogLYAXmAwIBh4DIgGcgM8AZ8MAIgA1ADEAJkAUkA1ADVAG0AOIAcgA8ACWgFiAOqAj0BJwCxAF5ANCHAXgABAAIgAcAB4AFwAPgAtAByAD8AIIARgAtgBdADIAGgAP4AhABIgCdAFIALMAZYAzQBpQDUANUAbQA4gByADnAHUAOwAdwBAACBgEFgIOAhABEQCRAEtAJtAT4BPwClgFQALaAXqAwADAgGEAMyAawA14BvADjgHSAOqAeQA-QCEIEPgRAAj0BIUCVgJXATEAmUBNoChQFIAKTAUwAqYBVQCtgFcgK7AWUAtIBagC4oF0AXUAvYBfQDAgGIAMWAZCAygBl4DQoGigaMA0oBpoDUwGvANoAbYA24dBiAAXABQAFQAMgAcABAAC6AGAAZQA0ADUAHgAPoAhgCIAEwAJ8AVQBWACwAFwAL4AYgAzABvADmAHoAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA2QBvgDvAHtAPsA_QB_wEWARgAjkBKQEqAKCAU8Aq4BYoC0ALSAXMAuoBeQDFAG0ANxAdMB1AD0AIbAQ6AiIBFQCLwEggJEASoAmwBOwChwFNAKsAWKAtCBbAFsgLgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFIALcAZcA1ADVAG0AOIAcgA5wB2ADwAIKAT4ApYBYgDAAGEAMyAbwA6oB2wEPgI9ASEAk4BK4CYgE2gKFAUgApMBWwC6AF5AL2AYEAzQBoQDRQGlANTAbYA24hA4AAWABQADIALgAYgBDACYAFUALgAXwAxABmADeAHoARwAsQBhADfAHfAPsA_AB_gEYAI4ASkAoIBQwCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAJsAU0AsUBaMC2ALaAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAkAAEAA4AC4AIQAcgBUADIAG8AQgAkQBSAC5AF8AMsAagA2gB3AEAAISAS0AnwBUADXgG8AOqAfYBKwCbQFJgLKAWkAvYBiIDFgGlANyJQOAAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhoBEAESAI4AUYApQBbgDCAGqANkAd4A_ACMAEcAJOAU8Aq8BaAFpALqAYoA3AB1AD5AIdARUAi8BIgCbAFigLYAXaAvMBh4DIgGTgMsAZyAzwBnwDSAGsAOAKASQABAAXAA-ACEAFoAOQAfgBGACoAFYAMgAbQA3gByAEIAI4ASIAmQBOgCkAFyAMsAagA1wBtADiAHOAOoAdwA8ACAAEHAISARUAkQBJwCWgE2gJ8An4BSwCxAF1AMAAYQAxQBrwDeAHVAO2AeQA-QB_wEegJiATKAm0BSACmAFTAK2AV2AtABdAC8gF9AMCAYsA0QBpQDTYGpAamA14BwRSCKAAuACgAKgAZAA4ACCAGAAZQA0ADUAHkAQwBEACYAE8AKQAVQAsABfADEAGYAOYAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CxQFsALgAXIAu0BeYDDQGHgMYAZEAyQBk4DLgGcgM8AZ9A0gDSYGsAayA2MAAA.YAAAAAAAAAAA&d=https://arstechnica.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 795D0AFB1CB754B8B31D5F5B9ABC38C9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hackers backed by Iran are targeting US critical infrastructure, US warns | Ars Technica

Page Statistics

269
Requests

89 %
HTTPS

31 %
IPv6

43
Domains

76
Subdomains

62
IPs

7
Countries

19571 kB
Transfer

27667 kB
Size

42
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: http://video.arstechnica.com/
Title: Videos

Search URL Search Domain Scan URL

URL: https://cdn.arstechnica.net/wp-content/uploads/2021/11/iran-digital.jpeg
Title: Enlarge

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?u=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D1813895
Title: Share on Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/share?text=Hackers+backed+by+Iran+are+targeting+US+critical+infrastructure%2C+US+warns&url=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D1813895
Title: Share on Twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3A%2F%2Farstechnica.com%2F%3Fpost_type%3Dpost%26p%3D1813895&title=Hackers+backed+by+Iran+are+targeting+US+critical+infrastructure%2C+US+warns
Title: Share on Reddit

Search URL Search Domain Scan URL

URL: https://us-cert.cisa.gov/ncas/alerts/aa21-321a
Title: joint advisory

Search URL Search Domain Scan URL

URL: https://www.fortinet.com/fortios
Title: FortiOS

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/security/blog/2021/11/16/evolving-trends-in-iranian-threat-actor-activity-mstic-presentation-at-cyberwarcon-2021/
Title: reported

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/blade-runner-game-director-louis-castle-extended-interview
Title: Blade Runner Game Director Louis Castle: Extended Interview

Search URL Search Domain Scan URL

URL: https://www.twitter.com/dangoodin001
Title: @dangoodin001

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/sitrep-f-16-replacement-search-a-signal-of-f-35-fail
Title: SITREP: F-16 replacement search a signal of F-35 fail?

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/sitrep-boeing-707
Title: Sitrep: Boeing 707

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/personal-history-steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube
Title: Steve Burke of GamersNexus Reacts To Their Top 1000 Comments On YouTube

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/scott-manley-reacts-to-his-top-1000-youtube-comments
Title: Scott Manley Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/lgrs-clint-basinger-reacts-to-his-top-1000-youtube-comments
Title: LGR's Clint Basinger Reacts To His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/war-stories-how-forza-uses-neural-networks-to-evolve-its-racing-ai
Title: How Forza's Racing AI Uses Neural Networks To Evolve

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/the-f-35-s-next-tech-upgrade
Title: The F-35's next tech upgrade

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit
Title: Fighter Pilot Breaks Down Every Button in an F-15 Cockpit

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/linus-tech-tips-reacts-to-his-top-1000-youtube-comments
Title: Linus "Tech Tips" Sebastian Reacts to His Top 1000 YouTube Comments

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/customizing-mini-4wd-racers-for-high-speeds-on-a-small-scale
Title: Customizing Mini 4WD Racers For High Speeds On A Small Scale

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/megabots-born-to-smash-anything-in-their-path
Title: MegaBots: Born to Smash Anything in Their Path

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/first-look-xbox-adaptive-controller
Title: First Look: Xbox Adaptive Controller

Search URL Search Domain Scan URL

URL: https://www.wired.com/video/watch/5-levels-4
Title: Quantum Computing Expert Explains One Concept in 5 Levels of Difficulty

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/kids-versus-80s-tech-game-boy-vectrex-and-a-stereo-system
Title: Kids versus 80s tech: Game Boy, Vectrex and a stereo system

Search URL Search Domain Scan URL

URL: https://www.wired.com/video/watch/expert-explains-one-concept-in-5-levels-of-difficulty-blockchain
Title: Expert Explains One Concept in 5 Levels of Difficulty - Blockchain

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/best-wearable-tech-of-2017
Title: Best wearable tech of 2017

Search URL Search Domain Scan URL

URL: https://www.arstechnica.com/video/watch/gear-gadgets-the-moov-hr-sweat-heart-rate-monitor-in-a-headband
Title: The Moov HR Sweat - heart rate monitor in a headband | Ars Technica

Search URL Search Domain Scan URL

URL: https://video.arstechnica.com/
Title: More videos

Search URL Search Domain Scan URL

URL: https://guard.io/lp?n=popup&utm_source=outbrain&utm_campaign=de_broad_platforms&utm_term=$publisher_name$_$section_name$&utm_content=00e55d9981935d20bcdedb7665c180cf30&obclid=$ob_click_id$&obOrigUrl=true
Title: Chrome Users? Get Rid of Popups Instantly guard.io

Search URL Search Domain Scan URL

URL: https://track.loadingnowsecure.com/4d2c9d3c-22c4-49a0-8a41-ddc7f0a5dc32?campaign_id=002ab160427f67fb232425bdff6d60f2ef&publisher_id=$publisher_id$&publisher_name=$publisher_name$&ad_id=00f7e9a8c172a282d50950392c730827e0&ad_title=Dieser+seltsame+Methode+%22saugt%22+Toxine+%26+Schmerzen+aus+dem+K%C3%B6rper&section_id=$section_id$&section_name=$section_name$&req_id=$req_id$&promoted_link_id=00f7e9a8c172a282d50950392c730827e0&time_stamp=$time_stamp$&ob_click_id=$ob_click_id$&obOrigUrl=true
Title: Dieser seltsame Methode "saugt" Toxine & Schmerzen aus dem Körper Nuubu Detox Patches

Search URL Search Domain Scan URL

URL: https://www.indiegogo.com/projects/urtopia-carbon-electric-bike-new-urban-utopia--2/coming_soon/x/27522529?utm_source=outbrain&utm_medium=outbraindenese&obOrigUrl=true
Title: New Generation of Intelligent High-tech E-bike Urtopia Smart E-bike

Search URL Search Domain Scan URL

URL: https://naploungewear.com/product-category/all-products/page/5/?obOrigUrl=true
Title: Finden Sie bequeme Pyjamahosen zum Schlafen und Faulenzen Naploungewear® Official

Search URL Search Domain Scan URL

URL: https://ctotrk.com/00586fae-4fa7-4bc6-ba70-7f2b71af9976?oci=$ob_click_id$&ad=00214c779bc970339518b655ed7022c84f&ad_title=Here+Are+The+29+Coolest+Gifts+For+2021&publisher_id=$publisher_id$&publisher_name=$publisher_name$&section_id=$section_id$&section_name=$section_name$&pub=$source_id$&obOrigUrl=true
Title: Here Are The 29 Coolest Gifts For 2021 Trending Gadgets

Search URL Search Domain Scan URL

URL: https://trueedition.com/trending/martin-schneider-ob?utm_source=outbrain&utm_campaign=0030a8aea5d98db49cd8808bb5583a3d94&utm_medium=$section_name$__$section_id$&utm_term=%5BBilder%5D+Er+war+eine+Ikone%2C+heute+sieht+Martin+Schneider+so+aus&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Bilder] Er war eine Ikone, heute sieht Martin Schneider so aus True Edition

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: http://condenast.com/

Search URL Search Domain Scan URL

URL: https://www.condenast.com/user-agreement/
Title: User Agreement

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy/
Title: Privacy Policy and Cookie Statement

Search URL Search Domain Scan URL

URL: https://www.condenast.com/privacy-policy/#california
Title: Your California Privacy Rights

Search URL Search Domain Scan URL

URL: https://www.condenast.com/online-behavioral-advertising-oba-and-how-to-opt-out-of-oba/#clickheretoreadmoreaboutonlinebehavioraladvertising(oba)
Title: Ad Choices

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 196

https://sb.scorecardresearch.com/p?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1637615014394_1&ns_st_ec=1&ns_st_sp=1&ns_st_sq=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=2488000&ns_st_pb=1&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_ci=5fbe751038d069741986d243&ns_ts=1637615014394&ns_st_bt=0&ns_st_bp=0&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&c8=Blade%20Runner%20Game%20Director%20Louis%20Castle%3A%20Extended%20Interview&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1637615014394_1&ns_st_ec=1&ns_st_sp=1&ns_st_sq=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=2488000&ns_st_pb=1&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_ci=5fbe751038d069741986d243&ns_ts=1637615014394&ns_st_bt=0&ns_st_bp=0&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&c8=Blade%20Runner%20Game%20Director%20Louis%20Castle%3A%20Extended%20Interview&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null

Request Chain 243

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=bb7b619c-05a8-4300-ae3a-388256e87a34

Request Chain 244

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=MiAfOzQkR2ApKBVuMyULPTMmE24pJh5vPSJylrqk

Request Chain 245

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8717970263991771138

Request Chain 247

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll&google_tc=

Request Chain 248

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPqpbvwR0eSxg7RI6eZmtSE&google_cver=1

Request Chain 249

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=38bf619c-05a8-4400-a94e-cbe20140cdb4

Request Chain 250

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=jyMduoknReGUKxfvgCQJ7IF0EOmUdxS9jyCmRb41

Request Chain 251

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5270365188390092199

Request Chain 253

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll&google_tc=

Request Chain 254

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBpAJ-pUoPLcflHnXiUE93k&google_cver=1

Request Chain 255

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=faf3619c-05a8-4300-b957-18ea688a2229

Request Chain 256

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=hh9c1oAbBI2dF1aDgBhI14MfUIOdTFyMiR5HhKg2

Request Chain 257

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6309026200481758413

Request Chain 259

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll&google_tc=

Request Chain 260

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc= HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELZ8xs7fuHSH-h-hnasw74M&google_cver=1

Request Chain 267

https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWB5P3BM-F-J0H7&sigv=1&esig=2~e78c6901bcd4ae0ae962dfef016b5796173c9baf&us_privacy=1---

Request Chain 268

https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dCNVAzQk0tRi1KMEg3&us_privacy=1---

Request Chain 269

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1--- HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YZwFqQAGmLxbpQBG HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZwFqQAGmLxbpQBG&us_privacy=1---&_test=YZwFqQAGmLxbpQBG

Request Chain 270

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=38bf619c-05a8-4400-a94e-cbe20140cdb4&expires=28

Request Chain 272

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB2orzq094Y2B4Tcgemd6mI&google_cver=1

Request Chain 273

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/0mG--t6oAgz5lCF5_NXh5g?csrc=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7239860780485881439

269 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/ 45 KB
15 KB 429ms
204ms Document
text/html 18.190.84.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.190.84.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-84-233.us-east-2.compute.amazonaws.com

Software

nginx/1.17.10 / PHP/7.3.31

Resource Hash

b7b81a1093c98375cc4b5ea1e13809bbb44727bc1cbbeb9c061a32bcd9110330

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.17.10
x-powered-by: PHP/7.3.31
link: <https://arstechnica.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
content-encoding: gzip

GET
H2 200 main-c3a3431538.css
cdn.arstechnica.net/wp-content/themes/ars/assets/css/ 336 KB
71 KB 82ms
8ms Stylesheet
text/css 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 5c5dcbdd805b4603a4ac478d0e3966033767767309ac8eb2ddb6a1aea68ad2c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: gzip
x-cf3: M
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
content-length: 71971
x-cf-tsc: 1634161432
x-cf2: H
last-modified: Wed, 13 Oct 2021 21:21:47 GMT
server: CFS 0215
x-cff: B
etag: W/"61674deb-53f36"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
accept-ranges: bytes
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 43ms
25ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Lh0CEVPkmGuwf4KyqdKdhw==
age: 11674
vary: Accept-Encoding
content-length: 6403
x-ms-lease-status: unlocked
last-modified: Fri, 19 Nov 2021 15:53:32 GMT
server: cloudflare
etag: 0x8D9AB74BCB270F7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 75937fac-201e-00a4-456d-dde202000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b251ae348bf05cc-FRA

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 23 KB
6 KB 44ms
25ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b53a8679f64261d270c8e531fe1e2b8e463f3592155dcf4c2dbc5deeab2f3b63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: vK1pqwR5vAdncTOZa1Txzw==
age: 11144
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Tue, 29 Jun 2021 08:52:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: adf4ee1c-c01e-0062-5c6c-c49f3e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6b251ae348c505cc-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 77 KB
27 KB 69ms
45ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f445de04a5aecb7be2e1bb7ea624b6ff895df42fa6edda2e0521a9a347b91f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1052 / 49 of 1000 / last-modified: 1637582729"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26877
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Nov 2021 21:03:32 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 134 KB
36 KB 63ms
8ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: qkOcdGsoDUMvfWusL4m2BAijBZa3LkSN
content-encoding: gzip
etag: 1e39d25f07f5619925357b752ab10d04
age: 197
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 0MJ1BAWDMX505BXT9S6V
date: Mon, 22 Nov 2021 21:00:15 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: vdDTcnGxTM2loFXUbq8NERjp28qNKIwAsphNwUgGaRgfH5jZvYny0Q==

GET
H2 200 prebid.min.js Show response
cdn.arstechnica.net/cns/ 278 KB
85 KB 90ms
17ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 04affabbdfdb9a578a82c15363b75b79c64307a6b8fec3609fcfc8d5b4c95d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: gzip
x-cf3: H
x-amz-request-id: TVKVHNBCK6C5HZNP
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cache-hits: 1
content-length: 85892
x-amz-id-2: FprYolco3enSh87amRA8OA6fbQZgOYCcCIh9BQWW+NxMvXVVSpEXgZQW2vVUI7oEmfKaqULXMzc=
x-served-by: cache-iad-kiad7000116-IAD
cf4ttl: 117.500
x-cf2: H
last-modified: Thu, 28 Oct 2021 15:51:10 GMT
server: CFS 0215
x-timer: S1637614821.789438,VS0,VE11
x-cff: B
etag: "5c06cae404894999598b18bd4b87dc8c"
vary: Accept-Encoding
x-amz-version-id: mcWK0dsL7CglBYt6FbYg60yk4xHXXvCl
access-control-allow-origin: *
cache-control: max-age=120
cf4age: 4
accept-ranges: bytes
content-type: application/javascript
x-cf-tsc: 1637614822
expires: Mon, 22 Nov 2021 21:05:32 GMT

GET
H/1.1 200
OK 183973-93942139695505.js Show response
js-sec.indexww.com/ht/p/ 43 KB
15 KB 38ms
10ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:32 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Nov 2021 21:00:55 GMT
Server: Apache
ETag: "761e2e-ada8-5d166ebb8486e"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3599
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 14812
Expires: Mon, 22 Nov 2021 22:03:31 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/condenastprebidheader987326845656/ 212 KB
74 KB 34ms
7ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7f0ac2034d1b5eabc36c56bb928d6bc091936219153563b2e4627ec74971c31f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:29:05 GMT
server: AmazonS3
x-amz-request-id: EFERK19PSV9K72Q8
etag: "48d548fa3c2c76036098a2d2ea482c85"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=16942
accept-ranges: bytes
content-length: 75515
x-amz-id-2: fOEHdQeH1LBoyaq3bblkqncyPsd8Kfg8Ucvqi1hpLPGvut7bfJ2ONlGQZa8/HK8JJBXliZ6Di+E=

GET
H2 200 ars-technica.min.js Show response
cdn.arstechnica.net/cns/ 144 KB
47 KB 88ms
14ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1637614816
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: cbbf05b75f19de06d0215adf634456637b43c0e1476d19f956e5bedd8e062ed6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: gzip
x-cf3: M
x-amz-request-id: TVKWPTT72R3H8DKF
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
x-cache-hits: 1
content-length: 47572
x-amz-id-2: KdUjxpGHtENy3SVyvx0LNktJRnL3RY1RtLq6NqSzp+yEJ8pXJxcBlgKZn7TSlJY6VCuRvTrIXWk=
x-served-by: cache-iad-kjyo7100178-IAD
cf4ttl: 119.500
x-cf2: H
last-modified: Mon, 08 Nov 2021 16:40:50 GMT
server: CFS 0215
x-timer: S1637614820.734979,VS0,VE1
x-cff: B
etag: "d4b5100742a24b499a91ea4d00dfb8ce"
vary: Accept-Encoding
x-amz-version-id: HesTfUtan9JdDGUSsr3esWbZHWEbzRTM
access-control-allow-origin: *
cache-control: max-age=120
cf4age: 2
accept-ranges: bytes
content-type: application/javascript
x-cf-tsc: 1637614820
expires: Mon, 22 Nov 2021 21:05:32 GMT

GET
H2 200 ars-84a4ab0802.ads.us.js Show response
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 3 KB
1 KB 92ms
19ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/ars-84a4ab0802.ads.us.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 16708dda2536b4b3782313db4a6ec8456cd84da7ae0f56d7d2455e68fc9bc4f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
content-length: 1143
x-cf-tsc: 1616487028
x-cf2: H
last-modified: Thu, 11 Mar 2021 18:03:18 GMT
server: CFS 0215
x-cff: B
etag: "604a5b66-bc0"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 38015
accept-ranges: bytes
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
H2 200 iran-digital-800x534.jpeg
cdn.arstechnica.net/wp-content/uploads/2021/11/ 226 KB
227 KB 10ms
8ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2021/11/iran-digital-800x534.jpeg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 80d3a8b21bedf057c49f279fc289b9a74097f109a10fbea118ad266751a44ca1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
x-cf3: H
x-amz-request-id: 39JJS4YPVVGG8CC4
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:M
x-amz-replication-status: COMPLETED
content-length: 231202
x-amz-id-2: ngZGy+ZUB8De99sV1Icthjp8RaKUQAz+O/seYxI/IoAdRVKWAAbK34r04V9pjRvK4399O//zZFQ=
x-cf-tsc: 1637596887
cf4ttl: 43200.000
x-cf2: H
last-modified: Wed, 17 Nov 2021 21:08:40 GMT
server: CFS 0215
x-cff: B
etag: "22ce0a3b57ddae7c3524e65a5cd874a3"
x-amz-version-id: 41qagoRzMud62Z8mTpDg53Z0t5WNNAKo
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 45735
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 187 KB
65 KB 62ms
8ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2a9f175b194a086b163117f6a338f0511194f6488b4e651ac3a2aee926d434a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: gzip
last-modified: Mon, 22 Nov 2021 09:54:11 GMT
etag: W/"2ed55-Nd4OSM0vQhcQFtCp9FalPmvURKM"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: d47c78035973f9e32e7513025c6c78e8
timing-allow-origin: *, *
content-length: 66514
expires: Tue, 23 Nov 2021 01:03:32 GMT

GET
H2 200 main-2039e864fa.js Show response
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 651 KB
212 KB 9ms
8ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-2039e864fa.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1e96aed3c7e3bcb21f98d7c7c327f2e5d3d96b0317b3ffdf7a44bcd3abc92a88

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: gzip
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
content-length: 216189
x-cf-tsc: 1634161433
x-cf2: H
last-modified: Wed, 13 Oct 2021 21:21:47 GMT
server: CFS 0215
x-cff: B
etag: W/"61674deb-a2af5"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 0
accept-ranges: bytes
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
H/1.1 200
OK arstechnica.js Show response
player.cnevids.com/interlude/ 107 KB
27 KB 62ms
10ms Script
text/javascript 143.204.98.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/interlude/arstechnica.js

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-125.fra50.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

0053b1b18533c8a1342d572086360b837088330a0eb528c42e71aaa19f60fdb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Age: 24
X-Cache: Hit from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 26901
X-XSS-Protection: 1; mode=block
X-Request-Id: 78361769-a921-40a7-86e6-fdec3159a05c
X-Runtime: 0.011080
X-Backend-Node: 10.110.120.129
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"b41622f0197d270639c08e0a1e5e504f"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: c3qoGdo4KWul55AraPMWbE6u37jANgYq7k0bGOmWQWvffeZEQYuS6g==

GET
H2 200 conde-asa-polar-master.js Show response
cdn.mediavoice.com/nativeads/script/condenastcorporate/ 5 KB
2 KB 80ms
46ms Script
text/javascript 2606:4700::6813:da83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:da83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 11180
cf-ray: 6b251ae6389c6907-FRA
cf-ipcountry: DE
content-length: 2018
via: 1.1 varnish
last-modified: Mon, 22 Nov 2021 15:02:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-varnish: 3283293557
x-country: DE
cache-control: max-age=21600
accept-ranges: bytes
content-type: text/javascript

GET
H2 200 100098X1555750.skimlinks.js Show response
s.skimresources.com/js/ 35 KB
14 KB 31ms
11ms Script
application/octet-stream 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 66a8d2afd6450d76d15e5b8b786e0b5997d8bec229e4064770bfc8b3421eef86

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 09:37:18 GMT
server: AmazonS3
x-amz-request-id: G4Q9Z4GS7RDSY0SP
etag: "2125b441e65ce76081285a5496f99dc1"
x-hw: 1637615012.cds140.fr8.hn,1637615012.cds127.fr8.c
content-type: application/octet-stream
cache-control: max-age=3600
accept-ranges: bytes
content-length: 13722
x-amz-id-2: H9ocQx1srUVlTCki4hod1FuUq3yFzDLElouOJI2K96ONrQV6aQz8EELrBLwP3agKUKLNjtgHCnw=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 437 KB
120 KB 40ms
15ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04ad45dd341f2221df27c3216bb711ea8a9293e1cbe8c79f16dd10db87d43ed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122280
x-xss-protection: 0
expires: Mon, 22 Nov 2021 21:03:32 GMT

GET
H2 200 b10882a1-8446-4e7d-bfb2-ce2c770ad910.json Show response
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/ 4 KB
2 KB 54ms
37ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/b10882a1-8446-4e7d-bfb2-ce2c770ad910.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a84f14fc85bca40863dbe7ccc7a4065d16d6e4824f25c3042603fec63f296b4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uucPpEztI4zaUuaa9amvOw==
age: 10845
vary: Accept-Encoding
content-length: 1502
x-ms-lease-status: unlocked
last-modified: Wed, 03 Nov 2021 13:28:08 GMT
server: cloudflare
etag: 0x8D99ECDC64ADCA1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 990c3304-f01e-0103-22b6-d09db4000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b251ae5ebd9dfd3-FRA
expires: Tue, 23 Nov 2021 01:03:32 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 181 B
386 B 50ms
29ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

347cb64095b29d35a32171fde002a88eb771d1322eeb8528646e2a621a89fc56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b251ae629e12c2a-FRA

GET
H/1.1 200
OK condenast-amp Show response
segment-data.zqtk.net/ 339 B
572 B 105ms
31ms XHR
application/javascript 54.154.239.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://segment-data.zqtk.net/condenast-amp?url=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1637614816
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.239.62 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-154-239-62.eu-west-1.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: e316f6d2d60be91c4800dedbbadc0588437fb04175c45fa328b19bd052c9dbb9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:32 GMT
Content-Encoding: gzip
Server: nginx/1.10.3 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: max-age=80440
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Tue, 23 Nov 2021 19:24:13 GMT

GET
H2 200 ads.js Show response
arstechnica.com/hotzones/src/ 0
494 B 107ms
106ms XHR
application/javascript 18.190.84.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://arstechnica.com/hotzones/src/ads.js

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1637614816

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.190.84.233 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-190-84-233.us-east-2.compute.amazonaws.com

Software

nginx/1.17.10 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
x-content-type-options: nosniff
last-modified: Wed, 27 Oct 2021 16:56:26 GMT
server: nginx/1.17.10
etag: "617984ba-0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
content-security-policy: default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges: bytes
content-length: 0
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 357 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 economica-bold-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 25 KB
25 KB 25ms
8ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-bold-otf-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.fra2:co:1525808045:cacheN.fra2-01:H
content-length: 25592
x-cf-tsc: 1616487026
x-cf2: H
last-modified: Thu, 11 Mar 2021 18:03:18 GMT
server: CFS 0215
x-cff: B
etag: "604a5b66-63f8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 41149
accept-ranges: bytes
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
H2 200 economica-regular-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 24 KB
24 KB 28ms
11ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-regular-otf-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.fra2:co:1525808045:cacheN.fra2-01:H
content-length: 24264
x-cf-tsc: 1616487026
x-cf2: H
last-modified: Thu, 11 Mar 2021 18:03:18 GMT
server: CFS 0215
x-cff: B
etag: "604a5b66-5ec8"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 41149
accept-ranges: bytes
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
DATA 200
OK truncated
/ 279 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 400 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 700 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 zeroday-360x200.jpg
cdn.arstechnica.net/wp-content/uploads/2020/11/ 39 KB
40 KB 9ms
9ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2020/11/zeroday-360x200.jpg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: e45c4ad07bbc7ee646f4ec2c7e60128f5068bea7abb0d1414bbb32549b50c5ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
x-cf3: H
x-amz-request-id: Z52WX3W0Y49E1GRT
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:M
x-amz-replication-status: COMPLETED
content-length: 40289
x-amz-id-2: Pez/+vNnSbbAIwfiH2BJfYhAgqYisoJuQPdbQOnmVvdVGPizdYUzE1IxMx0KAKXxgrjRnxnN5Dw=
x-cf-tsc: 1637575740
cf4ttl: 43200.000
x-cf2: H
last-modified: Tue, 03 Nov 2020 20:29:19 GMT
server: CFS 0215
x-cff: B
etag: "d2018653400b991e6b7f6d3aa1f94fb5"
x-amz-version-id: sYGhv2vftG_xXDNGum2WFHA_XmVucRXY
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 4303
accept-ranges: bytes
content-type: image/jpeg
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
DATA 200
OK truncated
/ 841 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Dang.jpg
cdn.arstechnica.net/wp-content/uploads/2018/10/ 90 KB
91 KB 9ms
8ms Image
image/jpeg 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/uploads/2018/10/Dang.jpg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
x-cf3: H
x-amz-request-id: NRG8AZMWFXFTVQHA
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
content-length: 92486
x-amz-id-2: v+gWVKuRZYcvtelb3JS0TaELVmr3+iiZ113UW6uuMrmFlLZpW3CsCNdDpLyUyhLWxs8ZEuyuR+M=
x-cf-tsc: 1637544327
cf4ttl: 43200.000
x-cf2: H
last-modified: Sat, 21 Dec 2019 01:48:48 GMT
server: CFS 0215
x-cff: B
etag: "03e5fec9e7ca5f8064d945bd791bd4c3"
x-amz-version-id: null
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 32517
accept-ranges: bytes
content-type: image/jpeg
x-cf-rand: 53.071
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
H2 200 channel-ars-be7bb52ba9.png
cdn.arstechnica.net/wp-content/themes/ars/assets/img/ 5 KB
5 KB 10ms
8ms Image
image/png 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/channel-ars-be7bb52ba9.png
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
content-length: 4809
x-cf-tsc: 1632628244
x-cf2: H
last-modified: Tue, 03 Aug 2021 15:52:12 GMT
server: CFS 0215
x-cff: B
etag: "6109662c-12c9"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 18702
accept-ranges: bytes
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
H2 200 bitter-italic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 24 KB
24 KB 10ms
7ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-italic-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.fra2:co:1525808045:cacheN.fra2-01:H
content-length: 24212
x-cf-tsc: 1616487026
x-cf2: H
last-modified: Thu, 11 Mar 2021 18:03:18 GMT
server: CFS 0215
x-cff: B
etag: "604a5b66-5e94"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 41149
accept-ranges: bytes
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
H2 200 bitter-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 22 KB
23 KB 13ms
10ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-regular-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.fra2:co:1525808045:cacheN.fra2-01:H
content-length: 22872
x-cf-tsc: 1616487026
x-cf2: H
last-modified: Thu, 11 Mar 2021 18:03:18 GMT
server: CFS 0215
x-cff: B
etag: "604a5b66-5958"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 41149
accept-ranges: bytes
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
H2 200 opensans-semibold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 19 KB
19 KB 10ms
8ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.fra2:co:1525808045:cacheN.fra2-01:H
content-length: 18972
x-cf-tsc: 1616487031
x-cf2: H
last-modified: Thu, 11 Mar 2021 18:03:18 GMT
server: CFS 0215
x-cff: B
etag: "604a5b66-4a1c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 39675
accept-ranges: bytes
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
H2 200 opensans-semibolditalic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 20 KB
21 KB 11ms
8ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibolditalic-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.fra2:co:1525808045:cacheN.fra2-01:H
content-length: 20872
x-cf-tsc: 1616487031
x-cf2: H
last-modified: Thu, 11 Mar 2021 18:03:18 GMT
server: CFS 0215
x-cff: B
etag: "604a5b66-5188"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 29039
accept-ranges: bytes
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
H2 200 opensans-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 18 KB
19 KB 12ms
10ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-regular-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.fra2:co:1525808045:cacheN.fra2-01:H
content-length: 18824
x-cf-tsc: 1616487026
x-cf2: H
last-modified: Thu, 11 Mar 2021 18:03:18 GMT
server: CFS 0215
x-cff: B
etag: "604a5b66-4988"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 41149
accept-ranges: bytes
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
H2 200 opensans-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 19 KB
19 KB 13ms
11ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-bold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.fra2:co:1525808045:cacheN.fra2-01:H
content-length: 19516
x-cf-tsc: 1616487031
x-cf2: H
last-modified: Thu, 11 Mar 2021 18:03:18 GMT
server: CFS 0215
x-cff: B
etag: "604a5b66-4c3c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 37562
accept-ranges: bytes
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
H2 200 opensans-italic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 20 KB
21 KB 13ms
11ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-italic-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: c46974d8f6030e4888708b18a5d9a32b25eb765a5708896e1899df449d87aab7

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.fra2:co:1525808045:cacheN.fra2-01:H
content-length: 20748
x-cf-tsc: 1616487027
x-cf2: H
last-modified: Thu, 11 Mar 2021 18:03:18 GMT
server: CFS 0215
x-cff: B
etag: "604a5b66-510c"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 14589
accept-ranges: bytes
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
H2 200 bitter-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 22 KB
22 KB 14ms
12ms Font
font/woff2 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-bold-webfont.woff2
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS: vip1.G-anycast1.cachefly.net
Software: CFS 0215 /
Resource Hash: 807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752

Request headers

Referer: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin: https://arstechnica.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
x-cf3: H
cf4ttl: 43200.000
x-cf1: 14961:fA.fra2:co:1525808045:cacheN.fra2-01:H
content-length: 22104
x-cf-tsc: 1616487031
x-cf2: H
last-modified: Thu, 11 Mar 2021 18:03:18 GMT
server: CFS 0215
x-cff: B
etag: "604a5b66-5658"
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=4838400
cf4age: 39675
accept-ranges: bytes
expires: Mon, 17 Jan 2022 21:03:32 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 183 B
217 B 30ms
30ms Script
text/javascript 2606:4700:10::6814:b844
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d067aab4d696edf85ea216710a54dc64508bb1e82b6d48d905e16f8c5f2c1b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6b251ae67a762c2a-FRA

GET
H/1.1 200
OK video_groups Show response
api.cnevids.com/v1/ 4 KB
1 KB 443ms
110ms XHR
application/json 52.201.83.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cnevids.com/v1/video_groups?filters={%22channel_key%22:%22arstechnica%22}&pagesize=20&endpoint=oo.arstechnica

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-2039e864fa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.83.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-83-88.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

bd2f1d776a255c29e59f51a99edb16a6c070d10948254b635f9294c6ecb65dd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/*
Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 661
X-XSS-Protection: 1; mode=block
X-Request-Id: 6078170b-5286-4689-b428-2582a5af0e33
X-Runtime: 0.002003
X-Backend-Node: 10.110.76.41
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
X-Frame-Options: SAMEORIGIN
ETag: W/"2cd63ae3eac10fd2f85892a9b20406e7"
X-Download-Options: noopen
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate

GET
H/1.1 200
OK ars-technica.config.js Show response
pixel.condenastdigital.com/config/v2/production/ 8 KB
2 KB 38ms
7ms Script
application/javascript 151.101.64.239
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.condenastdigital.com/config/v2/production/ars-technica.config.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86b1750ac3fa82df8295e51912887cc0f10833802b17dc1f76a31293f7ecf049

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:32 GMT
Content-Encoding: gzip
Age: 182413
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 1280
x-amz-id-2: PSpobk1IuvwFBy4OPvEMNhk5AfTR6Bnj6Yz7ZBYZ+hOaGtcq4hcBs5r1Ky475cOv7gJOyaKVzFo=
X-Served-By: cache-bwi5162-BWI, cache-fra19148-FRA
Access-Control-Allow-Origin: *
Last-Modified: Wed, 20 Oct 2021 17:32:47 GMT
Server: AmazonS3
X-Timer: S1637615013.979460,VS0,VE0
ETag: "eb5a28e1cf7fe168b5057e3c330a277e"
Vary: Accept-Encoding
x-amz-request-id: DEVBATC990FKP3V6
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 22 Oct 2021 12:37:30 GMT
Cache-Control: no-cache, public, max-age=604800
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 1, 9

GET
DATA 200
OK truncated
/ 18 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

POST
H2 200 / Show response
r.skimresources.com/api/ 165 B
347 B 40ms
17ms XHR
application/json 35.190.59.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r.skimresources.com/api/

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

101.59.190.35.bc.googleusercontent.com

Software

openresty/1.11.2.5 /

Resource Hash

ae349e55a8114da27b50d42c1841a458a4d1fd1b5f1a6982672bbf76e258f698

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: openresty/1.11.2.5
strict-transport-security: max-age=31536000
content-type: application/json
access-control-allow-origin: https://arstechnica.com
vary: Accept-Encoding
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 206 robots.txt
t.skimresources.com/api/v2/ Frame 4621 0
102 B 38ms
16ms Image
text/plain 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.004135641055395434
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 47.67.201.35.bc.googleusercontent.com
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:32 GMT
via: 1.1 google
server: Python/3.7 aiohttp/3.5.4
alt-svc: clear
content-length: 0
content-type: text/plain charset=UTF-8

GET
H2 200 px.gif
p.skimresources.com/ 43 B
244 B 49ms
16ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=1&rn=2.21621495562342
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 px.gif
p.skimresources.com/ 43 B
102 B 50ms
16ms Image
image/gif 35.190.91.160
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.skimresources.com/px.gif?ch=2&rn=2.21621495562342
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 160.91.190.35.bc.googleusercontent.com
Software: Skimlinks Pixel 1.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
via: 1.1 google
server: Skimlinks Pixel 1.0
p3p: policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc: clear
content-length: 43
content-type: image/gif

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 317 B
492 B 102ms
29ms Script
text/html 35.179.78.10
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CxRYrdgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-hrBp6wlWe0wLgg%3D%3D&sc=1&os=1-fw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pcode=condenastprebidheader987326845656&rx=452284425161&callback=MoatNadoAllJsonpRequest_6419399
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.78.10 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-78-10.eu-west-2.compute.amazonaws.com
Software: TornadoServer/4.5.3 /
Resource Hash: b9bc5e27df97d39e8987cb98d15eec5b4006f7d13856909acc73a05314609a2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
cache-control: max-age=900
server: TornadoServer/4.5.3
timing-allow-origin: *
etag: "6660ea92da18bcc96638de7ca3e0ceb891b1ce49"
content-length: 317
content-type: text/html; charset=UTF-8

GET
H2 200 plugin.js Show response
plugin.mediavoice.com/ 362 KB
135 KB 30ms
20ms Script
application/javascript 2606:4700::6813:da83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://plugin.mediavoice.com/plugin.js
Requested by: Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:da83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 673ba175a4615945e474d7193a03593eb5bf58c4efc98bbef04df57121bec49e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 10919
content-type: application/javascript
content-length: 137690
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Wed, 20 Oct 2021 13:39:48 GMT
server: cloudflare
etag: W/"61701c24-5a7d4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
x-varnish: 2201870100 2201756277
via: 1.1 varnish
cache-control: max-age=43200
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 6b251ae7cd016907-FRA
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Nov 2021 19:05:08 GMT

GET
H2 200 condenastcorporate Show response
polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/ 208 B
502 B 61ms
33ms XHR
application/json 2606:4700::6811:4132
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/condenastcorporate
Requested by: Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dc40a5096530714279199bd98ffbe44f3108bf9dd183ec74d85f69705d86e25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
server: cloudflare
etag: W/"f3cb63b5151ee861d177a2136e7d9989"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Country, CF-Ray
cache-control: max-age=3600
x-country: DE
cf-ray: 6b251ae7ef846964-FRA

GET
H/1.1 200
OK recommendations Show response
api.condenast.io/v1/ 16 KB
6 KB 248ms
221ms Fetch
application/json 151.101.128.239
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://api.condenast.io/v1/recommendations?applicationID=cne-interlude-arstechnica&brand=arstechnica&url=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&filter%5Bstrategy%5D=POPULAR&filter%5BcontentType%5D=CNEVIDEO&filter%5Blanguage%5D=en-US&page%5Bsize%5D=5
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/interlude/arstechnica.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.15.8 /
Resource Hash: 7e940502f71091095be29eada2888cf6c9e8a4d0b0eefe78478ce105f18ceac4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
X-Backend: 2SrKDXXFWNz87LdtRpzPzK--F_api_eu_central_1_condenast_io
access-control-allow-origin: https://arstechnica.com
transfer-encoding: chunked
X-Cache: MISS
Connection: keep-alive
X-Served-By: cache-fra19145-FRA
Server: nginx/1.15.8
X-Timer: S1637615013.115612,VS0,VE215
Vary: origin,accept-encoding, Accept-Encoding, Origin
Content-Type: application/json;charset=utf-8
Via: 1.1 varnish
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: private, max-age=0
access-control-allow-credentials: true
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 63ms
24ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 22 Nov 2021 21:03:33 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 110 B
723 B 55ms
17ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=arstechnica.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b17641fa05fbd3289813683e25b16f1ba8e021ebe83597a554d1f920ea3801b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0
expires: Mon, 22 Nov 2021 21:03:33 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
310 B 9ms
8ms XHR
text/plain 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3035&u=https%3A%2F%2Farstechnica.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 18:02:40 GMT
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
server: Server
age: 10853
x-cache: Hit from cloudfront
access-control-allow-origin: https://arstechnica.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 7GaTyxwHUZFD9tS4eFcb5Il_5NieGr27Uj0mGzMcgeylCTGjfxUBLQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 25ms
8ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: gYbY2ORQY5Qmsyt0ob0SiGH6tjIhuo4B
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 54298
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Tue, 09 Nov 2021 22:55:20 GMT
server: AmazonS3
date: Mon, 22 Nov 2021 05:58:36 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: DtLjquvl1p4lwXTf_wESBxuQwR21V8WxIOWF6UJAGH-rGEElC5D2lQ==

GET
H/1.1 200
OK YXJzdGVjaG5pY2EuY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 66ms
12ms XHR
application/json 104.85.5.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/YXJzdGVjaG5pY2EuY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.85.5.185 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-85-5-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:33 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=24771
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: c41b7d94d972cd1ffb2a08b256b72a5c
Content-Length: 16
Expires: Tue, 23 Nov 2021 03:56:24 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 15ms
7ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=9.625742224848477
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Wed, 22 Dec 2021 21:03:33 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 146
date: Mon, 22 Nov 2021 21:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 22 Nov 2021 23:01:07 GMT

GET
H2 200 v2 Show response
z-na.associates-amazon.com/onetag/ 11 KB
4 KB 51ms
8ms Script
text/javascript 143.204.97.28
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.97.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-97-28.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 7475f5c70d3b6020b6f4621b2e69fba3360bea00a913e60b085af165b93842ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:05:17 GMT
content-encoding: gzip
accept-charset: UTF-8
server: Server
age: 61096
x-amz-rid: CDJ9NS1VTHYCBB7ASVB8
vary: accept-encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
access-control-allow-origin: *
permissions-policy: interest-cohort=()
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: b_UR33laF0W-fUNZf1z2Ow2-XjkX8K2YaaiXXxepa07bW4C1QGS4aA==
via: 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront)

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.23.0/ 312 KB
75 KB 15ms
15ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: joMckLq8BtEunD8NH/4XVA==
age: 3012962
vary: Accept-Encoding
content-length: 76366
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:11:58 GMT
server: cloudflare
etag: 0x8D96DBF6CBEE741
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 884a5034-801e-002a-2c6c-c4ada3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b251ae84ca105cc-FRA

GET
H/1.1 200
OK sparrow.min.js Show response
pixel.condenastdigital.com/ 38 KB
14 KB 7ms
7ms Script
application/javascript 151.101.64.239
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.condenastdigital.com/sparrow.min.js
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cff3ff7513a42187f914df965c0006c8756f549dc13ffb64540767042902a748

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:33 GMT
Content-Encoding: gzip
Age: 447709
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 13370
x-amz-id-2: SENHVCtuomdm2Mm3mqd2d5TaZvXtN7y+tX3NqyQzcJZGMI1w5AhAFIHf5woKpMNeAi2X6kBHmcY=
X-Served-By: cache-bwi5158-BWI, cache-fra19148-FRA
Access-Control-Allow-Origin: *
Last-Modified: Mon, 18 Oct 2021 11:33:31 GMT
Server: AmazonS3
X-Timer: S1637615013.174012,VS0,VE0
ETag: "e6b88c6f7c41eb887a206c62c62867a9"
Vary: Accept-Encoding
x-amz-request-id: 17RDPM5XDG8GCCK8
Via: 1.1 varnish, 1.1 varnish
Expires: Wed, 20 Oct 2021 22:46:55 GMT
Cache-Control: no-cache, public, max-age=604800
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 1, 11970

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:28:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2106
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 22 Nov 2021 21:28:27 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
531 B 40ms
16ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://arstechnica.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

POST
H2 200 page Show response
t.skimresources.com/api/v2/ 22 B
339 B 31ms
30ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/page

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:33 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://arstechnica.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 22

POST
H2 200 link Show response
t.skimresources.com/api/v2/ 22 B
114 B 32ms
32ms XHR
application/javascript 35.201.67.47
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://t.skimresources.com/api/v2/link

Requested by

Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

47.67.201.35.bc.googleusercontent.com

Software

Python/3.7 aiohttp/3.5.4 /

Resource Hash

fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:33 GMT
via: 1.1 google
x-content-type-options: nosniff
server: Python/3.7 aiohttp/3.5.4
access-control-allow-headers: Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8, application/javascript
access-control-allow-origin: https://arstechnica.com
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
warning: 299 - "Deprecated API"
alt-svc: clear
content-length: 22

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 400ms
95ms XHR
application/json 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1637615013192&sessionId=b44d3e36-caa4-8919-1551-4924b09b24b0&url=arstechnica.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 21:03:33 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 84f75a44e1fb1fa6e48a375a8eafef15
Content-Length: 4
Expires: 0

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
460 B 38ms
15ms XHR
application/json 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://arstechnica.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
infinityid.condenastdigital.com/ 36 B
1 KB 462ms
111ms XHR
text/plain 34.235.15.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://infinityid.condenastdigital.com/?rand=1637615013232
Requested by: Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.15.213 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-15-213.compute-1.amazonaws.com
Software: nginx/1.15.8 /
Resource Hash: e7e1d8a231003f2577062e3d58f628674d672a79452d19484e593a94bc3d02e2

Request headers

Accept: text/plain
Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
Server: nginx/1.15.8
vary: origin,accept-encoding
Content-Type: text/plain; charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-credentials: true
Connection: keep-alive
transfer-encoding: chunked
expires: 0

GET
H/1.1 200
OK content Show response
4d.condenastdigital.com/ 303 B
617 B 423ms
107ms XHR
application/json 3.228.34.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://4d.condenastdigital.com/content?url=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F
Requested by: Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.34.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-34-240.compute-1.amazonaws.com
Software: /
Resource Hash: f96404a5109bb3019e0e226fc1755bff9d22c7c31c4878a69807ca4ce6ae4471

Request headers

Accept: text/plain
Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
transfer-encoding: chunked
Content-Type: application/json; charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-credentials: true
Connection: keep-alive

GET
H/1.1 200
OK track
capture.condenastdigital.com/ 48 B
48 B 417ms
101ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_ts=2021-11-22T21%3A03%3A33.233Z&_t=pubadsReady&cBr=Ars%20Technica&cKe=advanced%20persistent%20threat%7CIran%7Cransomware&cCh=gadgets&cTi=Hackers%20backed%20by%20Iran%20are%20targeting%20US%20critical%20infrastructure%2C%20US%20warns&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=957&cId=1813895&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns&pRt=referral&pHp=%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&pRr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&pWw=1600&pWh=1200&pPw=1600&pPh=4400&pSw=1600&pSh=1200&uID=5a73d2f7-38a9-4f24-99e0-f04165b02587&uNw=1&uUq=1&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&uDt=desktop&dim1=%7B%22channel%22%3A%22gadgets%22%2C%22platform%22%3A%22wordpress%22%2C%22template%22%3A%22article%22%2C%22viewport%22%3A%22desktop%22%2C%22pageContext%22%3A%7B%22contentType%22%3A%22article%22%2C%22templateType%22%3A%22article%22%2C%22channel%22%3A%22gadgets%22%2C%22slug%22%3A%22beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%22%2C%22server%22%3A%22production%22%2C%22keywords%22%3A%7B%22tags%22%3A%5B%22advanced-persistent-threat%22%2C%22iran%22%2C%22ransomware%22%5D%2C%22cm%22%3A%5B%5D%2C%22platform%22%3A%5B%22wordpress%22%5D%2C%22copilotid%22%3A%22%22%7D%2C%22privateMode%22%3Atrue%7D%2C%22version%22%3A%226.52.0%22%7D&_o=ars-technica&_c=ad_metrics&environment=prod&origin=ars-technica
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:33 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/f838450e-291b-47df-9d56-30f7ede72358/ 261 KB
41 KB 22ms
17ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/f838450e-291b-47df-9d56-30f7ede72358/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21f93213d56eb417ac2162103b4adeac3307f0f5a361a8c7bbabb40f10827088

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: kzv5J3yIWQtcgUQCiVigQA==
age: 10831
vary: Accept-Encoding
content-length: 41308
x-ms-lease-status: unlocked
last-modified: Wed, 03 Nov 2021 13:29:03 GMT
server: cloudflare
etag: 0x8D99ECDE71D75C6
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 744830b1-d01e-0114-16b6-d05dd7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b251ae8d83adfd3-FRA
expires: Tue, 23 Nov 2021 01:03:33 GMT

GET
H2 200 iab2Data.json Show response
cdn.cookielaw.org/vendorlist/ 267 KB
37 KB 25ms
20ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/vendorlist/iab2Data.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45acec993153bc57d3040b0f14afcf31f61f50397f79b129e29a5ab5e8bb3d0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: YCuriH1l/QMhLuDaKzy5Sw==
age: 10831
vary: Accept-Encoding
content-length: 37645
x-ms-lease-status: unlocked
last-modified: Mon, 22 Nov 2021 15:29:56 GMT
server: cloudflare
etag: 0x8D9ADCCF004F2E7
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: cf661a44-601e-00c5-12cb-dfa6dd000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b251ae8d83cdfd3-FRA

GET
H2 200 otTCF.js Show response
cdn.cookielaw.org/scripttemplates/6.23.0/ 67 KB
15 KB 25ms
21ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/otTCF.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f4ade5c0b8fdedeefdd3a199c26f0e8abd2d526fd30f84a4ced9931be959c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: lu40VrYjAGw+l/zvqO+mkw==
age: 3012961
vary: Accept-Encoding
content-length: 14840
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:11:59 GMT
server: cloudflare
etag: 0x8D96DBF6D9991DE
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: c3d38fa9-901e-015c-356c-c46f4a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b251ae8ddd705cc-FRA

GET
H/1.1 200
OK andoncord Show response
assoc-na.associates-amazon.com/onetag/ 16 B
415 B 371ms
117ms XHR
application/json 72.21.195.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assoc-na.associates-amazon.com/onetag/andoncord
Requested by: Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: Server /
Resource Hash: c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:33 GMT
Server: Server
x-amz-rid: NMMSY82QD1Q2A1BA19FC
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 16

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 49ms
16ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-31997-1&cid=332656279.1637615013&jid=699129668&gjid=543816196&_gid=248848889.1637615013&_u=aGBAgUAjAAQCAE~&z=166244096

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Nov 2021 21:03:33 GMT
content-type: text/plain
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
14ms Ping
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=137374250&t=pageview&_s=1&dl=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&dr=%2F&dp=%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&ul=en-us&de=UTF-8&dt=Hackers%20backed%20by%20Iran%20are%20targeting%20US%20critical%20infrastructure%2C%20US%20warns%20%7C%20Ars%20Technica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUAjAAQC~&jid=699129668&gjid=543816196&cid=332656279.1637615013&tid=UA-31997-1&_gid=248848889.1637615013&gtm=2wgba1NLXNPCQ&cg1=article%7Creport&cg2=gadgets&cg3=gadgets&cd1=GTM-NLXNPCQ&cd2=285&cd4=&cd6=Mon%20Nov%2022%202021%2021%3A03%3A33%20GMT%2B0000%20(GMT)&cd7=1637615013121.58g1igq&cd8=0&cd9=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&cd10=English&cd11=21&cd12=0&cd13=Tag%20Name%3A%20GA%20-%20Pageview%20-%20Core%20Pageview%20-%20All%20Pages&cd20=none&cd25=Dan%20Goodin&cd26=1813895&cd27=957&cd28=Hackers%20backed%20by%20Iran%20are%20targeting%20US%20critical%20infrastructure%2C%20US%20warns&cd29=web&cd32=2021-11-17T22%3A02%3A54%2B00%3A00&cd33=5&cd34=2021-11-17T22%3A13%3A02%2B00%3A00&cd35=advanced%20persistent%20threat%7CIran%7Cransomware&cd36=web&cd43=Ars%20Technica&cd45=Adblock%20Enabled%20-%20false&cd62=https%3A%2F%2Farstechnica.com%2F%3Fp%3D1813895&cd63=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&cd65=%3Futm_social-type%3Downed&cd72=1.0.0&cd92=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&cd93=gadgets&cd98=article%7Creport&cd102=22&cd103=&cd104=owned&cd113=data-layer-loaded&cd127=Wednesday&cd129=Etc%2FUnknown&cd131=10&cm13=0&cm23=0&cd3=332656279.1637615013&z=534294085

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:07:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21381
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=137374250&t=event&ni=1&_s=1&dl=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&dr=%2F&dp=%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&ul=en-us&de=UTF-8&dt=Hackers%20backed%20by%20Iran%20are%20targeting%20US%20critical%20infrastructure%2C%20US%20warns%20%7C%20Ars%20Technica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=proxy%20pageviews&ea=pageload&_u=aGDAgUAjAAQCAE~&jid=&gjid=&cid=332656279.1637615013&tid=UA-31997-1&_gid=248848889.1637615013&gtm=2wgba1NLXNPCQ&cg1=article%7Creport&cg2=gadgets&cg3=gadgets&cd1=GTM-NLXNPCQ&cd2=285&cd4=&cd6=Mon%20Nov%2022%202021%2021%3A03%3A33%20GMT%2B0000%20(GMT)&cd7=1637615013129.mfatt4di&cd8=0&cd9=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&cd10=English&cd11=21&cd12=0&cd13=Tag%20Name%3A%20GA%20Events%20-%20Proxy%20Pageviews%20-%20Pageload&cd20=none&cd25=Dan%20Goodin&cd26=1813895&cd27=957&cd28=Hackers%20backed%20by%20Iran%20are%20targeting%20US%20critical%20infrastructure%2C%20US%20warns&cd29=web&cd32=2021-11-17T22%3A02%3A54%2B00%3A00&cd33=5&cd34=2021-11-17T22%3A13%3A02%2B00%3A00&cd35=advanced%20persistent%20threat%7CIran%7Cransomware&cd36=web&cd43=Ars%20Technica&cd45=Adblock%20Enabled%20-%20false&cd62=https%3A%2F%2Farstechnica.com%2F%3Fp%3D1813895&cd63=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&cd65=%3Futm_social-type%3Downed&cd72=1.0.0&cd92=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&cd93=gadgets&cd98=article%7Creport&cd102=22&cd103=&cd104=owned&cd113=data-layer-loaded&cd127=Wednesday&cd129=Etc%2FUnknown&cd131=10&cd3=332656279.1637615013&cm21=1&z=28988552

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 15:07:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 21381
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 316 B
1 KB 179ms
114ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552988&size_id=15&alt_size_ids=10&us_privacy=1---&eid_pubcid.org=71b80b13-059d-411f-a106-5b969df40e03%5E1&rf=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&tg_i.cnt_tags=advanced-persistent-threat%2Ciran%2Cransomware&tk_flint=pbjs_lite_v5.20.0&x_source.tid=c344d20f-81df-4671-b1ec-fa85c095d8d8&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9035035142250674
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 8b3c2389e343de6db36fef0ff22ecfcb56ef82cf2715447361a3674b73a82f84

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 316
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 316 B
1 KB 318ms
253ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552990&size_id=15&alt_size_ids=10&us_privacy=1---&eid_pubcid.org=71b80b13-059d-411f-a106-5b969df40e03%5E1&rf=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&tg_i.cnt_tags=advanced-persistent-threat%2Ciran%2Cransomware&tk_flint=pbjs_lite_v5.20.0&x_source.tid=c344d20f-81df-4671-b1ec-fa85c095d8d8&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.31308614189029016
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 69ea68960d5891581c61b529d674f79b7317e2cd6543a2cb152b3b0ec87e18cf

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 316
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 6 KB
6 KB 132ms
104ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=375865&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22412141d0525a8b%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed%3Fcnt_tags%3Dadvanced-persistent-threat%252Ciran%252Cransomware%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cnt_tags%22%3A%5B%22advanced-persistent-threat%22%2C%22iran%22%2C%22ransomware%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%225176be5613e232%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22375865%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22375864%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 40ce669780fa869484ea07b29b7b40bf91e21e145b21e3abaa91a357ef7e0fb2

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:33 GMT
x-ak-initial-geo: CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.198], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://arstechnica.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 6144
x-ak-client-geo: 12
expires: Mon, 22 Nov 2021 21:03:33 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 253 B
1 KB 238ms
216ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

2c482a58ab3cbe4c3c7806f318a20fc3ab216ce7792de5acb997c14e5b61985e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 21:03:33 GMT
X-Proxy-Origin: 168.119.25.198; 168.119.25.198; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 410ed346-27a0-48cb-a85d-51bffb1ebd29
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 253
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 147ms
109ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a969ce00175757040bb70c50db8002f&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 5f133b60ad7bbbd6b523de333e2b6e316ac818dcf93a8fa183364f7d9abfb429

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 129ms
90ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a9691380175757044fd70c50ec60030&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: ee97e5ab3f0d4e0682976c789daef044ac46dd586ff9aa0e81986df859772280

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 arj Show response
condenastus-d.openx.net/w/1.0/ 188 B
601 B 52ms
19ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c344d20f-81df-4671-b1ec-fa85c095d8d8%2Cc344d20f-81df-4671-b1ec-fa85c095d8d8&nocache=1637615013329&us_privacy=1---&pubcid=71b80b13-059d-411f-a106-5b969df40e03&aus=300x250%2C300x600%7C300x250%2C300x600&divids=rail_300x250_300x600%2Crail_300x250_300x600&aucs=%2C&auid=541000589%2C541000592&aumfs=50%2C50
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: d029f27f8867551293d5c511d597dfb56d9c19bf43dcc9520afef2aedb488697

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://arstechnica.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 174
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
707 B 69ms
45ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1d9f6d036d9e1cbcbe34790f2282e090aa070bc43fa8ec36b9ab8c2914bbf755

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 315 B
1 KB 114ms
57ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552960&size_id=2&alt_size_ids=57&us_privacy=1---&eid_pubcid.org=71b80b13-059d-411f-a106-5b969df40e03%5E1&rf=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&tg_i.cnt_tags=advanced-persistent-threat%2Ciran%2Cransomware&tk_flint=pbjs_lite_v5.20.0&x_source.tid=376c389c-ba19-418b-b9d6-4f8000e6b954&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7879128583442576
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 67156981b5a0d9c7191262d4e95731bb6243d5bb0e5efec77b879781cd1ba4cc

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 315
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 315 B
1 KB 128ms
71ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552962&size_id=2&alt_size_ids=57&us_privacy=1---&eid_pubcid.org=71b80b13-059d-411f-a106-5b969df40e03%5E1&rf=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&tg_i.cnt_tags=advanced-persistent-threat%2Ciran%2Cransomware&tk_flint=pbjs_lite_v5.20.0&x_source.tid=376c389c-ba19-418b-b9d6-4f8000e6b954&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.307746063932242
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: deb4905d77dfc76d6afa0cd5873c80a687443ec67e6c17b40001332d47b46be7

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 315
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
331 B 143ms
122ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=375849&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%222253db5920a7e3f%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed%3Fcnt_tags%3Dadvanced-persistent-threat%252Ciran%252Cransomware%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cnt_tags%22%3A%5B%22advanced-persistent-threat%22%2C%22iran%22%2C%22ransomware%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22238b1bf63f9950b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22375849%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22375848%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 82ac71acb9af2e413f0a0ace03ef838c9d5fbbb57c881badbb69c8fd5f0c40c7

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:33 GMT
x-ak-initial-geo: CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.198], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://arstechnica.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Mon, 22 Nov 2021 21:03:33 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 248 B
929 B 44ms
29ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a2f68bc8c6073efd0508c355594e530e140bf887545101f0e3fe7142d4e249ed

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 21:03:33 GMT
X-Proxy-Origin: 168.119.25.198; 168.119.25.198; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 188c9220-ff54-4d84-9804-07984a88e57b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 248
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 107ms
76ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a969ce00175757040bb70c4ff01002a&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: d1e180dd689871e44f80019fd3754fa8ba82bdd9c3e75259ee95e215ba4875c3

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
291 B 68ms
37ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a9691380175757044fd70c4fff3002b&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 3b733dde510047aba57b7a5e0597f327c9ec61da1634c5d6022751d871e766c4

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
content-length: 62

GET
H2 200 arj Show response
condenastus-d.openx.net/w/1.0/ 188 B
369 B 48ms
22ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=376c389c-ba19-418b-b9d6-4f8000e6b954%2C376c389c-ba19-418b-b9d6-4f8000e6b954&nocache=1637615013335&us_privacy=1---&pubcid=71b80b13-059d-411f-a106-5b969df40e03&aus=728x90%2C970x250%7C728x90%2C970x250&divids=hero_728x90_970x250%2Chero_728x90_970x250&aucs=%2C&auid=541000619%2C541000563&aumfs=50%2C50
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 5210a312b316786e908cddb2e218053934705c2c385ab4794d514b6d4e07ce08

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://arstechnica.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
845 B 56ms
39ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: f0d38ae928ba9146b3a17090df2f7eb0199ec4a9734c274ae8867f77b9ad6f41

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
531 B 41ms
41ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=3035&u=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pid=JdpXowRiXkId5&cb=0&ws=1600x1200&v=7.71.1&t=1000&slots=%5B%7B%22sd%22%3A%22siderail_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22rail%2Fdesktop%22%7D%2C%7B%22sd%22%3A%22post_nav_0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22hero%2Fdesktop%22%7D%2C%7B%22sd%22%3A%22article_in_text_0%22%2C%22s%22%3A%5B%22300x50%22%2C%22300x250%22%2C%22320x50%22%2C%22728x90%22%5D%2C%22sn%22%3A%22mid-content%2Fdesktop%22%7D%5D&pj=%7B%22si_section%22%3A%22gadgets%22%2C%22us_privacy%22%3A%221---%22%7D&gdpre=1&gdprc=CPQGDh2PQGDh2AcABBENB2CgAAAAAAAAAChQAAAAAAJBAGgAAoAHAAeABcAD4ALQAfABGACSAFsAMQAfwBIgCuAGaANQAbQA4gByADnAHUAP8AgYBBwCRAE_AKGAYQA6oCHwEXgI9ASEAlYBNoCwgF0ALqAXaAvIBiADFgGQgMjAZQA0IBowDSgGpgNoAbcA3QBwQSCmAAgABcAFAAVAAyABwADwAIAAYAAygBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCACGgEQARIAjoBLAEuAJoAUoAtwBhgDIAGWANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBigDWAG0ANwAbwA9AB8gENgIdASIAmIBMoCbAE7AKHAUiApoBYoC0AFsALkAXeAvMBgQDBgGEgMNAYeAyIBkgDJwGXAM5AZ8A0gBp0DWANZDAFwAFgAXACMAEmAKgAqgBbADEAG8AUgA0oBqAGqAOIAloBsgDqAIvASEAocBYgDFgGRgNCAboGgRABWAC4AIYAZAAywBsgDsAH4AQAAgoBGAClgFPAKvAWgBaQDWAG8AOqAfIBDoCKgEiAJsATsApEBcgDAgGEgMPAYwAycBnIDPAGfCAC4ACwALgA1ACMAEkAKoAWwAxABvAFIAK6AagBqgDiAJEAS0A3ABvAEXgJCAUOAxYBoQDdBEBsAKwAhgBkADLAGyAOwAfgBAACMAFLAKeAVcA1gB1QD5AIdASIAmwBOwCkQFyAMCAYSAw8Bk4DOQGfCoDgAFAAhgBMAC4AI4AZYA7AB-AEYAI4AUsAq8BaAFpAN4AkEBMQCbAFNgLYAXIAvMBgQDDwGRAM5AZ4Az4BuQoAgAGIATIApIBqAGqANoAcQA5AB4AEFAJaAdUBHoCxAGaANCAa8MgMAAUACGAEwARwAywB2QD7APwAjABHAClgFXAK2AbwBMQCbAFogLYAXmAwIBh4DIgGcgM8AZ8MAIgA1ADEAJkAUkA1ADVAG0AOIAcgA8ACWgFiAOqAj0BJwCxAF5ANCHAXgABAAIgAcAB4AFwAPgAtAByAD8AIIARgAtgBdADIAGgAP4AhABIgCdAFIALMAZYAzQBpQDUANUAbQA4gByADnAHUAOwAdwBAACBgEFgIOAhABEQCRAEtAJtAT4BPwClgFQALaAXqAwADAgGEAMyAawA14BvADjgHSAOqAeQA-QCEIEPgRAAj0BIUCVgJXATEAmUBNoChQFIAKTAUwAqYBVQCtgFcgK7AWUAtIBagC4oF0AXUAvYBfQDAgGIAMWAZCAygBl4DQoGigaMA0oBpoDUwGvANoAbYA24dBiAAXABQAFQAMgAcABAAC6AGAAZQA0ADUAHgAPoAhgCIAEwAJ8AVQBWACwAFwAL4AYgAzABvADmAHoAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA2QBvgDvAHtAPsA_QB_wEWARgAjkBKQEqAKCAU8Aq4BYoC0ALSAXMAuoBeQDFAG0ANxAdMB1AD0AIbAQ6AiIBFQCLwEggJEASoAmwBOwChwFNAKsAWKAtCBbAFsgLgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFIALcAZcA1ADVAG0AOIAcgA5wB2ADwAIKAT4ApYBYgDAAGEAMyAbwA6oB2wEPgI9ASEAk4BK4CYgE2gKFAUgApMBWwC6AF5AL2AYEAzQBoQDRQGlANTAbYA24hA4AAWABQADIALgAYgBDACYAFUALgAXwAxABmADeAHoARwAsQBhADfAHfAPsA_AB_gEYAI4ASkAoIBQwCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAJsAU0AsUBaMC2ALaAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAkAAEAA4AC4AIQAcgBUADIAG8AQgAkQBSAC5AF8AMsAagA2gB3AEAAISAS0AnwBUADXgG8AOqAfYBKwCbQFJgLKAWkAvYBiIDFgGlANyJQOAAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhoBEAESAI4AUYApQBbgDCAGqANkAd4A_ACMAEcAJOAU8Aq8BaAFpALqAYoA3AB1AD5AIdARUAi8BIgCbAFigLYAXaAvMBh4DIgGTgMsAZyAzwBnwDSAGsAOAKASQABAAXAA-ACEAFoAOQAfgBGACoAFYAMgAbQA3gByAEIAI4ASIAmQBOgCkAFyAMsAagA1wBtADiAHOAOoAdwA8ACAAEHAISARUAkQBJwCWgE2gJ8An4BSwCxAF1AMAAYQAxQBrwDeAHVAO2AeQA-QB_wEegJiATKAm0BSACmAFTAK2AV2AtABdAC8gF9AMCAYsA0QBpQDTYGpAamA14BwRSCKAAuACgAKgAZAA4ACCAGAAZQA0ADUAHkAQwBEACYAE8AKQAVQAsABfADEAGYAOYAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CxQFsALgAXIAu0BeYDDQGHgMYAZEAyQBk4DLgGcgM8AZ9A0gDSYGsAayA2MAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-95-188.fra50.r.cloudfront.net

Software

Server /

Resource Hash

159bd804f3a207ce59088ef63f186ba5b3d906d5245b7bfa882a6a6c3f6a9314

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: WPR779C3KADYG18TEVQ2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 64
x-amz-cf-id: 4suqLCkKg3lYQO2VCGJ9laqLspnVaIlnm2ca9fhSxsTbsRwIe8pxvw==

GET
H2 200 otCenterRounded.json Show response
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 9 KB
3 KB 18ms
18ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otCenterRounded.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: cGkddLGcEkFdkLgUFXgOUA==
age: 3012942
vary: Accept-Encoding
content-length: 2584
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:11:52 GMT
server: cloudflare
etag: 0x8D96DBF69965AE8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 4549ccca-501e-00cd-586c-c4bdae000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6b251ae9e9e0dfd3-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 20 KB
4 KB 27ms
27ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 3012942
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:12:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 03a3166f-d01e-0179-216c-c4f7f9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6b251ae9e9e3dfd3-FRA

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 55ms
31ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-31997-1&cid=332656279.1637615013&jid=699129668&_u=aGBAgUAjAAQCAE~&z=370799999

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 55ms
30ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-31997-1&cid=332656279.1637615013&jid=699129668&_u=aGBAgUAjAAQCAE~&z=370799999

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 5b27ec85625710471a000011 Show response
api.cnevids.com/v1/video_groups/ 41 KB
9 KB 110ms
110ms XHR
application/json 52.201.83.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.cnevids.com/v1/video_groups/5b27ec85625710471a000011?endpoint=oo.arstechnica

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-2039e864fa.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.201.83.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-201-83-88.compute-1.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

db13ee339357db5e7cb93375e24ae33ff7ff4b50510ebbadcb8d630c3adc580d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/*
Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 7927
X-XSS-Protection: 1; mode=block
X-Request-Id: 87b4812d-8842-4fcd-8783-3558612d9d06
X-Runtime: 0.003676
X-Backend-Node: 10.110.42.237
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
X-Frame-Options: SAMEORIGIN
ETag: W/"e1bd7c9af73a51482f6411d6d62bfded"
X-Download-Options: noopen
Vary: Accept-Encoding, Origin
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers
Cache-Control: max-age=0, private, must-revalidate

GET
H2 200 get Show response
odb.outbrain.com/utils/ 36 KB
13 KB 233ms
203ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&srcUrl=http%3A%2F%2Ffeeds.arstechnica.com%2Farstechnica%2Findex%2F&idx=0&rand=58226&key=NANOWDGT01&widgetJSId=AR_14&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=190&py=3904&vpd=2704&activeTab=true&settings=true&recs=true&version=2000520&sig=ytBQOV3C&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1---&ccpaStat=1&aqp=utm_social-type%3Downed
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fa99e707401fb91592a9b593516b5f368a8cbbabc5ad264fbb4ec59af584dcdf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.117.63
x-cache-hits: 0, 0
x-traceid: 9e0692df629d8b4f11e03d3a916bbff4
content-encoding: gzip
content-length: 13202
x-served-by: cache-lga21963-LGA, cache-hhn4053-HHN
x-timer: S1637615013.480714,VS0,VE182
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 5fbe751038d069741986d243.js Show response
player.cnevids.com/script/video/ 64 KB
22 KB 110ms
110ms Script
text/javascript 143.204.98.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/script/video/5fbe751038d069741986d243.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_dd966350-9bc5-4fcb-ac5b-9877f37236e0_similar2-3-personalized_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/interlude/arstechnica.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-125.fra50.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

f962f0c8ed922b0b1fd583d19ab38d00a23ce43c936106ed741eb87a768e18ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 21509
X-XSS-Protection: 1; mode=block
X-Request-Id: 111f9a21-db9a-4032-86b9-b3eada615485
X-Runtime: 0.005468
X-Backend-Node: 10.110.45.86
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"d945d91bdd201ccd78b05bda397ba072"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Id: pLOrsUEAy4AenKv_4t7SncV1yhrwDZ3J4AuxSSL6lSkReihakBtX7w==

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 321 B
1 KB 64ms
64ms XHR
application/json 2602:803:c004:200::140
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552970&size_id=15&alt_size_ids=2%2C43%2C44&us_privacy=1---&eid_pubcid.org=71b80b13-059d-411f-a106-5b969df40e03%5E1&rf=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&tg_i.cnt_tags=advanced-persistent-threat%2Ciran%2Cransomware&tk_flint=pbjs_lite_v5.20.0&x_source.tid=81deaeeb-ea3a-4a5d-a85e-66dd8bfb932b&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4903554335067297
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 5ec92caa48606cbbd1fdb7b430dc9976130cca68e285cabdcac334db5c00f4ea

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 321
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
331 B 270ms
270ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=375855&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2239977be75cd08bd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed%3Fcnt_tags%3Dadvanced-persistent-threat%252Ciran%252Cransomware%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cnt_tags%22%3A%5B%22advanced-persistent-threat%22%2C%22iran%22%2C%22ransomware%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.20.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2240039aaab668b2e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22375855%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22375855%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22375855%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22375855%22%2C%22sid%22%3A%22320x50%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22user%22%3A%7B%7D%7D
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ff75fe17e278bd54777fafcca26b43bfc0f3cb94218c1a69d94e5833c4c5f641

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:33 GMT
x-ak-initial-geo: CC:[DE], RC:[BY], CN:[EU], CIP:[168.119.25.198], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://arstechnica.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Mon, 22 Nov 2021 21:03:33 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 257ms
257ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

8ba138a967a9d9783221e2f5d964b5fc4e74328714bd6e998e26b38538ac2dd4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 22 Nov 2021 21:03:33 GMT
X-Proxy-Origin: 168.119.25.198; 168.119.25.198; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 4d291325-0ddb-4530-857e-15d1f29665d3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://arstechnica.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bidRequest Show response
c2shb.ssp.yahoo.com/ 62 B
92 B 71ms
70ms XHR
application/json 18.156.195.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a969ce00175757040bb70c50400002c&cmd=bid&secure=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.33 /
Resource Hash: 9ccc4f584e6ccf57e322aeec34ef531809a406ae596bbcc91681b6fe78d70e87

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
server: ATS/9.1.0.33
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
content-length: 62

GET
H3 200 arj Show response
condenastus-d.openx.net/w/1.0/ 188 B
196 B 33ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=81deaeeb-ea3a-4a5d-a85e-66dd8bfb932b&nocache=1637615013451&us_privacy=1---&pubcid=71b80b13-059d-411f-a106-5b969df40e03&aus=300x250%2C300x50%2C320x50%2C728x90&divids=mid-content_300x250_300x50_320x50_728x90&aucs=&auid=541000584&aumfs=50
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: ac33799b01c54a937f0b15218887cbca56cdf9c9b2c155afe5911d8a304f59bd

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://arstechnica.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 173
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
708 B 45ms
45ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0341556c193a6dc8966ef036e1fdb55bd52e9fdb79497ef4b5297cb731611a0c

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H/1.1 200
OK 60881503dc31e52256a68df3.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady46722945 Show response
player.cnevids.com/script/video/ 64 KB
22 KB 116ms
109ms Script
text/javascript 143.204.98.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/script/video/60881503dc31e52256a68df3.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady46722945

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-2039e864fa.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-125.fra50.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

f962f0c8ed922b0b1fd583d19ab38d00a23ce43c936106ed741eb87a768e18ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Miss from cloudfront
Status: 200 OK
Connection: keep-alive
Content-Length: 21509
X-XSS-Protection: 1; mode=block
X-Request-Id: 19a9d83d-9087-4769-96f2-142fbd4b0b9d
X-Runtime: 0.007152
X-Backend-Node: 10.110.127.153
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"d945d91bdd201ccd78b05bda397ba072"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
Cache-Control: max-age=0, private, must-revalidate
X-Amz-Cf-Id: Zh_QkCVBc_-GaSkV09LR5tD42mp4kV1ZIzNfZqb5IVg6-1UgYUfqXg==

GET
H/1.1 200
OK arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1619531614/ 5 KB
6 KB 70ms
21ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1619531614/arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

85c33811c2b04e4e02babe2fd6bd7ac0035f93e95827116429bbda2cf9c6c95d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-11-17T01:49:20.740Z;desc=hit,rtt;dur=10
Content-Length: 5242
Last-Modified: Wed, 28 Apr 2021 15:00:19 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "cfdeb1a825aca3ca1bf9ab3727325d27"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 9eB-yr1XAELn2zeatpv0hcTHPuBOY8nbNyDENx9EUtUpnSYJ8dZR6Q==

GET
H/1.1 200
OK arstechnica_sitrep-boeing-707.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1615574323/ 12 KB
12 KB 56ms
8ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1615574323/arstechnica_sitrep-boeing-707.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

571479d52cd675db5573fe46973c62cba6d8224a76136fcefeb90f7dc42a6391

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 15:10:08 GMT
Via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 2354005
X-Cache: Hit from cloudfront
Server-Timing: fastly;dur=2;cpu=1;start=2021-10-26T15:10:08.978Z;desc=hit,rtt;dur=1
Content-Length: 11899
Last-Modified: Tue, 16 Mar 2021 23:00:54 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "49fd6cf75b5acbe4ea95126496406585"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 7wq4p3WhOg6WUO4wL-HJ1E--uhJ3V_MiH6uKQxgsmjyRmvRedx8ZdA==

GET
H/1.1 200
OK arstechnica_steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1611089409/ 16 KB
17 KB 60ms
12ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1611089409/arstechnica_steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

06b33c040105224101afcdaacd82b6dfb3ea1bf9ef3d7478cf5fa163a0ad65e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-11-18T02:37:03.531Z;desc=hit,rtt;dur=6
Content-Length: 16317
Last-Modified: Fri, 22 Jan 2021 06:42:21 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "4796345150de82db7572da4e13d5fbc1"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: UNR8QKloslOxADwvK54KI9Sma1ZzrbRXAEpSZ99TGeRymnZRmjmbgQ==

GET
H/1.1 200
OK arstechnica_personal-history-scott-manley.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603123470/ 14 KB
15 KB 74ms
26ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603123470/arstechnica_personal-history-scott-manley.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

1f466b08649eef5ad16c20f6d7207bf8818cb107b6241950dbc568cdffc03d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-11-18T01:46:13.398Z;desc=hit,rtt;dur=6
Content-Length: 14113
Last-Modified: Tue, 20 Oct 2020 20:00:45 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "963bf0b22c745f95a06f32ee1317b872"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: RoLH5JqeaRcmEXMganMCblV-2-qChbbZ6bVqTpEsE3zbdm8b76wGJg==

GET
H/1.1 200
OK arstechnica_personal-history-lgr.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1600711530/ 14 KB
15 KB 61ms
13ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1600711530/arstechnica_personal-history-lgr.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

29637e0647104ccc5d5583e652db29ce99e947c858c3d9502960e7ea7f1aea19

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-11-18T03:12:44.153Z;desc=hit,rtt;dur=6
Content-Length: 14772
Last-Modified: Mon, 21 Sep 2020 20:59:56 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "4049b10cd3281951b01beb4f36134234"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: CzbEpcU9VvTroUY1SgKqP8dOKWCxKC6P0fZ_PvJ--UjoKTkTU7m21A==

GET
H/1.1 200
OK arstechnica_war-stories-forza.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1599844552/ 13 KB
14 KB 61ms
13ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1599844552/arstechnica_war-stories-forza.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

a7d16dbea6d1099c01d7ec5db9f14240ced938c9a02fa1438adcf0b9dd5f4546

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-11-17T01:25:16.450Z;desc=hit,rtt;dur=6
Content-Length: 13067
Last-Modified: Mon, 14 Sep 2020 04:59:09 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "f4fbb43c5fea2707c308cd14297862ef"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: rPEFca7xyi2s7RtoHoXRvNXOTGg5gypU1dUhvZycrxYOt5LPxW4Cvw==

GET
H/1.1 200
OK arstechnica_the-f-35-s-next-tech-upgrade.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1598890591/ 3 KB
4 KB 11ms
11ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1598890591/arstechnica_the-f-35-s-next-tech-upgrade.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

3b0209841325362235c221628e471145726897e4e1c9b210b6e6b2217fdf2ee8

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 28 Oct 2021 11:48:31 GMT
Via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 2193302
X-Cache: Hit from cloudfront
Server-Timing: fastly;dur=167;cpu=0;start=2021-10-28T11:48:30.979Z;desc=miss,rtt;dur=3,cloudinary;dur=76;start=2021-10-28T11:48:31.025Z
Content-Length: 3374
Last-Modified: Mon, 31 Aug 2020 23:24:32 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "3f16924a1fdff64e971a0491115fc147"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: sIEei-0qhcwDmaKnKMvCZ-dbjQ_1c0hNrm7l15iF4KLflP2jDYRxCA==

GET
H/1.1 200
OK arstechnica_fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1593453234/ 15 KB
16 KB 12ms
12ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1593453234/arstechnica_fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

9431bc6d1a6d036a70c92dfc9000d7965f939671a59705bdd01c3e652048ed9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 16 Nov 2021 18:32:52 GMT
Via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 527441
X-Cache: Hit from cloudfront
Server-Timing: fastly;dur=261;cpu=0;start=2021-11-16T18:32:52.476Z;desc=miss,rtt;dur=1,cloudinary;dur=69;start=2021-11-16T18:32:52.520Z
Content-Length: 15307
Last-Modified: Tue, 30 Jun 2020 16:17:42 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "324e15e8b7d3edd23ffbf5df0a1a9e77"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: crY2jhn2okTYEX9q4S0Fd5ShZGC_BPcQwV33XXffjd2V6vUIPLN85g==

GET
H/1.1 200
OK arstechnica_linus-tech-tips-reacts-to-his-top-1000-youtube-comments.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1591804041/ 9 KB
10 KB 14ms
14ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1591804041/arstechnica_linus-tech-tips-reacts-to-his-top-1000-youtube-comments.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

e8830a414dfeb4c0e0f519d3419f69849df9226f329357c938333dbf2c956f63

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-11-17T02:21:44.418Z;desc=hit,rtt;dur=1
Content-Length: 9054
Last-Modified: Fri, 12 Jun 2020 00:52:29 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "b17d3aab70cb56fbf2df892c8415ab16"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: jy5LZc0RLir0VlZICl86NYo02Tpwxn1gCb3bq0hR0mQBA_1yDClC8A==

GET
H/1.1 200
OK arstechnica_mini-4wd-racing.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1575930137/ 17 KB
18 KB 17ms
16ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1575930137/arstechnica_mini-4wd-racing.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

5c57a0f6d257ca6be9e6bcb6039fea214962c35b7b30fee3dcc112b8cec18d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-11-19T01:47:13.579Z;desc=hit,rtt;dur=1
Content-Length: 17267
Last-Modified: Thu, 12 Dec 2019 14:30:32 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "7cfa0c5590f779efc925bf7aee626a20"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: 36UNOUSIak2fCT-q0Lhg5jJ_2PWtlYcGysa1bJ4AzLFV2xeyi80lxw==

GET
H/1.1 200
OK arstechnica_megabots-born-to-smash-anything-in-their-path.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1526931343/ 15 KB
16 KB 11ms
10ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1526931343/arstechnica_megabots-born-to-smash-anything-in-their-path.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

b577055e927a94b842ec53fc28f8a4187844e16edd60abaaaf2ee337e213911b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sat, 13 Nov 2021 15:07:26 GMT
Via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 798967
X-Cache: Hit from cloudfront
Server-Timing: fastly;dur=2;cpu=0;start=2021-11-13T15:07:26.578Z;desc=hit,rtt;dur=1
Content-Length: 15869
Last-Modified: Fri, 06 Jul 2018 19:56:45 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "d5f1fa792bbca4be804bc969dcf7db43"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: YeKplsMHfOZwCAieLgAsXQWAJbTrcdT4tnVVBdip1sxVxAG4x-uWYw==

GET
H/1.1 200
OK arstechnica_first-look-xbox-adaptive-controller.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1526498352/ 10 KB
11 KB 15ms
15ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1526498352/arstechnica_first-look-xbox-adaptive-controller.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

dce92d04fbed4ddd2818e9294233f43b5b18fa36d52ca2a1197b91a07a90a3d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-11-16T04:17:34.738Z;desc=hit,rtt;dur=2
Content-Length: 10261
Last-Modified: Fri, 06 Jul 2018 19:56:42 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "101ee40510f65a5364b974a292765482"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: v5gzmRXLyy945sWIif3h2GKHT11C-z9Ax8V8GBGGksI3DTKO4mJ8pw==

GET
H/1.1 200
OK wired_5-levels-4.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1529933985/ 14 KB
15 KB 12ms
12ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1529933985/wired_5-levels-4.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

f2270d3738e32653170a1a5aa6ce4865f519f6f9cc7c94c81ce901569044347e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-11-18T02:37:03.544Z;desc=hit,rtt;dur=2
Content-Length: 14467
Last-Modified: Fri, 06 Jul 2018 19:56:45 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "3c223a00bee60e9e108119a6f92a56e5"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: XK8FsyXwIhbqST0UxoV-t-TWmIKkFFdYBa4pMFay3nDzTd4dQTz2PA==

GET
H/1.1 200
OK arstechnica_kids-try-2.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1526922071/ 11 KB
12 KB 9ms
8ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1526922071/arstechnica_kids-try-2.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

74e6f981b8b49af0323f0b5bdbc8399ffbd7c15f1fd047e2e0787bb050ee67dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 05 Nov 2021 15:10:16 GMT
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 1489997
X-Cache: Hit from cloudfront
Server-Timing: fastly;dur=1;cpu=0;start=2021-11-05T15:10:16.706Z;desc=hit,rtt;dur=2
Content-Length: 10983
Last-Modified: Fri, 06 Jul 2018 19:56:45 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "270368c34e1708c2006a66073406f364"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: gTyM0uhQMgUIloUOpTckOSQuAn80sa1HtNpY8NK4BVwJT2frqVUCMg==

GET
H/1.1 200
OK wired_expert-explains-one-concept-in-5-levels-of-difficulty-blockchain.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1511810813/ 10 KB
11 KB 14ms
14ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1511810813/wired_expert-explains-one-concept-in-5-levels-of-difficulty-blockchain.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

9664537951dcb4580bae564d7f88764f4b029da8a261701b87088daee7a8c94c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-11-21T04:10:26.549Z;desc=hit,rtt;dur=1
Content-Length: 10012
Last-Modified: Fri, 06 Jul 2018 19:56:45 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "412e100440abad3a53678dd7fad646c1"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: D9LHQqxcwS0wAYHOjnLnOqS2Ytn1i5Iajk6R7Dm_fXzWi-DyVi7Uvw==

GET
H/1.1 200
OK arstechnica_best-wearable-tech-of-2017.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1496775864/ 13 KB
14 KB 12ms
12ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1496775864/arstechnica_best-wearable-tech-of-2017.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

f9005e0bc66b4637535b09be10356488207c6741d9cf428510105a434164e554

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-11-21T04:10:26.566Z;desc=hit,rtt;dur=1
Content-Length: 13810
Last-Modified: Fri, 22 Jun 2018 20:55:52 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "3d020d9551ffca0b1c2cb5880fb72962"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: -mHIZ9MqhyJDN2s5mbAe0LGoL5JzpYHkkNjoA8VU0qoG8eK66yoqSw==

GET
H/1.1 200
OK arstechnica_gear-gadgets-the-moov-hr-sweat-heart-rate-monitor-in-a-headband.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1487958545/ 6 KB
7 KB 8ms
8ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1487958545/arstechnica_gear-gadgets-the-moov-hr-sweat-heart-rate-monitor-in-a-headband.jpg

Requested by

Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

34e23d411643b08763f3052d5cb276a0fb01c7d6f7f2a28c248c71f86fce65ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 06:10:15 GMT
Via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 917598
X-Cache: Hit from cloudfront
Server-Timing: fastly;dur=176;cpu=0;start=2021-11-12T06:10:15.595Z;desc=miss,rtt;dur=5,cloudinary;dur=85;start=2021-11-12T06:10:15.640Z
Content-Length: 5973
Last-Modified: Fri, 22 Jun 2018 20:55:52 GMT
Server: Cloudinary
Cache-Control: public, no-transform, immutable, max-age=2592000
ETag: "52f4379a4d3cb27ee136b4a5a4615526"
Strict-Transport-Security: max-age=604800
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: og7aHiqxw3DX3Z3m8IKIXUls3DVcuNdZ-ZvAhp-_PpJ_UOI8a8K-Qg==

GET
DATA 200
OK truncated
/ 408 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK embed-api.json Show response
player.cnevids.com/ 11 KB
5 KB 27ms
10ms Fetch
application/json 143.204.98.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/embed-api.json?videoId=5fbe751038d069741986d243&playerType=interlude&embedLocation=arstechnica

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5fbe751038d069741986d243.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_dd966350-9bc5-4fcb-ac5b-9877f37236e0_similar2-3-personalized_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-125.fra50.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

13ad09df4b76a1176f3e84136a845c53e110dd69c16eb8a6a31918f99463a235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:00:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Age: 176
X-Cache: Hit from cloudfront
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 3667
X-XSS-Protection: 1; mode=block
X-Request-Id: 36fffb64-3af3-4d6d-832c-cb839dcd1211
X-Runtime: 0.016037
X-Backend-Node: 10.110.13.158
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"444b90cb8e169dae6f37201df0de7589"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control: max-age=300, public
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: nfpBYmsSnJGjypIcz0FHgQUJZyzR63GqevLBCRUQShvDYe1NFBR3HQ==

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8FFA 368 KB
122 KB 86ms
48ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125138
x-xss-protection: 0
expires: Mon, 22 Nov 2021 21:03:33 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ 75 KB
28 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b7419c4fa0f9d57268f99de3d580cfb7d239d6b16f7160213186019d083be8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 227
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27891
x-xss-protection: 0
last-modified: Thu, 11 Nov 2021 23:24:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Mon, 22 Nov 2021 21:14:46 GMT

GET
H/1.1 200
OK player-style-612bcd83cfdade279dc6.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame 8FFA 88 KB
13 KB 56ms
8ms Stylesheet
text/css 143.204.101.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-612bcd83cfdade279dc6.css
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5fbe751038d069741986d243.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_dd966350-9bc5-4fcb-ac5b-9877f37236e0_similar2-3-personalized_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-162.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57102516e9d7dfa4054ae168e5001791794304dc2b316c8113164cfd206cc930

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 00:30:23 GMT
Content-Encoding: gzip
Age: 1801991
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 12662
Last-Modified: Thu, 28 Oct 2021 18:50:54 GMT
Server: AmazonS3
ETag: "6fdced36de432dc636a7b1acc435e496"
x-amz-version-id: wiBfkFNw4L73vEFsVqbsAQeY3b1._nLN
Via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Type: text/css; charset=utf-8
X-Amz-Cf-Id: lrBwZFpkiXav_aH5oGfnDw_Omux7afS9pFzvBoKJ6rrj_VETVm57QQ==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK main-4d320d99e545eb7aef6a.js Show response
d2c8v52ll5s99u.cloudfront.net/player/ Frame 8FFA 816 KB
223 KB 19ms
10ms Script
application/javascript 143.204.101.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5fbe751038d069741986d243.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_dd966350-9bc5-4fcb-ac5b-9877f37236e0_similar2-3-personalized_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-162.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e084a2ab3d44702a3c41ebe5e881ec99f74364cb30d3776b7b5f9df67200b945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 15:16:23 GMT
Content-Encoding: gzip
Age: 1057631
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 227231
Last-Modified: Mon, 08 Nov 2021 17:35:54 GMT
Server: AmazonS3
ETag: "0fc0ed3c8c045f78b1eb5ca82396dc01"
x-amz-version-id: HF0ZR01.i8uPcZuTNiME0TWsRef19XUU
Via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: QELbLp6A7UTj1Aq9Qg5CINAZS3YFCPvaFzEuj9d4j4mmgTEloKptTg==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET s2s-hb
pbs.getpublica.com/v1/ 0
0

GET
H/1.1 200
OK onetag Show response
assoc-na.associates-amazon.com/ 64 B
463 B 117ms
117ms XHR
application/json 72.21.195.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22arstech20-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed%22%7D&u=https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Requested by: Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: Server /
Resource Hash: 23b3e1169aec7a08605694e9b49078b4ef68356f9ae18c533438a83ba53b325b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:33 GMT
Server: Server
x-amz-rid: REBSCWXCXZXTAPZ7NJCP
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type: application/json
Access-Control-Allow-Origin: https://arstechnica.com
Access-Control-Allow-Credentials: true
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 64

GET
H/1.1 200
OK embed-api.json Show response
player.cnevids.com/ 10 KB
4 KB 10ms
10ms Fetch
application/json 143.204.98.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://player.cnevids.com/embed-api.json?videoId=60881503dc31e52256a68df3&embedLocation=arstechnica

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60881503dc31e52256a68df3.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady46722945

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.125 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-125.fra50.r.cloudfront.net

Software

nginx/1.18.0 /

Resource Hash

321cb074d55bfb49606924d5be43291496da9859d3562d60225ac18a0d7e0e8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:00:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Age: 212
X-Cache: Hit from cloudfront
Status: 200 OK
Access-Control-Max-Age: 1728000
Connection: keep-alive
Content-Length: 3496
X-XSS-Protection: 1; mode=block
X-Request-Id: 1992b174-8383-4e23-9c66-e60fbb2973f6
X-Runtime: 0.009057
X-Backend-Node: 10.110.45.86
Referrer-Policy: strict-origin-when-cross-origin
Server: nginx/1.18.0
ETag: W/"90155645bd46250eb88c212ec74b8b84"
X-Download-Options: noopen
Vary: Origin,Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Content-Type: application/json; charset=utf-8
Via: 1.1 1f49a084ca923f375f74b42fa36ef429.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control: max-age=300, public
X-Amz-Cf-Pop: FRA50-C1
Access-Control-Allow-Origin: *
X-Amz-Cf-Id: BRQk7jNLe0NLESZshruG3XH4_5LjaSncZCYgK30gQcjn5y9cZ4P9HQ==

GET
H3 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 7DA8 368 KB
122 KB 33ms
17ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60881503dc31e52256a68df3.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady46722945

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125138
x-xss-protection: 0
expires: Mon, 22 Nov 2021 21:03:33 GMT

GET
H/1.1 200
OK player-style-612bcd83cfdade279dc6.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame 7DA8 88 KB
13 KB 8ms
7ms Stylesheet
text/css 143.204.101.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-612bcd83cfdade279dc6.css
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60881503dc31e52256a68df3.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady46722945
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-162.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 57102516e9d7dfa4054ae168e5001791794304dc2b316c8113164cfd206cc930

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Tue, 02 Nov 2021 00:30:23 GMT
Content-Encoding: gzip
Age: 1801991
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 12662
Last-Modified: Thu, 28 Oct 2021 18:50:54 GMT
Server: AmazonS3
ETag: "6fdced36de432dc636a7b1acc435e496"
x-amz-version-id: wiBfkFNw4L73vEFsVqbsAQeY3b1._nLN
Via: 1.1 f6c241b75ae7d21ac836339454ab90b8.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Type: text/css; charset=utf-8
X-Amz-Cf-Id: q20mpjC1yo44MQrcBBQU1MQg4V8wWXfYsokAVlOSDd-Cgb2idqeOsw==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H/1.1 200
OK main-4d320d99e545eb7aef6a.js Show response
d2c8v52ll5s99u.cloudfront.net/player/ Frame 7DA8 816 KB
223 KB 9ms
9ms Script
application/javascript 143.204.101.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Requested by: Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60881503dc31e52256a68df3.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady46722945
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-162.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e084a2ab3d44702a3c41ebe5e881ec99f74364cb30d3776b7b5f9df67200b945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Wed, 10 Nov 2021 15:16:23 GMT
Content-Encoding: gzip
Age: 1057631
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 227231
Last-Modified: Mon, 08 Nov 2021 17:35:54 GMT
Server: AmazonS3
ETag: "0fc0ed3c8c045f78b1eb5ca82396dc01"
x-amz-version-id: HF0ZR01.i8uPcZuTNiME0TWsRef19XUU
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: P_sIOX8OCgSv9NmZAetEO6BDdSSGKcK_VEz716UnmLrvJXpXExQFuA==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 42ms
40ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
last-modified: Wed, 27 Oct 2021 07:56:12 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1635321864.242948"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Wed, 22 Dec 2021 21:03:33 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 57ms
54ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
last-modified: Wed, 27 Oct 2021 07:56:12 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1635321845.447882"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 22 Dec 2021 21:03:33 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 379ms
98ms Fetch
text/plain 70.42.32.63
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=4a31b7df6b05e89060150aab942b24d0_6817_1637615013606&tm=583&eT=0&widgetWidth=1220&widgetHeight=235&widgetX=190&widgetY=4357&wRV=2000520&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&cheq=0&rtt=258&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Nov 2021 21:03:34 GMT
content-encoding: gzip
X-TraceId: b63da82bcc2da4262cd8c335aae61c64
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 404 infinityid Show response
arstechnica.com/ 3 KB
2 KB 110ms
109ms XHR
text/html 18.190.84.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://arstechnica.com/infinityid
Requested by: Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.190.84.233 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-190-84-233.us-east-2.compute.amazonaws.com
Software: nginx/1.17.10 /
Resource Hash: 18794d2ef2e62636a8d7cea1ce420a572c82e448ab1e4a0a9b817013e99e25f4

Request headers

Accept: text/plain
Referer: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
server: nginx/1.17.10
etag: W/"5f51280a-dd3"
content-type: text/html

GET
H/1.1 200
OK user Show response
4d.condenastdigital.com/ 67 B
463 B 117ms
117ms XHR
application/json 3.228.34.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://4d.condenastdigital.com/user?xid=611c038c-1d6b-4a4a-a1a4-a98432d18427
Requested by: Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.34.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-34-240.compute-1.amazonaws.com
Software: /
Resource Hash: bce95819f6aad47989b09050f087dbfa9290fb602b3db8d48af0fac1846d482d

Request headers

Accept: text/plain
Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
transfer-encoding: chunked
Content-Type: application/json; charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-expose-headers: WWW-Authenticate,Server-Authorization
cache-control: no-cache
access-control-allow-credentials: true
Connection: keep-alive

GET
BLOB 200
OK 002510c8-e83f-4ff3-b783-e50c79d24f16
https://arstechnica.com/ Frame 8FFA 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/002510c8-e83f-4ff3-b783-e50c79d24f16
Requested by: Host: arstechnica.com
URL: https://arstechnica.com/gadgets/2021/11/beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns/?utm_social-type=owned
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1 200
OK sf-ui-display-medium-webfont.woff2
d2c8v52ll5s99u.cloudfront.net/assets/fonts/ Frame 7DA8 29 KB
30 KB 399ms
382ms Font
application/font-woff2 143.204.101.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-612bcd83cfdade279dc6.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-162.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

Referer: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-612bcd83cfdade279dc6.css
Origin: https://arstechnica.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
ETag: "7d18db04f980971f2a9c5026bbc34bed"
X-Amz-Cf-Pop: FRA50-C1
X-Cache: RefreshHit from cloudfront
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 29632
Access-Control-Allow-Origin: *
Last-Modified: Mon, 26 Jun 2017 15:24:42 GMT
Server: AmazonS3
Date: Mon, 22 Nov 2021 21:03:35 GMT
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff2
Via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: qA-8ZGEk1g05JGpvDfYV5GDB6-8vnMCn2jtHywZCnIti9vElO9xUeA==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H3 200 bridge3.489.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame AC01 580 KB
190 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194780
date: Tue, 16 Nov 2021 04:10:30 GMT
expires: Wed, 16 Nov 2022 04:10:30 GMT
last-modified: Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 579183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 7DA8 44 KB
17 KB 91ms
40ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Nov 2021 21:03:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 7DA8 98 KB
26 KB 24ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: p0WIb5nk/d36Zq1Lrpfh4FZDpgcRqEIRviFngbeKrXbkLpcsh4SavZ6nM2tG1Qewrnid8fI25OZnTt1QK+7SfA==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 22 Nov 2021 21:03:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK comscore-min.js Show response
d2c8v52ll5s99u.cloudfront.net/player/ Frame 7DA8 38 KB
11 KB 21ms
20ms Script
text/javascript 143.204.101.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/comscore-min.js
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-162.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 24 May 2017 18:19:15 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: W/"054acb6fbd2b2a6c1ac561705bffb0cc"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Date: Mon, 22 Nov 2021 21:03:33 GMT
Connection: keep-alive
X-Amz-Cf-Id: PQPyETfQFDuxW-VmGUxGydBqBud_C2OyVviyPRCxXoPwzHo7veiSuw==

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Ping
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 7DA8 48 B
48 B 103ms
102ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-11-22T21%3A03%3A33.836Z&_c=&_t=Player%20Requested&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:34 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 7DA8 48 B
48 B 205ms
102ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-11-22T21%3A03%3A33.904Z&_c=initial&_t=gptData&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&dim1=%7B%22adBlocked%22%3Afalse%2C%22adUnits%22%3A%5B%223379%2Fconde.ars%2Finterstitial%2Fgadgets%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fhero%2Fgadgets%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Fgadgets%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Fgadgets%2Farticle%2F2%22%2C%223379%2Fconde.ars%2Frail%2Fgadgets%2Farticle%2F3%22%2C%223379%2Fconde.ars%2Fmid-content%2Fgadgets%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fmid-content%2Fgadgets%2Farticle%2F2%22%5D%2C%22embedLocation%22%3A%22arstechnica%22%2C%22error%22%3A%22%22%2C%22lineItems%22%3A%5B%5D%2C%22publicaEnabled%22%3Afalse%2C%22videoId%22%3A%2260881503dc31e52256a68df3%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:34 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1619531614/ Frame 7DA8 19 KB
20 KB 15ms
14ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1619531614/arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

39e62be89d72bb8938540acfe03e04181b0e8573a62373de3c6cff36e0d996b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-11-21T03:05:17.190Z;desc=hit,rtt;dur=1
Content-Length: 19854
Last-Modified: Tue, 27 Apr 2021 17:52:35 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "3ad3d82e958cb7c416d499788317b249"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: MKR-mX8-8RPP7IS7LtOaCDEVN9o54wKza1tDDqdX0GiAkIvpTOPRNA==

GET
BLOB 200
OK 2e725ed5-2c87-4ebb-9c64-e07b293a12f8
https://arstechnica.com/ Frame 7DA8 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/2e725ed5-2c87-4ebb-9c64-e07b293a12f8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H/1.1 200
OK track
capture.condenastdigital.com/ 48 B
48 B 248ms
102ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_ts=2021-11-22T21%3A03%3A33.997Z&_t=pageview&cBr=Ars%20Technica&cKe=advanced%20persistent%20threat%7CIran%7Cransomware&cCh=gadgets&cTi=Hackers%20backed%20by%20Iran%20are%20targeting%20US%20critical%20infrastructure%2C%20US%20warns&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=957&cId=1813895&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns&pRt=referral&pHp=%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&pRr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&pWw=1600&pWh=1200&pPw=1600&pPh=5100&pSw=1600&pSh=1200&uID=5a73d2f7-38a9-4f24-99e0-f04165b02587&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&uDt=desktop&_o=ars-technica&_c=general&xID=611c038c-1d6b-4a4a-a1a4-a98432d18427&environment=prod&origin=ars-technica
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:34 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 206
Partial Content a5ca9889-23e3-4e66-a06d-1548d413a019thumbs.mp4
dp8hsntg6do36.cloudfront.net/60881503dc31e52256a68df3/ Frame 7DA8 109 KB
0 37ms
8ms Media
video/mp4 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60881503dc31e52256a68df3/a5ca9889-23e3-4e66-a06d-1548d413a019thumbs.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 22 Nov 2021 03:28:47 GMT
Via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
Last-Modified: Tue, 27 Apr 2021 13:44:36 GMT
Server: AmazonS3
Age: 147609
ETag: "aace23d0172a3743af5a3189974a5fc2"
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-459381/459382
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 459382
X-Amz-Cf-Id: F8j-oTHkThSLG6_Ya2ne6Ox9LHIkbxmlAL1OnBysxUQmEq5o8Dl6yg==

GET
H/1.1 206
Partial Content a5ca9889-23e3-4e66-a06d-1548d413a019thumbs.mp4
dp8hsntg6do36.cloudfront.net/60881503dc31e52256a68df3/ Frame 7DA8 46 KB
0 37ms
9ms Media
video/mp4 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60881503dc31e52256a68df3/a5ca9889-23e3-4e66-a06d-1548d413a019thumbs.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 22 Nov 2021 03:28:47 GMT
Via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e5.cloudfront.net (CloudFront)
Last-Modified: Tue, 27 Apr 2021 13:44:36 GMT
Server: AmazonS3
Age: 147609
ETag: "aace23d0172a3743af5a3189974a5fc2"
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-459381/459382
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 459382
X-Amz-Cf-Id: tyAavUhiyUhUSa7d5HEGLZhE1W1BHMuy93GToQqI9YGZ7TW9bmbhSA==

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 7DA8 48 B
48 B 240ms
101ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-11-22T21%3A03%3A34.026Z&_c=Player%20Event&_t=Player%20Loaded&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fsitrep-f-16-replacement-search-a-signal-of-f-35-fail&cId=60881503dc31e52256a68df3&cKe=SITREP%2Cf16%2Cf35%2Cf-16%2Cf-35&cPd=2021-04-28T15%3A00%3A00%2B00%3A00&cTi=SITREP%3A%20F-16%20replacement%20search%20a%20signal%20of%20F-35%20fail%3F&mDu=153&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&pWw=584&pWh=328.5&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&uId=5a73d2f7-38a9-4f24-99e0-f04165b02587&xid=611c038c-1d6b-4a4a-a1a4-a98432d18427&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%226ed7652%22%2C%22guid%22%3A%22bff96584-1893-b4d3-48cd-757e6de218f6%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22manual%22%2C%22playerDepth%22%3A3747.75%2C%22playerType%22%3A%22video-continuous%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3Anull%2C%22recStrategy%22%3Anull%2C%22sticky%22%3Afalse%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22OUT_OF_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:34 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK a5ca9889-23e3-4e66-a06d-1548d413a019manifest-ios.m3u8 Show response
dp8hsntg6do36.cloudfront.net/60881503dc31e52256a68df3/ Frame 7DA8 918 B
1 KB 26ms
8ms XHR
application/x-mpegurl 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60881503dc31e52256a68df3/a5ca9889-23e3-4e66-a06d-1548d413a019manifest-ios.m3u8?videoIndex=0&requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e5aba053986fb4ae8df831de0b4e2c3b896de23761298d1fe3aa537a8c1c2fc8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 04:17:56 GMT
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
Vary: Origin
Age: 60446
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 918
Last-Modified: Tue, 27 Apr 2021 13:44:13 GMT
Server: AmazonS3
ETag: "7429a6d3a6be2df943a90c3979000816"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: mqHvJC8exYDUuISZyW21TBsFFfI68WZ_EjksnFJf2kgiKW0I62qpxA==

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D2E7 37 KB
13 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 22 Nov 2021 21:11:20 GMT

GET
BLOB 200
OK 993fdf23-91d2-404d-a7ca-00e921220b99
https://arstechnica.com/ Frame 7DA8 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/993fdf23-91d2-404d-a7ca-00e921220b99
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 173d7c7e266672df75c4e048a934c55ee24d9a9028a87fd2957e74d1bd6a8d08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 5409
Content-Type: application/javascript

GET
H/1.1 200
OK arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1619531614/ Frame 7DA8 19 KB
20 KB 27ms
11ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

39e62be89d72bb8938540acfe03e04181b0e8573a62373de3c6cff36e0d996b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Origin: https://arstechnica.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 100
X-Cache: Hit from cloudfront
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-11-21T03:05:17.190Z;desc=hit,rtt;dur=1
Content-Length: 19854
Last-Modified: Tue, 27 Apr 2021 17:52:35 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "3ad3d82e958cb7c416d499788317b249"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: jT_HBycl_UuCvFiWAPMYSegU2SLmPc4HslCboit-tZEMdpwuDPZ3Ig==

GET
H/1.1 200
OK arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1619531614/ Frame 7DA8 19 KB
20 KB 8ms
8ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

39e62be89d72bb8938540acfe03e04181b0e8573a62373de3c6cff36e0d996b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 1
X-Cache: Hit from cloudfront
Date: Mon, 22 Nov 2021 21:03:33 GMT
Server-Timing: fastly;dur=1;cpu=0;start=2021-11-21T03:05:17.190Z;desc=hit,rtt;dur=1
Content-Length: 19854
Last-Modified: Tue, 27 Apr 2021 17:52:35 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "3ad3d82e958cb7c416d499788317b249"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: oxx5oBFA0gX_aIKER-4nTttOSm-BAux8aPK3fv1NvlKpA8zkhpwfag==

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 7DA8 2 KB
2 KB 44ms
43ms XHR
text/xml 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=640x480|480x70&iu=/3379/conde.ars/player/gadgets/article&ciu_szs=300x60&gdfp_req=1&env=vp&output=vmap&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dgadgets%26env_server%3Dproduction%26ctx_cns_version%3D6.52.0%26ctx_page_slug%3Dbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%26cnt_tags%3Dadvanced-persistent-threat%252Ciran%252Cransomware%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D37%26usr_bkt_pv%3D77%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D112200%252C112208%252C121100%252C131100%252C131130%252C230163%252C300003%252C210001%252C240000%252C240002%252C240003%252C240004%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240017%252C240015%252C240016%252C240018%252C240019%252Cqx7745%252Cxm1ai0%252Cmiovit%252Cap05we%252C65f9pd%252Cuas8ja%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_sid%3D22924b41-9af2-4401-b4e0-f9da5234ced3%26vnd_4d_pid%3Db5439ca9-afdb-4352-a113-9a3364c2e948%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D%26ctx_line_items%3D%26height%3D329%26muted%3D0%26right_rail%3D0%26sensitive%3D0%26width%3D584&correlator=3585451303576987&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fsitrep-f-16-replacement-search-a-signal-of-f-35-fail&vid=60881503dc31e52256a68df3&cmsid=1495&ppid=611c038c1d6b4a4aa1a4a98432d18427

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

76e3c480ce0fd74185bbf9d8806f76239f775b628f66bc775cd09e8e09c7240b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1234
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1663130473914833 Show response
connect.facebook.net/signals/config/ Frame 7DA8 306 KB
87 KB 20ms
8ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1663130473914833?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7a64a01e9ecc2e7895c9033ad5302c064ac3060e96d2e036830017aad03b6cf0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89493
x-xss-protection: 0
pragma: public
x-fb-debug: CxNDAMt+L7jNNR8wHTeQZAuH32xgRiNZ/eeGZcRMKekD42SBnKcWQYc1pkvodhMLUvSsLyJxqJidA9Jf0Ux7CQ==
x-frame-options: DENY
date: Mon, 22 Nov 2021 21:03:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK a5ca9889-23e3-4e66-a06d-1548d413a019file-1422k-128-48000-768.m3u8 Show response
dp8hsntg6do36.cloudfront.net/60881503dc31e52256a68df3/ Frame 7DA8 2 KB
902 B 8ms
8ms XHR
application/x-mpegurl 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60881503dc31e52256a68df3/a5ca9889-23e3-4e66-a06d-1548d413a019file-1422k-128-48000-768.m3u8?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8d4c241b81f94970e953db16cb99ebfdc6985e0872d9ddf824ab03bba7b09909

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 01:54:47 GMT
Content-Encoding: gzip
Vary: Origin
Age: 68928
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Tue, 27 Apr 2021 13:45:22 GMT
Server: AmazonS3
ETag: W/"3a5f005ff858879e9a1b9099857c8332"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: Cz7T7IhPZDVWDLDYcofIHxVT20C3H2ZzYuPXkSeD5vYAWyis0a3rag==

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Ping
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatvideo.js Show response
z.moatads.com/condenastjsvideocontent160527792519/ Frame 7DA8 315 KB
106 KB 12ms
12ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/condenastjsvideocontent160527792519/moatvideo.js
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 11a8668b19ef6097fff8a804c29df8a509e2f83bc09b49cd0be7d47f32d0e6c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:34 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:27:55 GMT
server: AmazonS3
x-amz-request-id: P9CNHTX9Y57BH9V5
etag: "57a063c1de998718ff62aa16da7f10b5"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=18206
accept-ranges: bytes
content-length: 107878
x-amz-id-2: lIFbrz5okSsdS4qseNPzjfG6M81bzAAPSNlk45ARqO2hifydKF2VstDR2plHZCnpleiL3zyImw4=

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 7DA8 48 B
48 B 188ms
108ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-11-22T21%3A03%3A34.137Z&_c=Video%20Ad&_t=Ad%20Call%20Made&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fsitrep-f-16-replacement-search-a-signal-of-f-35-fail&cId=60881503dc31e52256a68df3&cKe=SITREP%2Cf16%2Cf35%2Cf-16%2Cf-35&cPd=2021-04-28T15%3A00%3A00%2B00%3A00&cTi=SITREP%3A%20F-16%20replacement%20search%20a%20signal%20of%20F-35%20fail%3F&cTy=%2F3379%2Fconde.ars%2Fplayer%2Fgadgets%2Farticle&mDu=153&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&pWw=584&pWh=328.5&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&uId=5a73d2f7-38a9-4f24-99e0-f04165b02587&xid=611c038c-1d6b-4a4a-a1a4-a98432d18427&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%226ed7652%22%2C%22guid%22%3A%22bff96584-1893-b4d3-48cd-757e6de218f6%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22manual%22%2C%22playerDepth%22%3A3747.75%2C%22playerType%22%3A%22video-continuous%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3Anull%2C%22recStrategy%22%3Anull%2C%22sticky%22%3Afalse%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22OUT_OF_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:34 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
BLOB 200
OK c651784c-7125-409c-bbc6-51aafb7a8212
https://arstechnica.com/ Frame 7DA8 63 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/c651784c-7125-409c-bbc6-51aafb7a8212
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0442f9cfdf3dd089726478361f6cbc8ff84238c13adaf271f52d1417dfad9a91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 64606
Content-Type: application/javascript

GET
H/1.1 200
OK a5ca9889-23e3-4e66-a06d-1548d413a019file-1422k-128-48000-768-00001.ts Show response
dp8hsntg6do36.cloudfront.net/60881503dc31e52256a68df3/ Frame 7DA8 989 KB
974 KB 17ms
16ms XHR
application/x-mpegurl 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/60881503dc31e52256a68df3/a5ca9889-23e3-4e66-a06d-1548d413a019file-1422k-128-48000-768-00001.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9855a59718962464e4d5f8b5d81bffb21b23697ec11d04554543258a02dabedf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 02:52:57 GMT
Content-Encoding: gzip
Vary: Origin
Age: 65646
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Tue, 27 Apr 2021 13:45:23 GMT
Server: AmazonS3
ETag: W/"0aa2da41aeca0e003bc0a25cd0bb4cd7"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: fwnMjo9gBfQDp6cNGRkq5folEctU-vqMLWAP4Pyb9YLch2ODVAgkJQ==

GET
H/1.1 200
OK track
capture.condenastdigital.com/ 48 B
48 B 187ms
105ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&app=playerservice&cCh=videos%2Fshow&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&uId=5a73d2f7-38a9-4f24-99e0-f04165b02587&xid=&_ts=2021-11-22T21%3A03%3A34.148Z&_c=error&_t=PrebidError&dim1=%7B%22errorData%22%3A%7B%22timeout%22%3A500%7D%7D&dim3=Timeout
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:34 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK sf-ui-display-medium-webfont.woff2
d2c8v52ll5s99u.cloudfront.net/assets/fonts/ Frame 8FFA 29 KB
30 KB 93ms
76ms Font
application/font-woff2 143.204.101.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-612bcd83cfdade279dc6.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-162.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

Referer: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-612bcd83cfdade279dc6.css
Origin: https://arstechnica.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
ETag: "7d18db04f980971f2a9c5026bbc34bed"
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 29632
Access-Control-Allow-Origin: *
Last-Modified: Mon, 26 Jun 2017 15:24:42 GMT
Server: AmazonS3
Date: Mon, 22 Nov 2021 21:03:35 GMT
Vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: application/font-woff2
Via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
Cache-Control: max-age=63072000, public
Accept-Ranges: bytes
X-Amz-Cf-Id: Zg1CIhqj3re5UjZLBuVHjNf8digypORU2_ooMObVx8A4imfFfXGFOA==
Expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H3 200 bridge3.489.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C088 580 KB
190 KB 7ms
7ms Document
text/html 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194780
date: Tue, 16 Nov 2021 04:10:30 GMT
expires: Wed, 16 Nov 2022 04:10:30 GMT
last-modified: Thu, 11 Nov 2021 23:22:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 579184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8FFA 44 KB
16 KB 39ms
24ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 22 Nov 2021 21:03:34 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 8FFA 98 KB
25 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: p0WIb5nk/d36Zq1Lrpfh4FZDpgcRqEIRviFngbeKrXbkLpcsh4SavZ6nM2tG1Qewrnid8fI25OZnTt1QK+7SfA==
x-frame-options: DENY
date: Mon, 22 Nov 2021 21:03:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK comscore-min.js Show response
d2c8v52ll5s99u.cloudfront.net/player/ Frame 8FFA 38 KB
11 KB 8ms
8ms Script
text/javascript 143.204.101.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2c8v52ll5s99u.cloudfront.net/player/comscore-min.js
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.101.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-162.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-amz-version-id: null
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 24 May 2017 18:19:15 GMT
Server: AmazonS3
Age: 1
ETag: W/"054acb6fbd2b2a6c1ac561705bffb0cc"
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 5f6905ea282e042ad3334bfed8a840ce.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Mon, 22 Nov 2021 21:03:33 GMT
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: QdZ-hkHaCIKY7cmbff4CGaIq_0uudrmNpBaAxYpSBVBSzSRLB91ybA==

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Ping
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 8FFA 48 B
48 B 131ms
107ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-11-22T21%3A03%3A34.150Z&_c=&_t=Player%20Requested&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:34 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 8FFA 48 B
48 B 131ms
104ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-11-22T21%3A03%3A34.196Z&_c=initial&_t=gptData&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&dim1=%7B%22adBlocked%22%3Afalse%2C%22adUnits%22%3A%5B%223379%2Fconde.ars%2Finterstitial%2Fgadgets%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fhero%2Fgadgets%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Fgadgets%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Fgadgets%2Farticle%2F2%22%2C%223379%2Fconde.ars%2Frail%2Fgadgets%2Farticle%2F3%22%2C%223379%2Fconde.ars%2Fmid-content%2Fgadgets%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fmid-content%2Fgadgets%2Farticle%2F2%22%5D%2C%22embedLocation%22%3A%22arstechnica%22%2C%22error%22%3A%22%22%2C%22lineItems%22%3A%5B%5D%2C%22publicaEnabled%22%3Afalse%2C%22videoId%22%3A%225fbe751038d069741986d243%22%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:34 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK arstechnica_blade-runner-game-designer-louis-castle-extended-interview.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1606334519/ Frame 8FFA 54 KB
54 KB 22ms
22ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1606334519/arstechnica_blade-runner-game-designer-louis-castle-extended-interview.jpg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

fec42251b609d8b4fe4af4f0d5a4b2389feabd5f61aec3ad12e136be94e68d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA50-C1
X-Cache: RefreshHit from cloudfront
Date: Mon, 22 Nov 2021 21:03:34 GMT
Server-Timing: fastly;dur=1;start=2021-11-20T04:08:07.107Z;desc=hit,rtt;dur=5
Content-Length: 54947
Last-Modified: Mon, 30 Nov 2020 16:04:28 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "93bb85b226bf266717d9d17346d786f6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: ggWMc702Lxpoqplc9Bh7j7jYHP8uS7X28cEMslK-04AFB2Ie42IqIg==

GET
H/1.1 206
Partial Content 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4thumbs.mp4
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8FFA 128 KB
0 8ms
8ms Media
video/mp4 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4thumbs.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 22 Nov 2021 02:18:23 GMT
Via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Nov 2020 15:50:34 GMT
Server: AmazonS3
Age: 67578
ETag: "bea14c892156385680ebbbcf6f396a0b"
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-6489245/6489246
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 6489246
X-Amz-Cf-Id: 346X2treJlOts2Dp-MPTiEdZWT0vZEzjXdnUczwzhCf8Gy7rm0282w==

GET
H/1.1 206
Partial Content 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4thumbs.mp4
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8FFA 64 KB
0 40ms
17ms Media
video/mp4 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4thumbs.mp4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://arstechnica.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 22 Nov 2021 02:18:23 GMT
Via: 1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
Last-Modified: Wed, 25 Nov 2020 15:50:34 GMT
Server: AmazonS3
Age: 67578
ETag: "bea14c892156385680ebbbcf6f396a0b"
X-Cache: Hit from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-6489245/6489246
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 6489246
X-Amz-Cf-Id: 1Lx1rMw4PUgR7L89dqbSQNox7yKegBFroYBuLs3mIJTf_hiFQiXZwg==

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 8FFA 48 B
48 B 136ms
109ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-11-22T21%3A03%3A34.297Z&_c=Player%20Event&_t=Player%20Loaded&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fblade-runner-game-director-louis-castle-extended-interview&cId=5fbe751038d069741986d243&cKe=ars%20technica%20war%20stories%2Cblade%20runner%20the%20game%2Cblade%20runner%20war%20stories%2Cars%20blade%20runner%2Cblade%20runner%20louis%20castle%2Clouis%20castle%20westwood%2Cblade%20runner%20game%2Cblade%20runner%20pc%20game%2Cblade%20runner%20game%20development%2Cblade%20runner%20game%20developer%2Cblade%20runner%201997%2Cblade%20runner%20game%201997%2Clouis%20castle%20game%20director%2Clouis%20castle%20interview%2Cwar%20stories%20extended%2Cblade%20runner%20gameplay%2Cblade%20runner%20game%20review%2Cmaking%20of%20blade%20runner%20game%2Clouis%20castle%20westwood%20studios&cPd=2020-11-30T16%3A00%3A00%2B00%3A00&cTi=Blade%20Runner%20Game%20Director%20Louis%20Castle%3A%20Extended%20Interview&mDu=2488&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&pWw=276&pWh=155.25&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&uId=5a73d2f7-38a9-4f24-99e0-f04165b02587&xid=611c038c-1d6b-4a4a-a1a4-a98432d18427&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%226ed7652%22%2C%22guid%22%3A%2223b0cf0d-7d06-8514-4e24-b8a8d65612d9%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_dd966350-9bc5-4fcb-ac5b-9877f37236e0_similar2-3-personalized_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3Anull%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:34 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4manifest-ios.m3u8 Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8FFA 918 B
1 KB 44ms
11ms XHR
application/x-mpegurl 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4manifest-ios.m3u8?videoIndex=0&requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6e1a8b1bb3e5e1e5a8bb92ea1d8131ebb0fe1b2835b3d66f4886ccd4b5dabb27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 03:52:00 GMT
Via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
Vary: Origin
Age: 63593
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 918
Last-Modified: Wed, 25 Nov 2020 15:45:48 GMT
Server: AmazonS3
ETag: "4dc9f35d061edf6357322c1385e440dc"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Access-Control-Allow-Origin: *
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: Wkupxp1-et3eTke9jLi76PffdsLWQtDEj1rBI30Kd9kAv4JA4h9ncA==

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 8FFA 48 B
48 B 127ms
104ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-11-22T21%3A03%3A34.313Z&_c=Player%20Event&_t=Player%20In%20Viewport&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fblade-runner-game-director-louis-castle-extended-interview&cId=5fbe751038d069741986d243&cKe=ars%20technica%20war%20stories%2Cblade%20runner%20the%20game%2Cblade%20runner%20war%20stories%2Cars%20blade%20runner%2Cblade%20runner%20louis%20castle%2Clouis%20castle%20westwood%2Cblade%20runner%20game%2Cblade%20runner%20pc%20game%2Cblade%20runner%20game%20development%2Cblade%20runner%20game%20developer%2Cblade%20runner%201997%2Cblade%20runner%20game%201997%2Clouis%20castle%20game%20director%2Clouis%20castle%20interview%2Cwar%20stories%20extended%2Cblade%20runner%20gameplay%2Cblade%20runner%20game%20review%2Cmaking%20of%20blade%20runner%20game%2Clouis%20castle%20westwood%20studios&cPd=2020-11-30T16%3A00%3A00%2B00%3A00&cTi=Blade%20Runner%20Game%20Director%20Louis%20Castle%3A%20Extended%20Interview&mDu=2488&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&pWw=276&pWh=155.25&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&uId=5a73d2f7-38a9-4f24-99e0-f04165b02587&xid=611c038c-1d6b-4a4a-a1a4-a98432d18427&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%226ed7652%22%2C%22guid%22%3A%2223b0cf0d-7d06-8514-4e24-b8a8d65612d9%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_dd966350-9bc5-4fcb-ac5b-9877f37236e0_similar2-3-personalized_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:34 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3A8C 37 KB
13 KB 47ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 20:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3134
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 22 Nov 2021 21:11:20 GMT

GET
BLOB 200
OK 73d8f7a2-e504-47d1-9c3b-4b1ed9e271d9
https://arstechnica.com/ Frame 8FFA 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/73d8f7a2-e504-47d1-9c3b-4b1ed9e271d9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 173d7c7e266672df75c4e048a934c55ee24d9a9028a87fd2957e74d1bd6a8d08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 5409
Content-Type: application/javascript

GET
H/1.1 200
OK arstechnica_blade-runner-game-designer-louis-castle-extended-interview.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1606334519/ Frame 8FFA 54 KB
54 KB 14ms
13ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

fec42251b609d8b4fe4af4f0d5a4b2389feabd5f61aec3ad12e136be94e68d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Origin: https://arstechnica.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront
Date: Mon, 22 Nov 2021 21:03:34 GMT
Server-Timing: fastly;dur=1;start=2021-11-20T04:08:07.107Z;desc=hit,rtt;dur=5
Content-Length: 54947
Last-Modified: Mon, 30 Nov 2020 16:04:28 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "93bb85b226bf266717d9d17346d786f6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: XbyrPWuME6e_s1zxJl8Q9jJCOupmBrQ3c_2oVnwGwUjClt8W56v6rw==

GET
H/1.1 200
OK arstechnica_blade-runner-game-designer-louis-castle-extended-interview.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1606334519/ Frame 8FFA 54 KB
54 KB 10ms
10ms Image
image/jpeg 143.204.101.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

143.204.101.94 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-101-94.fra50.r.cloudfront.net

Software

Cloudinary /

Resource Hash

fec42251b609d8b4fe4af4f0d5a4b2389feabd5f61aec3ad12e136be94e68d89

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=604800
Via: 1.1 632ee301c4920b52f2463aa9e978c57f.cloudfront.net (CloudFront)
X-Content-Type-Options: nosniff
Age: 0
X-Cache: Hit from cloudfront
Date: Mon, 22 Nov 2021 21:03:34 GMT
Server-Timing: fastly;dur=1;start=2021-11-20T04:08:07.107Z;desc=hit,rtt;dur=5
Content-Length: 54947
Last-Modified: Mon, 30 Nov 2020 16:04:28 GMT
Server: Cloudinary
Cache-Control: public, no-transform, max-age=300
ETag: "93bb85b226bf266717d9d17346d786f6"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Timing-Allow-Origin: *
X-Amz-Cf-Id: pnBj0mw0Y5NfobMPXBR4pVYiactR7_HPNj_rV-VgGz7A5Ec28BCJFw==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 27ms
19ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CONDEVIDEOCONTENT1&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1637615014335&de=419751869664&m=0&ar=553ffc12ef5-clean&iw=2b81bef&q=3&cb=0&ym=0&cu=1637615014335&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=SITREP_%20F-16%20replacement%20search%20a%20signal%20of%20F-35%20fail%3F%3A%2F3379%2Fconde.ars%2Fplayer%2Fgadgets%2Farticle%3Aundefined%3Aundefined&zMoatVideoId=60881503dc31e52256a68df3&zMoatAP=-&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&id=1&ii=4&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&gw=condenastjsvideocontent160527792519&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A931%3A931%3A1903%3A1075&fs=195402&na=207938999&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 21:03:34 GMT

GET
H3 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 8FFA 10 KB
1 KB 73ms
49ms XHR
text/xml 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?sz=640x360|480x70&iu=/3379/conde.ars/inline-player/gadgets/article&ciu_szs=300x60&gdfp_req=1&env=vp&output=vmap&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dgadgets%26env_server%3Dproduction%26ctx_cns_version%3D6.52.0%26ctx_page_slug%3Dbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%26cnt_tags%3Dadvanced-persistent-threat%252Ciran%252Cransomware%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D37%26usr_bkt_pv%3D77%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D112200%252C112208%252C121100%252C131100%252C131130%252C230163%252C300003%252C210001%252C240000%252C240002%252C240003%252C240004%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240017%252C240015%252C240016%252C240018%252C240019%252Cqx7745%252Cxm1ai0%252Cmiovit%252Cap05we%252C65f9pd%252Cuas8ja%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_sid%3D22924b41-9af2-4401-b4e0-f9da5234ced3%26vnd_4d_pid%3Db5439ca9-afdb-4352-a113-9a3364c2e948%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D%26ctx_line_items%3D%26timeout%3D500%26height%3D155%26muted%3D1%26right_rail%3D0%26sensitive%3D0%26width%3D276&correlator=3585451303576987&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fblade-runner-game-director-louis-castle-extended-interview&vid=5fbe751038d069741986d243&cmsid=1495&ppid=611c038c1d6b4a4aa1a4a98432d18427

Requested by

Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

d9478103283fcc71a2d63fb1dd0e0e1fbf845129ca6a1083e5d83bb6bde0a804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1414
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-1422k-128-48000-768.m3u8 Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8FFA 33 KB
2 KB 9ms
9ms XHR
application/x-mpegurl 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-1422k-128-48000-768.m3u8?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e5dbc70548742ced0b9d86447bc609eb7656f8b771bc75ea076b09dae01eb774

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 04:28:10 GMT
Content-Encoding: gzip
Vary: Origin
Age: 59725
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:59:20 GMT
Server: AmazonS3
ETag: W/"d10d81c803baf3d3b5b117d8d96b4097"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: peBxhNu4uAapJ4gKKsg8_CeuxOWbqdqkW1CgErsZ-il8WAbFNH0X0Q==

GET
H2

200

p2
sb.scorecardresearch.com/ Frame 8FFA
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1637615014394_1&ns_st_ec=1&ns_st_sp=1&ns_st_sq=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_c...
https://sb.scorecardresearch.com/p2?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1637615014394_1&ns_st_ec=1&ns_st_sp=1&ns_st_sq=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_...

64 B
331 B

16ms
16ms

Image
image/gif

143.204.98.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1637615014394_1&ns_st_ec=1&ns_st_sp=1&ns_st_sq=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=2488000&ns_st_pb=1&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_ci=5fbe751038d069741986d243&ns_ts=1637615014394&ns_st_bt=0&ns_st_bp=0&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&c8=Blade%20Runner%20Game%20Director%20Louis%20Castle%3A%20Extended%20Interview&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null
Protocol: H2
Server: 143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-86.fra50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:34 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: oRRIIZ3HyrxJ_BTFe3cfHkNrzE9Ga1ZyqO9BLPPk0fNZNBNzWtl38w==

Redirect headers

date: Mon, 22 Nov 2021 21:03:34 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/p2?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1637615014394_1&ns_st_ec=1&ns_st_sp=1&ns_st_sq=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=2488000&ns_st_pb=1&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_ci=5fbe751038d069741986d243&ns_ts=1637615014394&ns_st_bt=0&ns_st_bp=0&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&c8=Blade%20Runner%20Game%20Director%20Louis%20Castle%3A%20Extended%20Interview&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null
content-length: 867
x-amz-cf-id: zBoq0h8Kz2iN9p6_y9etT9_1pFagceph43TDMGoxHtZ1SRFRxcIqug==

GET
H3 200 1663130473914833 Show response
connect.facebook.net/signals/config/ Frame 8FFA 306 KB
87 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1663130473914833?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7a64a01e9ecc2e7895c9033ad5302c064ac3060e96d2e036830017aad03b6cf0

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89493
x-xss-protection: 0
pragma: public
x-fb-debug: CxNDAMt+L7jNNR8wHTeQZAuH32xgRiNZ/eeGZcRMKekD42SBnKcWQYc1pkvodhMLUvSsLyJxqJidA9Jf0Ux7CQ==
x-frame-options: DENY
date: Mon, 22 Nov 2021 21:03:34 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
BLOB 200
OK 8b044f57-7466-4219-9a82-dd4ef5a7980a
https://arstechnica.com/ Frame 8FFA 63 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://arstechnica.com/8b044f57-7466-4219-9a82-dd4ef5a7980a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0442f9cfdf3dd089726478361f6cbc8ff84238c13adaf271f52d1417dfad9a91

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Length: 64606
Content-Type: application/javascript

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 15ms
14ms Ping
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 moatvideo.js Show response
z.moatads.com/condenastjsvideocontent160527792519/ Frame 8FFA 315 KB
106 KB 8ms
8ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/condenastjsvideocontent160527792519/moatvideo.js
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 11a8668b19ef6097fff8a804c29df8a509e2f83bc09b49cd0be7d47f32d0e6c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:34 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 14:27:55 GMT
server: AmazonS3
x-amz-request-id: P9CNHTX9Y57BH9V5
etag: "57a063c1de998718ff62aa16da7f10b5"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=18206
accept-ranges: bytes
content-length: 107878
x-amz-id-2: lIFbrz5okSsdS4qseNPzjfG6M81bzAAPSNlk45ARqO2hifydKF2VstDR2plHZCnpleiL3zyImw4=

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 8FFA 48 B
48 B 105ms
105ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-11-22T21%3A03%3A34.442Z&_c=Video%20Ad&_t=Ad%20Call%20Made&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fblade-runner-game-director-louis-castle-extended-interview&cId=5fbe751038d069741986d243&cKe=ars%20technica%20war%20stories%2Cblade%20runner%20the%20game%2Cblade%20runner%20war%20stories%2Cars%20blade%20runner%2Cblade%20runner%20louis%20castle%2Clouis%20castle%20westwood%2Cblade%20runner%20game%2Cblade%20runner%20pc%20game%2Cblade%20runner%20game%20development%2Cblade%20runner%20game%20developer%2Cblade%20runner%201997%2Cblade%20runner%20game%201997%2Clouis%20castle%20game%20director%2Clouis%20castle%20interview%2Cwar%20stories%20extended%2Cblade%20runner%20gameplay%2Cblade%20runner%20game%20review%2Cmaking%20of%20blade%20runner%20game%2Clouis%20castle%20westwood%20studios&cPd=2020-11-30T16%3A00%3A00%2B00%3A00&cTi=Blade%20Runner%20Game%20Director%20Louis%20Castle%3A%20Extended%20Interview&cTy=%2F3379%2Fconde.ars%2Finline-player%2Fgadgets%2Farticle&mDu=2488&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&pWw=276&pWh=155.25&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&uId=5a73d2f7-38a9-4f24-99e0-f04165b02587&xid=611c038c-1d6b-4a4a-a1a4-a98432d18427&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%226ed7652%22%2C%22guid%22%3A%2223b0cf0d-7d06-8514-4e24-b8a8d65612d9%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_dd966350-9bc5-4fcb-ac5b-9877f37236e0_similar2-3-personalized_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:34 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-1422k-128-48000-768-00001.ts Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8FFA 165 KB
146 KB 15ms
15ms XHR
application/x-mpegurl 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-1422k-128-48000-768-00001.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4976d521ab3918286d3cd1de1095e5ca97cf5371ec960d0c35b03b20ea1d7330

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 03:15:56 GMT
Content-Encoding: gzip
Vary: Origin
Age: 64059
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:59:16 GMT
Server: AmazonS3
ETag: W/"b9e00d6045b970a715955d93ba3dbc52"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: JH9-712IUUOdbUElgtDGbHPCHDAa6sq3mZav-bkiUirxrn9AEZfgwg==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CONDEVIDEOCONTENT1&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1637615014523&de=343906388239&m=0&ar=553ffc12ef5-clean&iw=2b81bef&q=6&cb=0&ym=0&cu=1637615014523&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=Blade%20Runner%20Game%20Director%20Louis%20Castle_%20Extended%20Interview%3A%2F3379%2Fconde.ars%2Finline-player%2Fgadgets%2Farticle%3Aundefined%3Aundefined&zMoatVideoId=5fbe751038d069741986d243&zMoatAP=true&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&id=1&ii=4&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&gw=condenastjsvideocontent160527792519&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A931%3A931%3A1903%3A1075&fs=195402&na=1676167784&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:34 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 21:03:34 GMT

GET
H3 303 ads Show response
pagead2.googlesyndication.com/gampad/ Frame AC01 136 B
125 B 40ms
23ms XHR
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?slotname=%2F3379%2Fconde.ars%2Fplayer%2Fgadgets%2Farticle&sz=640x480%7C480x70&ciu_szs=300x60&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dgadgets%26env_server%3Dproduction%26ctx_cns_version%3D6.52.0%26ctx_page_slug%3Dbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%26cnt_tags%3Dadvanced-persistent-threat%252Ciran%252Cransomware%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D37%26usr_bkt_pv%3D77%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D112200%252C112208%252C121100%252C131100%252C131130%252C230163%252C300003%252C210001%252C240000%252C240002%252C240003%252C240004%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240017%252C240015%252C240016%252C240018%252C240019%252Cqx7745%252Cxm1ai0%252Cmiovit%252Cap05we%252C65f9pd%252Cuas8ja%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_sid%3D22924b41-9af2-4401-b4e0-f9da5234ced3%26vnd_4d_pid%3Db5439ca9-afdb-4352-a113-9a3364c2e948%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D%26ctx_line_items%3D%26height%3D329%26muted%3D0%26right_rail%3D0%26sensitive%3D0%26width%3D584&url=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fsitrep-f-16-replacement-search-a-signal-of-f-35-fail&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&pmnd=0&pmxd=30000&pmad=2&vrid=1187211&ppid=611c038c1d6b4a4aa1a4a98432d18427&correlator=2065835152489985&cmsid=1495&video_doc_id=60881503dc31e52256a68df3&kfa=0&tfcd=0&sdkv=h.3.489.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=1550838534&sdk_apis=2%2C8&sid=A6478ADC-0698-460B-8305-8B8D599AC9B8&nel=1&eid=44753864&dlt=1637615013677&idt=450&dt=1637615014640&scor=1933011567893576&ged=ve4_td1_tt1_pd1_la1000_er4076.310.4229.610_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 7DA8 48 B
48 B 102ms
101ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-11-22T21%3A03%3A34.690Z&_c=Video%20Ad&_t=DFP%20Ad%20Error%20adLoadError%2C%20FAILED_TO_REQUEST_ADS%2C%20There%20was%20a%20problem%20requesting%20ads%20from%20the%20server.%2C%20Error%3A%206&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fsitrep-f-16-replacement-search-a-signal-of-f-35-fail&cId=60881503dc31e52256a68df3&cKe=SITREP%2Cf16%2Cf35%2Cf-16%2Cf-35&cPd=2021-04-28T15%3A00%3A00%2B00%3A00&cTi=SITREP%3A%20F-16%20replacement%20search%20a%20signal%20of%20F-35%20fail%3F&cTy=%2F3379%2Fconde.ars%2Fplayer%2Fgadgets%2Farticle&mDu=153&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&pWw=584&pWh=328.5&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&uId=5a73d2f7-38a9-4f24-99e0-f04165b02587&xid=611c038c-1d6b-4a4a-a1a4-a98432d18427&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%226ed7652%22%2C%22guid%22%3A%22bff96584-1893-b4d3-48cd-757e6de218f6%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22manual%22%2C%22playerDepth%22%3A3747.75%2C%22playerType%22%3A%22video-continuous%22%2C%22playsOnPage%22%3A1%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3Anull%2C%22recStrategy%22%3Anull%2C%22sticky%22%3Afalse%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22OUT_OF_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:34 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame C088 0
23 B 22ms
21ms XHR
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?sz=640x360%7C480x70&iu=%2F3379%2Fconde.ars%2Finline-player%2Fgadgets%2Farticle&ciu_szs=300x60&gdfp_req=1&env=vp&output=xml_vmap1&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dgadgets%26env_server%3Dproduction%26ctx_cns_version%3D6.52.0%26ctx_page_slug%3Dbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%26cnt_tags%3Dadvanced-persistent-threat%252Ciran%252Cransomware%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D37%26usr_bkt_pv%3D77%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D112200%252C112208%252C121100%252C131100%252C131130%252C230163%252C300003%252C210001%252C240000%252C240002%252C240003%252C240004%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240017%252C240015%252C240016%252C240018%252C240019%252Cqx7745%252Cxm1ai0%252Cmiovit%252Cap05we%252C65f9pd%252Cuas8ja%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_sid%3D22924b41-9af2-4401-b4e0-f9da5234ced3%26vnd_4d_pid%3Db5439ca9-afdb-4352-a113-9a3364c2e948%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D%26ctx_line_items%3D%26timeout%3D500%26height%3D155%26muted%3D1%26right_rail%3D0%26sensitive%3D0%26width%3D276&correlator=2205928158656180&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fblade-runner-game-director-louis-castle-extended-interview&vid=5fbe751038d069741986d243&cmsid=1495&ppid=611c038c1d6b4a4aa1a4a98432d18427&sdkv=h.3.489.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=3930290185&sdk_apis=2%2C8&sid=968255D7-0956-4C78-9D7D-2B93E6B66DD4&nel=1&eid=44712632%2C44750821%2C44754346&url=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&dlt=1637615013575&idt=946&dt=1637615014940&scor=1066388397754678&ged=ve4_td1_tt1_pd1_la1000_er637.1122.790.1422_vi0.0.1200.1600_vp0_eb16619

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.489.0_en.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:34 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 8FFA 48 B
48 B 106ms
105ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-11-22T21%3A03%3A34.971Z&_c=Video%20Ad&_t=DFP%20Ad%20Error%20adLoadError%2C%20UNKNOWN_AD_RESPONSE%2C%20The%20ad%20response%20was%20not%20understood%20and%20cannot%20be%20parsed.%2C%20null&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fblade-runner-game-director-louis-castle-extended-interview&cId=5fbe751038d069741986d243&cKe=ars%20technica%20war%20stories%2Cblade%20runner%20the%20game%2Cblade%20runner%20war%20stories%2Cars%20blade%20runner%2Cblade%20runner%20louis%20castle%2Clouis%20castle%20westwood%2Cblade%20runner%20game%2Cblade%20runner%20pc%20game%2Cblade%20runner%20game%20development%2Cblade%20runner%20game%20developer%2Cblade%20runner%201997%2Cblade%20runner%20game%201997%2Clouis%20castle%20game%20director%2Clouis%20castle%20interview%2Cwar%20stories%20extended%2Cblade%20runner%20gameplay%2Cblade%20runner%20game%20review%2Cmaking%20of%20blade%20runner%20game%2Clouis%20castle%20westwood%20studios&cPd=2020-11-30T16%3A00%3A00%2B00%3A00&cTi=Blade%20Runner%20Game%20Director%20Louis%20Castle%3A%20Extended%20Interview&cTy=%2F3379%2Fconde.ars%2Finline-player%2Fgadgets%2Farticle&mDu=2488&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&pWw=276&pWh=155.25&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&uId=5a73d2f7-38a9-4f24-99e0-f04165b02587&xid=611c038c-1d6b-4a4a-a1a4-a98432d18427&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%226ed7652%22%2C%22guid%22%3A%2223b0cf0d-7d06-8514-4e24-b8a8d65612d9%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_dd966350-9bc5-4fcb-ac5b-9877f37236e0_similar2-3-personalized_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:35 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

POST
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
16ms Ping
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://arstechnica.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4cc.vtt Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8FFA 99 KB
100 KB 12ms
12ms XHR
text/vtt 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4cc.vtt
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0e99828cefaa6f9693ef337e90845b5d552f41f60f7c307c58a98c188154b7cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:35 GMT
Via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
Vary: Origin
X-Amz-Cf-Pop: FRA50-C1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 101695
Last-Modified: Wed, 25 Nov 2020 23:37:42 GMT
Server: AmazonS3
ETag: "bc1afe99a5b2115be21a54a59ccfa4f9"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: text/vtt; charset=utf-8
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
X-Amz-Cf-Id: 0uTrQ6gsqzzgJjMoxrHwEdOuYnE-kIJCErSsl7EZLbWY0pNdIK3KpQ==

GET
H2 200 /
www.facebook.com/tr/ Frame 8FFA 44 B
295 B 29ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1663130473914833&ev=Start&dl=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&rl=&if=true&ts=1637615014979&cd[brand]=arstechnica&cd[url]=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&cd[category]=Video%20View&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1637615014978.250654641&it=1637615014398&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 22 Nov 2021 21:03:35 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&i=CONDEVIDEOCONTENT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CxRYrdgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-hrBp6wlWe0wLgg%3D%3D&sc=1&os=1-fw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pcode=condenastprebidheader987326845656&rx=452284425161&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=8&g=0&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=155&w=276&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&id=1&ii=4&f=0&j=&t=1637615014523&de=343906388239&cu=1637615014523&m=476&ar=553ffc12ef5-clean&iw=2b81bef&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5106&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A931%3A931%3A1903%3A1075&as=0&ag=34&an=0&gf=34&gg=0&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=34&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=467&cd=0&ah=467&am=0&dq=68&dr=0&ds=68&dt=0&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&rf=0&re=0&cl=0&at=0&d=Blade%20Runner%20Game%20Director%20Louis%20Castle_%20Extended%20Interview%3A%2F3379%2Fconde.ars%2Finline-player%2Fgadgets%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5fbe751038d069741986d243&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1411312979&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 21:03:35 GMT

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 8FFA 48 B
48 B 107ms
107ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-11-22T21%3A03%3A35.002Z&_c=Video%20View&_t=Content%20Start&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fblade-runner-game-director-louis-castle-extended-interview&cId=5fbe751038d069741986d243&cKe=ars%20technica%20war%20stories%2Cblade%20runner%20the%20game%2Cblade%20runner%20war%20stories%2Cars%20blade%20runner%2Cblade%20runner%20louis%20castle%2Clouis%20castle%20westwood%2Cblade%20runner%20game%2Cblade%20runner%20pc%20game%2Cblade%20runner%20game%20development%2Cblade%20runner%20game%20developer%2Cblade%20runner%201997%2Cblade%20runner%20game%201997%2Clouis%20castle%20game%20director%2Clouis%20castle%20interview%2Cwar%20stories%20extended%2Cblade%20runner%20gameplay%2Cblade%20runner%20game%20review%2Cmaking%20of%20blade%20runner%20game%2Clouis%20castle%20westwood%20studios&cPd=2020-11-30T16%3A00%3A00%2B00%3A00&cTi=Blade%20Runner%20Game%20Director%20Louis%20Castle%3A%20Extended%20Interview&cTy=%2F3379%2Fconde.ars%2Finline-player%2Fgadgets%2Farticle&mDu=2488&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&pWw=276&pWh=155.25&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&uId=5a73d2f7-38a9-4f24-99e0-f04165b02587&xid=611c038c-1d6b-4a4a-a1a4-a98432d18427&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%226ed7652%22%2C%22guid%22%3A%2223b0cf0d-7d06-8514-4e24-b8a8d65612d9%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_dd966350-9bc5-4fcb-ac5b-9877f37236e0_similar2-3-personalized_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:35 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 8FFA 48 B
48 B 109ms
109ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-11-22T21%3A03%3A35.003Z&_c=Video%20View&_t=Any%20Start&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fblade-runner-game-director-louis-castle-extended-interview&cId=5fbe751038d069741986d243&cKe=ars%20technica%20war%20stories%2Cblade%20runner%20the%20game%2Cblade%20runner%20war%20stories%2Cars%20blade%20runner%2Cblade%20runner%20louis%20castle%2Clouis%20castle%20westwood%2Cblade%20runner%20game%2Cblade%20runner%20pc%20game%2Cblade%20runner%20game%20development%2Cblade%20runner%20game%20developer%2Cblade%20runner%201997%2Cblade%20runner%20game%201997%2Clouis%20castle%20game%20director%2Clouis%20castle%20interview%2Cwar%20stories%20extended%2Cblade%20runner%20gameplay%2Cblade%20runner%20game%20review%2Cmaking%20of%20blade%20runner%20game%2Clouis%20castle%20westwood%20studios&cPd=2020-11-30T16%3A00%3A00%2B00%3A00&cTi=Blade%20Runner%20Game%20Director%20Louis%20Castle%3A%20Extended%20Interview&cTy=%2F3379%2Fconde.ars%2Finline-player%2Fgadgets%2Farticle&mDu=2488&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&pWw=276&pWh=155.25&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&uId=5a73d2f7-38a9-4f24-99e0-f04165b02587&xid=611c038c-1d6b-4a4a-a1a4-a98432d18427&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%226ed7652%22%2C%22guid%22%3A%2223b0cf0d-7d06-8514-4e24-b8a8d65612d9%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_dd966350-9bc5-4fcb-ac5b-9877f37236e0_similar2-3-personalized_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:35 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-1422k-128-48000-768-00002.ts Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8FFA 384 KB
375 KB 10ms
10ms XHR
application/x-mpegurl 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-1422k-128-48000-768-00002.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cf3ac346996bb6026f9b290f1674b6865c20c7a7bfd878ecd5943cc372d529f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 07:04:04 GMT
Content-Encoding: gzip
Vary: Origin
Age: 50372
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:59:14 GMT
Server: AmazonS3
ETag: W/"ac9d833db6f6a28039f701c21719c904"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: jUkCOh9usBXJsrDNtXkRmRGPvnJCLoCmzhSS7lDLVggir2dYd0igNw==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 11ms
11ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CxRYrdgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-hrBp6wlWe0wLgg%3D%3D&sc=1&os=1-fw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pcode=condenastprebidheader987326845656&rx=452284425161&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=8&g=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=155&w=276&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&id=1&ii=4&f=0&j=&t=1637615014523&de=343906388239&cu=1637615014523&m=477&ar=553ffc12ef5-clean&iw=2b81bef&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5106&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A931%3A931%3A1903%3A1075&as=0&ag=34&an=34&gf=34&gg=34&ez=1&aj=1&pg=100&pf=100&ib=0&cc=0&bw=34&bx=34&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=467&cd=467&ah=467&am=467&dq=68&dr=68&ds=68&dt=68&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ef=1&rf=0&re=0&cl=0&at=0&d=Blade%20Runner%20Game%20Director%20Louis%20Castle_%20Extended%20Interview%3A%2F3379%2Fconde.ars%2Finline-player%2Fgadgets%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5fbe751038d069741986d243&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1204922654&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:35 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 21:03:35 GMT

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920.m3u8 Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8FFA 33 KB
2 KB 8ms
8ms XHR
application/x-mpegurl 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920.m3u8?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c093f493e07bb5abb46735a133912880470d2aece8ef9937bbefff9b93e3ddf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 06:32:19 GMT
Content-Encoding: gzip
Vary: Origin
Age: 53292
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:58:05 GMT
Server: AmazonS3
ETag: W/"2edcb5543b29cddbe98ea0e6e6076935"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: ttv-g0JsUqHVeXGWoYysRwWq7O6z34pZKgxf3uXMJCSjt0-3sF4bTQ==

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00002.ts Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8FFA 2 MB
2 MB 13ms
13ms XHR
application/x-mpegurl 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00002.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a6607887e6c31ca484193f052a418f2c548d27d2409c0041697ae071a2255924

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Sun, 21 Nov 2021 23:50:12 GMT
Content-Encoding: gzip
Vary: Accept-Encoding,Origin
Age: 76404
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:57:20 GMT
Server: AmazonS3
ETag: W/"37ec9fd3550915896f3f3087b85ad1c3"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 4aXNhaY9raN0-a87Op6Kh92DgBWwNRTJ-si80NknPU2nn5dvu8vG7w==

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00003.ts Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8FFA 3 MB
3 MB 13ms
12ms XHR
application/x-mpegurl 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00003.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3b741c508a03df7294a47d302a7793f9cb3e6edf624dfb33ce4995790db6c705

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 05:41:50 GMT
Content-Encoding: gzip
Vary: Origin
Age: 55306
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:57:28 GMT
Server: AmazonS3
ETag: W/"1bd07890e903a0d61e5d709ccc866298"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: KBd7boSDKYH20zh6cY0nUhldwkoj10PB3_XYuUr7pU-mUfNUBy01CQ==

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00004.ts Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8FFA 3 MB
3 MB 11ms
10ms XHR
application/x-mpegurl 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00004.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ee8c93fb98398e780a1d2654fe36bf40b6cca6bf01c187c62d01156ee2dc5d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 07:06:27 GMT
Content-Encoding: gzip
Vary: Origin
Age: 50229
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:57:11 GMT
Server: AmazonS3
ETag: W/"285f9bd261810dabbbc79ca24e910512"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: xD90XE_JgCqWECpqIC_qR96N8_ypL1czkLyy9enOFxVK7-UDvqZaBg==

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00005.ts Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8FFA 2 MB
2 MB 11ms
11ms XHR
application/x-mpegurl 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00005.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b72f8b6e1195ddf2e574efdf2de473e3dd42579d828a6d66c868fc59a1f12bb6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 06:17:36 GMT
Content-Encoding: gzip
Vary: Origin
Age: 53160
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:57:30 GMT
Server: AmazonS3
ETag: W/"7aaa4751375dc0c2738b841364e3a903"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: m76lDYsm5yUw-pws2yED9iLo7YMora-dOKoT4w46DjZ2KZ8VA_7MaQ==

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00006.ts Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8FFA 2 MB
2 MB 12ms
11ms XHR
application/x-mpegurl 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00006.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 30b5f97631f684e383aa8433196eadfd30e32e14e6cc3ca5be476a4b66f58a51

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 02:43:27 GMT
Content-Encoding: gzip
Vary: Origin
Age: 66009
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:58:04 GMT
Server: AmazonS3
ETag: W/"619c89aa02d359d8bf26bf48cae62093"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: Ku-kxywmL8t8LEK7VoDDqnuDhIrvTdjODZI8f9VBy5TPQAQK4Krn8A==

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 10ms
10ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CxRYrdgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-hrBp6wlWe0wLgg%3D%3D&sc=1&os=1-fw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pcode=condenastprebidheader987326845656&rx=452284425161&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=2&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=155&w=276&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&id=1&ii=4&f=0&j=&t=1637615014523&de=343906388239&cu=1637615014523&m=1613&ar=553ffc12ef5-clean&iw=2b81bef&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5106&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A931%3A931%3A1903%3A1075&as=1&ag=1176&an=34&gi=1&gf=1176&gg=34&ez=1&kw=1408&aj=1&pg=100&pf=100&ib=0&dw=1&cc=1&bw=1176&bx=34&jz=1408&dj=1&dx=1&aa=1&ad=1076&cn=0&gn=1&gk=1076&gl=0&cp=1408&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1408&cd=467&ah=1408&am=467&dq=1009&dr=68&ds=1009&dt=68&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=0&vt=37&vd=0&zMoatSRE=0.02228125&zMoatVSD=5&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=3109&ef=1&rf=0&re=0&cl=0&at=0&d=Blade%20Runner%20Game%20Director%20Louis%20Castle_%20Extended%20Interview%3A%2F3379%2Fconde.ars%2Finline-player%2Fgadgets%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5fbe751038d069741986d243&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=180838692&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 21:03:36 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 11ms
10ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CxRYrdgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-hrBp6wlWe0wLgg%3D%3D&sc=1&os=1-fw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pcode=condenastprebidheader987326845656&rx=452284425161&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=3&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=155&w=276&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&id=1&ii=4&f=0&j=&t=1637615014523&de=343906388239&cu=1637615014523&m=1615&ar=553ffc12ef5-clean&iw=2b81bef&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5106&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A931%3A931%3A1903%3A1075&as=1&ag=1176&an=1176&gi=1&gf=1176&gg=1176&ez=1&kw=1408&aj=1&pg=100&pf=100&ib=0&dw=1&cc=1&bw=1176&bx=1176&jz=1408&dj=1&dx=1&aa=1&ad=1076&cn=1076&gn=1&gk=1076&gl=1076&cp=1408&cq=1&cr=1&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1408&cd=1408&ah=1408&am=1408&dq=1009&dr=1009&ds=1009&dt=1009&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=37&vt=37&vd=0&zMoatSRE=0.02228125&zMoatVSD=5&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=3109&ef=1&rf=0&re=0&cl=0&at=0&d=Blade%20Runner%20Game%20Director%20Louis%20Castle_%20Extended%20Interview%3A%2F3379%2Fconde.ars%2Finline-player%2Fgadgets%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5fbe751038d069741986d243&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=80580412&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 21:03:36 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
7ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CxRYrdgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-hrBp6wlWe0wLgg%3D%3D&sc=1&os=1-fw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pcode=condenastprebidheader987326845656&rx=452284425161&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=4&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=155&w=276&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&id=1&ii=4&f=0&j=&t=1637615014523&de=343906388239&cu=1637615014523&m=1817&ar=553ffc12ef5-clean&iw=2b81bef&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5106&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A931%3A931%3A1903%3A1075&as=1&ag=1380&an=1176&gi=1&gf=1380&gg=1176&ez=1&kw=1408&aj=1&pg=100&pf=100&ib=0&dw=1&cc=1&bw=1380&bx=1176&jz=1408&dj=1&dx=1&aa=1&ad=1280&cn=1076&gn=1&gk=1280&gl=1076&cp=1408&cq=1&cr=1&hj=1&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1609&cd=1408&ah=1609&am=1408&dq=1210&dr=1009&ds=1210&dt=1009&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=37&vt=43&vd=0&zMoatSRE=0.02228125&zMoatVSD=5&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=3109&ef=1&rf=0&re=0&cl=0&at=0&d=Blade%20Runner%20Game%20Director%20Louis%20Castle_%20Extended%20Interview%3A%2F3379%2Fconde.ars%2Finline-player%2Fgadgets%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5fbe751038d069741986d243&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=2040685518&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 21:03:36 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 8FFA 44 B
91 B 18ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1663130473914833&ev=Microdata&dl=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&rl=&if=true&ts=1637615016481&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1637615014978.250654641&it=1637615014398&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 22 Nov 2021 21:03:36 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 44 B
327 B 43ms
16ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1409

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Nov 2021 21:03:36 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://arstechnica.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ 0
408 B 105ms
34ms XHR
application/javascript 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=3egfyfq&fmt=json
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://arstechnica.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 22 Nov 2021 21:03:36 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/javascript
access-control-allow-origin: https://arstechnica.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 0
expires: Tue, 22 Nov 2022 21:03:36 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 7B3A 281 B
554 B 31ms
7ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Nov 2021 21:03:36 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 289A 2 KB
1 KB 9ms
9ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Mon, 22 Nov 2021 21:03:36 GMT
Connection: keep-alive

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 6A3E 668 B
716 B 25ms
19ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 1bb152663785de0d636f2f82fcc40d3f48eedb1103e5b18a8156b75ed3c4dbfa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 22 Nov 2021 21:03:36 GMT
content-type: text/html
content-length: 417
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 24CF 668 B
728 B 22ms
18ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 1bb152663785de0d636f2f82fcc40d3f48eedb1103e5b18a8156b75ed3c4dbfa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 22 Nov 2021 21:03:36 GMT
content-type: text/html
content-length: 417
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame C28C 23 KB
8 KB 78ms
39ms Document
text/html 104.85.4.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C171%2C2030%2C273%2C251%2C175%2C132%2C178%2C3018%2C3017%2C2027%2C3016%2C214%2C2026%2C159%2C3015%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C3011%2C3010%2C182%2C261%2C184%2C141%2C188%2C222%2C3007%2C201%2C4%2C246%2C225%2C203%2C126%2C226%2C326%2C80%2C10000%2C9%2C229%2C108&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.85.4.23 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-85-4-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d95fa6e8554892975af74171c022a403546a4392a94d713d548747181353f300

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 24 Nov 2021 21:03:36 GMT
date: Mon, 22 Nov 2021 21:03:36 GMT
content-length: 8265

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame C80A 2 KB
1 KB 15ms
8ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Mon, 22 Nov 2021 21:03:36 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame DF2A 52 KB
17 KB 34ms
7ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sun, 21 Nov 2021 04:25:13 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 22 Nov 2021 21:03:36 GMT
Age: 59901
X-Served-By: cache-lga21965-LGA, cache-fra19155-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 552135
X-Timer: S1637615017.525188,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame AD61 23 KB
8 KB 76ms
40ms Document
text/html 104.85.4.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.85.4.23 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-85-4-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d95fa6e8554892975af74171c022a403546a4392a94d713d548747181353f300

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 24 Nov 2021 21:03:36 GMT
date: Mon, 22 Nov 2021 21:03:36 GMT
content-length: 8265

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame B991 668 B
716 B 19ms
19ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 1bb152663785de0d636f2f82fcc40d3f48eedb1103e5b18a8156b75ed3c4dbfa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 22 Nov 2021 21:03:36 GMT
content-type: text/html
content-length: 417
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 8176 23 KB
8 KB 80ms
46ms Document
text/html 104.85.4.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.85.4.23 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-85-4-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d95fa6e8554892975af74171c022a403546a4392a94d713d548747181353f300

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 24 Nov 2021 21:03:36 GMT
date: Mon, 22 Nov 2021 21:03:36 GMT
content-length: 8265

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 61CC 52 KB
17 KB 31ms
7ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sun, 21 Nov 2021 04:25:13 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 22 Nov 2021 21:03:36 GMT
Age: 59901
X-Served-By: cache-lga21965-LGA, cache-fra19178-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 573997
X-Timer: S1637615017.525287,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 26F8 52 KB
17 KB 33ms
7ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Sun, 21 Nov 2021 04:25:13 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Mon, 22 Nov 2021 21:03:36 GMT
Age: 59901
X-Served-By: cache-lga21965-LGA, cache-fra19123-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 2, 549148
X-Timer: S1637615017.528600,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame 5E62 2 KB
1 KB 14ms
7ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1637614816
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Mon, 22 Nov 2021 21:03:36 GMT
Connection: keep-alive

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 885C 54 B
326 B 34ms
15ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPQGDh2PQGDh2AcABBENB2CgAAAAAAAAAChQAAAAAAJBAGgAAoAHAAeABcAD4ALQAfABGACSAFsAMQAfwBIgCuAGaANQAbQA4gByADnAHUAP8AgYBBwCRAE_AKGAYQA6oCHwEXgI9ASEAlYBNoCwgF0ALqAXaAvIBiADFgGQgMjAZQA0IBowDSgGpgNoAbcA3QBwQSCmAAgABcAFAAVAAyABwADwAIAAYAAygBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCACGgEQARIAjoBLAEuAJoAUoAtwBhgDIAGWANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBigDWAG0ANwAbwA9AB8gENgIdASIAmIBMoCbAE7AKHAUiApoBYoC0AFsALkAXeAvMBgQDBgGEgMNAYeAyIBkgDJwGXAM5AZ8A0gBp0DWANZDAFwAFgAXACMAEmAKgAqgBbADEAG8AUgA0oBqAGqAOIAloBsgDqAIvASEAocBYgDFgGRgNCAboGgRABWAC4AIYAZAAywBsgDsAH4AQAAgoBGAClgFPAKvAWgBaQDWAG8AOqAfIBDoCKgEiAJsATsApEBcgDAgGEgMPAYwAycBnIDPAGfCAC4ACwALgA1ACMAEkAKoAWwAxABvAFIAK6AagBqgDiAJEAS0A3ABvAEXgJCAUOAxYBoQDdBEBsAKwAhgBkADLAGyAOwAfgBAACMAFLAKeAVcA1gB1QD5AIdASIAmwBOwCkQFyAMCAYSAw8Bk4DOQGfCoDgAFAAhgBMAC4AI4AZYA7AB-AEYAI4AUsAq8BaAFpAN4AkEBMQCbAFNgLYAXIAvMBgQDDwGRAM5AZ4Az4BuQoAgAGIATIApIBqAGqANoAcQA5AB4AEFAJaAdUBHoCxAGaANCAa8MgMAAUACGAEwARwAywB2QD7APwAjABHAClgFXAK2AbwBMQCbAFogLYAXmAwIBh4DIgGcgM8AZ8MAIgA1ADEAJkAUkA1ADVAG0AOIAcgA8ACWgFiAOqAj0BJwCxAF5ANCHAXgABAAIgAcAB4AFwAPgAtAByAD8AIIARgAtgBdADIAGgAP4AhABIgCdAFIALMAZYAzQBpQDUANUAbQA4gByADnAHUAOwAdwBAACBgEFgIOAhABEQCRAEtAJtAT4BPwClgFQALaAXqAwADAgGEAMyAawA14BvADjgHSAOqAeQA-QCEIEPgRAAj0BIUCVgJXATEAmUBNoChQFIAKTAUwAqYBVQCtgFcgK7AWUAtIBagC4oF0AXUAvYBfQDAgGIAMWAZCAygBl4DQoGigaMA0oBpoDUwGvANoAbYA24dBiAAXABQAFQAMgAcABAAC6AGAAZQA0ADUAHgAPoAhgCIAEwAJ8AVQBWACwAFwAL4AYgAzABvADmAHoAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA2QBvgDvAHtAPsA_QB_wEWARgAjkBKQEqAKCAU8Aq4BYoC0ALSAXMAuoBeQDFAG0ANxAdMB1AD0AIbAQ6AiIBFQCLwEggJEASoAmwBOwChwFNAKsAWKAtCBbAFsgLgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFIALcAZcA1ADVAG0AOIAcgA5wB2ADwAIKAT4ApYBYgDAAGEAMyAbwA6oB2wEPgI9ASEAk4BK4CYgE2gKFAUgApMBWwC6AF5AL2AYEAzQBoQDRQGlANTAbYA24hA4AAWABQADIALgAYgBDACYAFUALgAXwAxABmADeAHoARwAsQBhADfAHfAPsA_AB_gEYAI4ASkAoIBQwCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAJsAU0AsUBaMC2ALaAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAkAAEAA4AC4AIQAcgBUADIAG8AQgAkQBSAC5AF8AMsAagA2gB3AEAAISAS0AnwBUADXgG8AOqAfYBKwCbQFJgLKAWkAvYBiIDFgGlANyJQOAAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhoBEAESAI4AUYApQBbgDCAGqANkAd4A_ACMAEcAJOAU8Aq8BaAFpALqAYoA3AB1AD5AIdARUAi8BIgCbAFigLYAXaAvMBh4DIgGTgMsAZyAzwBnwDSAGsAOAKASQABAAXAA-ACEAFoAOQAfgBGACoAFYAMgAbQA3gByAEIAI4ASIAmQBOgCkAFyAMsAagA1wBtADiAHOAOoAdwA8ACAAEHAISARUAkQBJwCWgE2gJ8An4BSwCxAF1AMAAYQAxQBrwDeAHVAO2AeQA-QB_wEegJiATKAm0BSACmAFTAK2AV2AtABdAC8gF9AMCAYsA0QBpQDTYGpAamA14BwRSCKAAuACgAKgAZAA4ACCAGAAZQA0ADUAHkAQwBEACYAE8AKQAVQAsABfADEAGYAOYAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CxQFsALgAXIAu0BeYDDQGHgMYAZEAyQBk4DLgGcgM8AZ9A0gDSYGsAayA2MAAA.YAAAAAAAAAAA&d=https://arstechnica.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Content-Length: 54
Expires: Mon, 22 Nov 2021 21:03:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 22 Nov 2021 21:03:36 GMT
Connection: keep-alive

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 9147 54 B
326 B 44ms
29ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPQGDh2PQGDh2AcABBENB2CgAAAAAAAAAChQAAAAAAJBAGgAAoAHAAeABcAD4ALQAfABGACSAFsAMQAfwBIgCuAGaANQAbQA4gByADnAHUAP8AgYBBwCRAE_AKGAYQA6oCHwEXgI9ASEAlYBNoCwgF0ALqAXaAvIBiADFgGQgMjAZQA0IBowDSgGpgNoAbcA3QBwQSCmAAgABcAFAAVAAyABwADwAIAAYAAygBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCACGgEQARIAjoBLAEuAJoAUoAtwBhgDIAGWANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBigDWAG0ANwAbwA9AB8gENgIdASIAmIBMoCbAE7AKHAUiApoBYoC0AFsALkAXeAvMBgQDBgGEgMNAYeAyIBkgDJwGXAM5AZ8A0gBp0DWANZDAFwAFgAXACMAEmAKgAqgBbADEAG8AUgA0oBqAGqAOIAloBsgDqAIvASEAocBYgDFgGRgNCAboGgRABWAC4AIYAZAAywBsgDsAH4AQAAgoBGAClgFPAKvAWgBaQDWAG8AOqAfIBDoCKgEiAJsATsApEBcgDAgGEgMPAYwAycBnIDPAGfCAC4ACwALgA1ACMAEkAKoAWwAxABvAFIAK6AagBqgDiAJEAS0A3ABvAEXgJCAUOAxYBoQDdBEBsAKwAhgBkADLAGyAOwAfgBAACMAFLAKeAVcA1gB1QD5AIdASIAmwBOwCkQFyAMCAYSAw8Bk4DOQGfCoDgAFAAhgBMAC4AI4AZYA7AB-AEYAI4AUsAq8BaAFpAN4AkEBMQCbAFNgLYAXIAvMBgQDDwGRAM5AZ4Az4BuQoAgAGIATIApIBqAGqANoAcQA5AB4AEFAJaAdUBHoCxAGaANCAa8MgMAAUACGAEwARwAywB2QD7APwAjABHAClgFXAK2AbwBMQCbAFogLYAXmAwIBh4DIgGcgM8AZ8MAIgA1ADEAJkAUkA1ADVAG0AOIAcgA8ACWgFiAOqAj0BJwCxAF5ANCHAXgABAAIgAcAB4AFwAPgAtAByAD8AIIARgAtgBdADIAGgAP4AhABIgCdAFIALMAZYAzQBpQDUANUAbQA4gByADnAHUAOwAdwBAACBgEFgIOAhABEQCRAEtAJtAT4BPwClgFQALaAXqAwADAgGEAMyAawA14BvADjgHSAOqAeQA-QCEIEPgRAAj0BIUCVgJXATEAmUBNoChQFIAKTAUwAqYBVQCtgFcgK7AWUAtIBagC4oF0AXUAvYBfQDAgGIAMWAZCAygBl4DQoGigaMA0oBpoDUwGvANoAbYA24dBiAAXABQAFQAMgAcABAAC6AGAAZQA0ADUAHgAPoAhgCIAEwAJ8AVQBWACwAFwAL4AYgAzABvADmAHoAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA2QBvgDvAHtAPsA_QB_wEWARgAjkBKQEqAKCAU8Aq4BYoC0ALSAXMAuoBeQDFAG0ANxAdMB1AD0AIbAQ6AiIBFQCLwEggJEASoAmwBOwChwFNAKsAWKAtCBbAFsgLgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFIALcAZcA1ADVAG0AOIAcgA5wB2ADwAIKAT4ApYBYgDAAGEAMyAbwA6oB2wEPgI9ASEAk4BK4CYgE2gKFAUgApMBWwC6AF5AL2AYEAzQBoQDRQGlANTAbYA24hA4AAWABQADIALgAYgBDACYAFUALgAXwAxABmADeAHoARwAsQBhADfAHfAPsA_AB_gEYAI4ASkAoIBQwCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAJsAU0AsUBaMC2ALaAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAkAAEAA4AC4AIQAcgBUADIAG8AQgAkQBSAC5AF8AMsAagA2gB3AEAAISAS0AnwBUADXgG8AOqAfYBKwCbQFJgLKAWkAvYBiIDFgGlANyJQOAAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhoBEAESAI4AUYApQBbgDCAGqANkAd4A_ACMAEcAJOAU8Aq8BaAFpALqAYoA3AB1AD5AIdARUAi8BIgCbAFigLYAXaAvMBh4DIgGTgMsAZyAzwBnwDSAGsAOAKASQABAAXAA-ACEAFoAOQAfgBGACoAFYAMgAbQA3gByAEIAI4ASIAmQBOgCkAFyAMsAagA1wBtADiAHOAOoAdwA8ACAAEHAISARUAkQBJwCWgE2gJ8An4BSwCxAF1AMAAYQAxQBrwDeAHVAO2AeQA-QB_wEegJiATKAm0BSACmAFTAK2AV2AtABdAC8gF9AMCAYsA0QBpQDTYGpAamA14BwRSCKAAuACgAKgAZAA4ACCAGAAZQA0ADUAHkAQwBEACYAE8AKQAVQAsABfADEAGYAOYAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CxQFsALgAXIAu0BeYDDQGHgMYAZEAyQBk4DLgGcgM8AZ9A0gDSYGsAayA2MAAA.YAAAAAAAAAAA&d=https://arstechnica.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Content-Length: 54
Expires: Mon, 22 Nov 2021 21:03:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 22 Nov 2021 21:03:36 GMT
Connection: keep-alive

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 24CF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=bb7b619c-05a8-4300-ae3a-388256e87a34

43 B
61 B

18ms
18ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=bb7b619c-05a8-4300-ae3a-388256e87a34
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 22 Nov 2021 21:03:36 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x31 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=bb7b619c-05a8-4300-ae3a-388256e87a34
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 22 Nov 2021 21:03:35 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 24CF
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=MiAfOzQkR2ApKBVuMyULPTMmE24pJh5vPSJylrqk

43 B
122 B

23ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=MiAfOzQkR2ApKBVuMyULPTMmE24pJh5vPSJylrqk
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=MiAfOzQkR2ApKBVuMyULPTMmE24pJh5vPSJylrqk
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 24CF
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8717970263991771138

43 B
61 B

18ms
18ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8717970263991771138
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8717970263991771138
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 24CF 70 B
264 B 34ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=a214344a-ac1a-7ee8-fbd0-937ef9d33dfe&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 24CF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll&google_tc=

170 B
188 B

33ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 24CF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPqpbvwR0eSxg7RI6eZmtSE&google_cver=1

43 B
61 B

22ms
22ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPqpbvwR0eSxg7RI6eZmtSE&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPqpbvwR0eSxg7RI6eZmtSE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 6A3E
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=38bf619c-05a8-4400-a94e-cbe20140cdb4

43 B
61 B

18ms
18ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=38bf619c-05a8-4400-a94e-cbe20140cdb4
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 22 Nov 2021 21:03:36 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=38bf619c-05a8-4400-a94e-cbe20140cdb4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 22 Nov 2021 21:03:35 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6A3E
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=jyMduoknReGUKxfvgCQJ7IF0EOmUdxS9jyCmRb41

43 B
106 B

24ms
18ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=jyMduoknReGUKxfvgCQJ7IF0EOmUdxS9jyCmRb41
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=jyMduoknReGUKxfvgCQJ7IF0EOmUdxS9jyCmRb41
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 6A3E
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5270365188390092199

43 B
61 B

19ms
19ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5270365188390092199
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5270365188390092199
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 6A3E 70 B
264 B 35ms
33ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=a214344a-ac1a-7ee8-fbd0-937ef9d33dfe&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6A3E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll&google_tc=

170 B
188 B

35ms
20ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 6A3E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBpAJ-pUoPLcflHnXiUE93k&google_cver=1

43 B
61 B

18ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBpAJ-pUoPLcflHnXiUE93k&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBpAJ-pUoPLcflHnXiUE93k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame B991
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=faf3619c-05a8-4300-b957-18ea688a2229

43 B
61 B

18ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=faf3619c-05a8-4300-b957-18ea688a2229
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 22 Nov 2021 21:03:36 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x31 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=faf3619c-05a8-4300-b957-18ea688a2229
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 22 Nov 2021 21:03:35 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame B991
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=hh9c1oAbBI2dF1aDgBhI14MfUIOdTFyMiR5HhKg2

43 B
106 B

24ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=hh9c1oAbBI2dF1aDgBhI14MfUIOdTFyMiR5HhKg2
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=hh9c1oAbBI2dF1aDgBhI14MfUIOdTFyMiR5HhKg2
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame B991
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6309026200481758413

43 B
61 B

19ms
19ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6309026200481758413
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=6309026200481758413
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame B991 70 B
264 B 33ms
32ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=a214344a-ac1a-7ee8-fbd0-937ef9d33dfe&gdpr=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B991
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll&google_tc=

170 B
188 B

26ms
18ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll&google_tc=

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=OGU3YmU3ODAtNjU2ZC0yMDRjLWVlMzAtYzljNzMzMzFmMzll&google_tc=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame B991
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm=&google_sc=&google_tc=
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELZ8xs7fuHSH-h-hnasw74M&google_cver=1

43 B
61 B

18ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELZ8xs7fuHSH-h-hnasw74M&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=1&us_privacy=1---
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELZ8xs7fuHSH-h-hnasw74M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7B3A 32 KB
10 KB 9ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a26f3a06775611291ff8d05deab6a7ae89306e505cf805f53fa91c482ce72951

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 21:03:36 GMT
Content-Encoding: gzip
Last-Modified: Wed, 10 Nov 2021 00:00:39 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=33759
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9513
Expires: Tue, 23 Nov 2021 06:26:15 GMT

GET
H/1.1 200
OK usermatch Show response
ssum-sec.casalemedia.com/ Frame 795D 54 B
326 B 16ms
16ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?gdpr=1&gdpr_consent=CPQGDh2PQGDh2AcABBENB2CgAAAAAAAAAChQAAAAAAJBAGgAAoAHAAeABcAD4ALQAfABGACSAFsAMQAfwBIgCuAGaANQAbQA4gByADnAHUAP8AgYBBwCRAE_AKGAYQA6oCHwEXgI9ASEAlYBNoCwgF0ALqAXaAvIBiADFgGQgMjAZQA0IBowDSgGpgNoAbcA3QBwQSCmAAgABcAFAAVAAyABwADwAIAAYAAygBoAGoAPIAhgCIAEwAJ8AVQBWACwAG8AOYAegBCACGgEQARIAjoBLAEuAJoAUoAtwBhgDIAGWANUAbIA7wB7AD4gH2AfoBAICLgIwARoAjgBKQCggFLAKeAVcAuYBigDWAG0ANwAbwA9AB8gENgIdASIAmIBMoCbAE7AKHAUiApoBYoC0AFsALkAXeAvMBgQDBgGEgMNAYeAyIBkgDJwGXAM5AZ8A0gBp0DWANZDAFwAFgAXACMAEmAKgAqgBbADEAG8AUgA0oBqAGqAOIAloBsgDqAIvASEAocBYgDFgGRgNCAboGgRABWAC4AIYAZAAywBsgDsAH4AQAAgoBGAClgFPAKvAWgBaQDWAG8AOqAfIBDoCKgEiAJsATsApEBcgDAgGEgMPAYwAycBnIDPAGfCAC4ACwALgA1ACMAEkAKoAWwAxABvAFIAK6AagBqgDiAJEAS0A3ABvAEXgJCAUOAxYBoQDdBEBsAKwAhgBkADLAGyAOwAfgBAACMAFLAKeAVcA1gB1QD5AIdASIAmwBOwCkQFyAMCAYSAw8Bk4DOQGfCoDgAFAAhgBMAC4AI4AZYA7AB-AEYAI4AUsAq8BaAFpAN4AkEBMQCbAFNgLYAXIAvMBgQDDwGRAM5AZ4Az4BuQoAgAGIATIApIBqAGqANoAcQA5AB4AEFAJaAdUBHoCxAGaANCAa8MgMAAUACGAEwARwAywB2QD7APwAjABHAClgFXAK2AbwBMQCbAFogLYAXmAwIBh4DIgGcgM8AZ8MAIgA1ADEAJkAUkA1ADVAG0AOIAcgA8ACWgFiAOqAj0BJwCxAF5ANCHAXgABAAIgAcAB4AFwAPgAtAByAD8AIIARgAtgBdADIAGgAP4AhABIgCdAFIALMAZYAzQBpQDUANUAbQA4gByADnAHUAOwAdwBAACBgEFgIOAhABEQCRAEtAJtAT4BPwClgFQALaAXqAwADAgGEAMyAawA14BvADjgHSAOqAeQA-QCEIEPgRAAj0BIUCVgJXATEAmUBNoChQFIAKTAUwAqYBVQCtgFcgK7AWUAtIBagC4oF0AXUAvYBfQDAgGIAMWAZCAygBl4DQoGigaMA0oBpoDUwGvANoAbYA24dBiAAXABQAFQAMgAcABAAC6AGAAZQA0ADUAHgAPoAhgCIAEwAJ8AVQBWACwAFwAL4AYgAzABvADmAHoAQ0AiACJAEdAJYAmABNACjAFKALEAW8AwgDDAGQAMoAaIA2QBvgDvAHtAPsA_QB_wEWARgAjkBKQEqAKCAU8Aq4BYoC0ALSAXMAuoBeQDFAG0ANxAdMB1AD0AIbAQ6AiIBFQCLwEggJEASoAmwBOwChwFNAKsAWKAtCBbAFsgLgAXIAu0Bd4C8wGDAMJAYaAw8BiQDGAGPAMkAZOAyoBlgDLgGcgM-AaJA0gDSQGlgNOAawA2MgAwAAQAD8AIIAaAA_gCRAFIALcAZcA1ADVAG0AOIAcgA5wB2ADwAIKAT4ApYBYgDAAGEAMyAbwA6oB2wEPgI9ASEAk4BK4CYgE2gKFAUgApMBWwC6AF5AL2AYEAzQBoQDRQGlANTAbYA24hA4AAWABQADIALgAYgBDACYAFUALgAXwAxABmADeAHoARwAsQBhADfAHfAPsA_AB_gEYAI4ASkAoIBQwCngFXgLQAtIBcwDFAG0AOoAegBIICRAEqAJsAU0AsUBaMC2ALaAXAAuQBdoDDwGJAMiAZOAzkBngDPgGiANJAaWA4AkAkAAEAA4AC4AIQAcgBUADIAG8AQgAkQBSAC5AF8AMsAagA2gB3AEAAISAS0AnwBUADXgG8AOqAfYBKwCbQFJgLKAWkAvYBiIDFgGlANyJQOAAEAALAAoABkADkAMAAxAB4AEQAJgAVQAuABfADEAGYANoAhoBEAESAI4AUYApQBbgDCAGqANkAd4A_ACMAEcAJOAU8Aq8BaAFpALqAYoA3AB1AD5AIdARUAi8BIgCbAFigLYAXaAvMBh4DIgGTgMsAZyAzwBnwDSAGsAOAKASQABAAXAA-ACEAFoAOQAfgBGACoAFYAMgAbQA3gByAEIAI4ASIAmQBOgCkAFyAMsAagA1wBtADiAHOAOoAdwA8ACAAEHAISARUAkQBJwCWgE2gJ8An4BSwCxAF1AMAAYQAxQBrwDeAHVAO2AeQA-QB_wEegJiATKAm0BSACmAFTAK2AV2AtABdAC8gF9AMCAYsA0QBpQDTYGpAamA14BwRSCKAAuACgAKgAZAA4ACCAGAAZQA0ADUAHkAQwBEACYAE8AKQAVQAsABfADEAGYAOYAhoBEAESAKMAUoAsQBbgDCAGUANEAaoA2QB3wD7AP0AiwBGACOAEpAKCAUMAq4BWwC5gF5ANoAbgA9ACHQEXgJEATYAnYBQ4CxQFsALgAXIAu0BeYDDQGHgMYAZEAyQBk4DLgGcgM8AZ9A0gDSYGsAayA2MAAA.YAAAAAAAAAAA&d=https://arstechnica.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Vary: Is-Traffic-Usersync
Content-Length: 54
Expires: Mon, 22 Nov 2021 21:03:36 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 22 Nov 2021 21:03:36 GMT
Connection: keep-alive

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 35ms
35ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CxRYrdgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-hrBp6wlWe0wLgg%3D%3D&sc=1&os=1-fw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pcode=condenastprebidheader987326845656&rx=452284425161&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=5&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=155&w=276&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&id=1&ii=4&f=0&j=&t=1637615014523&de=343906388239&cu=1637615014523&m=2439&ar=553ffc12ef5-clean&iw=2b81bef&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5106&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A931%3A931%3A1903%3A1075&as=1&ag=2002&an=1380&gi=1&gf=2002&gg=1380&ez=1&ck=2002&kw=1408&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=2002&bx=1380&ci=2002&jz=1408&dj=1&dx=1&undefined=1&aa=1&ad=1902&cn=1280&gn=1&gk=1902&gl=1280&cp=1408&cq=1&cr=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2234&cd=1609&ah=2234&am=1609&dq=1835&dr=1210&ds=1835&dt=1210&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=43&vt=31&vd=0&zMoatSRE=0.02228125&zMoatVSD=10&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=3109&ef=1&rf=0&re=0&cl=0&at=0&d=Blade%20Runner%20Game%20Director%20Louis%20Castle_%20Extended%20Interview%3A%2F3379%2Fconde.ars%2Finline-player%2Fgadgets%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5fbe751038d069741986d243&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1253824134&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:36 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 21:03:36 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 12ms
12ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=2&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CxRYrdgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-hrBp6wlWe0wLgg%3D%3D&sc=1&os=1-fw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pcode=condenastprebidheader987326845656&rx=452284425161&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=6&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=155&w=276&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&id=1&ii=4&f=0&j=&t=1637615014523&de=343906388239&cu=1637615014523&m=2440&ar=553ffc12ef5-clean&iw=2b81bef&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5106&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A931%3A931%3A1903%3A1075&as=1&ag=2002&an=2002&gi=1&gf=2002&gg=2002&ez=1&ck=2002&kw=1408&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=2002&bx=2002&ci=2002&jz=1408&dj=1&dx=1&undefined=1&aa=1&ad=1902&cn=1902&gn=1&gk=1902&gl=1902&cp=1408&cq=1&cr=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2234&cd=2234&ah=2234&am=2234&dq=1835&dr=1835&ds=1835&dt=1835&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=31&vt=31&vd=0&zMoatSRE=0.02228125&zMoatVSD=10&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=3109&ef=1&rf=0&re=0&cl=0&at=0&d=Blade%20Runner%20Game%20Director%20Louis%20Castle_%20Extended%20Interview%3A%2F3379%2Fconde.ars%2Finline-player%2Fgadgets%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5fbe751038d069741986d243&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=2034445020&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 21:03:37 GMT

GET
H/1.1 200
OK track
capture.condenastdigital.com/ Frame 8FFA 48 B
48 B 105ms
105ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_o=cne&_ts=2021-11-22T21%3A03%3A37.002Z&_c=Player%20Event&_t=2%20Sec%20In-View%20Moat&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fblade-runner-game-director-louis-castle-extended-interview&cId=5fbe751038d069741986d243&cKe=ars%20technica%20war%20stories%2Cblade%20runner%20the%20game%2Cblade%20runner%20war%20stories%2Cars%20blade%20runner%2Cblade%20runner%20louis%20castle%2Clouis%20castle%20westwood%2Cblade%20runner%20game%2Cblade%20runner%20pc%20game%2Cblade%20runner%20game%20development%2Cblade%20runner%20game%20developer%2Cblade%20runner%201997%2Cblade%20runner%20game%201997%2Clouis%20castle%20game%20director%2Clouis%20castle%20interview%2Cwar%20stories%20extended%2Cblade%20runner%20gameplay%2Cblade%20runner%20game%20review%2Cmaking%20of%20blade%20runner%20game%2Clouis%20castle%20westwood%20studios&cPd=2020-11-30T16%3A00%3A00%2B00%3A00&cTi=Blade%20Runner%20Game%20Director%20Louis%20Castle%3A%20Extended%20Interview&cTy=%2F3379%2Fconde.ars%2Finline-player%2Fgadgets%2Farticle&mDu=2488&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&pWw=276&pWh=155.25&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&uId=5a73d2f7-38a9-4f24-99e0-f04165b02587&xid=611c038c-1d6b-4a4a-a1a4-a98432d18427&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%226ed7652%22%2C%22guid%22%3A%2223b0cf0d-7d06-8514-4e24-b8a8d65612d9%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_dd966350-9bc5-4fcb-ac5b-9877f37236e0_similar2-3-personalized_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:37 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 8ms
8ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=3&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5BvmjrG%3DH%3C%5B*C%24MRH%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-CxRYrdgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-hrBp6wlWe0wLgg%3D%3D&sc=1&os=1-fw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&pcode=condenastprebidheader987326845656&rx=452284425161&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=7&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&h=155&w=276&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&id=1&ii=4&f=0&j=&t=1637615014523&de=343906388239&cu=1637615014523&m=2642&ar=553ffc12ef5-clean&iw=2b81bef&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5106&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A931%3A931%3A1903%3A1075&as=1&ag=2205&an=2002&gi=1&gf=2205&gg=2002&ez=1&ck=2002&kw=1408&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&kb=1&cc=1&bw=2205&bx=2002&ci=2002&jz=1408&dj=1&dx=1&undefined=1&aa=1&ad=2105&cn=1902&gn=1&gk=2105&gl=1902&co=2105&cp=1408&cq=1&cr=1&ew=1&ex=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2435&cd=2234&ah=2435&am=2234&dq=2036&dr=1835&ds=2036&dt=1835&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=31&vt=35&vd=0&zMoatSRE=0.02228125&zMoatVSD=10&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=3109&ef=1&rf=0&re=0&cl=0&at=0&d=Blade%20Runner%20Game%20Director%20Louis%20Castle_%20Extended%20Interview%3A%2F3379%2Fconde.ars%2Finline-player%2Fgadgets%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5fbe751038d069741986d243&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=195402&na=1630387207&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:37 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 22 Nov 2021 21:03:37 GMT

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 7B3A
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWB5P3BM-F-J0H7&sigv=1&esig=2~e78c6901bcd4ae0ae962dfef016b5796173c9baf&us_privacy=1---

0
446 B

36ms
8ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWB5P3BM-F-J0H7&sigv=1&esig=2~e78c6901bcd4ae0ae962dfef016b5796173c9baf&us_privacy=1---

Protocol

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 21:03:37 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KWB5P3BM-F-J0H7&sigv=1&esig=2~e78c6901bcd4ae0ae962dfef016b5796173c9baf&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7B3A
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dCNVAzQk0tRi1KMEg3&us_privacy=1---

170 B
188 B

17ms
17ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dCNVAzQk0tRi1KMEg3&us_privacy=1---

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1dCNVAzQk0tRi1KMEg3&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7B3A
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YZwFqQAGmLxbpQBG
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZwFqQAGmLxbpQBG&us_privacy=1---&_test=YZwFqQAGmLxbpQBG

0
239 B

8ms
7ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZwFqQAGmLxbpQBG&us_privacy=1---&_test=YZwFqQAGmLxbpQBG
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:37 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1637615017.380633,VS0,VE0
x-served-by: cache-fra19150-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YZwFqQAGmLxbpQBG&us_privacy=1---&_test=YZwFqQAGmLxbpQBG
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7B3A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=38bf619c-05a8-4400-a94e-cbe20140cdb4&expires=28

0
239 B

35ms
10ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=38bf619c-05a8-4400-a94e-cbe20140cdb4&expires=28
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

Date: Mon, 22 Nov 2021 21:03:37 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=38bf619c-05a8-4400-a94e-cbe20140cdb4&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 22 Nov 2021 21:03:36 GMT

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 7B3A 0
0 43ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif?us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7B3A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB2orzq094Y2B4Tcgemd6mI&google_cver=1

0
239 B

32ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB2orzq094Y2B4Tcgemd6mI&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:37 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEB2orzq094Y2B4Tcgemd6mI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 7B3A
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/0mG--t6oAgz5lCF5_NXh5g?csrc=&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7239860780485881439

0
239 B

10ms
10ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7239860780485881439
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

date: Mon, 22 Nov 2021 21:03:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7239860780485881439
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 7B3A 70 B
264 B 56ms
55ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 21:03:37 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK track
capture.condenastdigital.com/ 48 B
48 B 102ms
101ms Image
image/gif 34.195.247.44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://capture.condenastdigital.com/track?_ts=2021-11-22T21%3A03%3A37.795Z&_t=adBlock&cBr=Ars%20Technica&cKe=advanced%20persistent%20threat%7CIran%7Cransomware&cCh=gadgets&cTi=Hackers%20backed%20by%20Iran%20are%20targeting%20US%20critical%20infrastructure%2C%20US%20warns&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=957&cId=1813895&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns&pRt=referral&pHp=%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&pRr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&pWw=1600&pWh=1200&pPw=1600&pPh=5100&pSw=1600&pSh=1200&uID=5a73d2f7-38a9-4f24-99e0-f04165b02587&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&uDt=desktop&dim1=%7B%22runtimeId%22%3A%22y19k478XXTkKH%22%2C%22device%22%3A%22desktop%22%2C%22pageContext%22%3A%7B%22contentType%22%3A%22article%22%2C%22templateType%22%3A%22article%22%2C%22channel%22%3A%22gadgets%22%2C%22slug%22%3A%22beware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%22%2C%22server%22%3A%22production%22%2C%22keywords%22%3A%7B%22tags%22%3A%5B%22advanced-persistent-threat%22%2C%22iran%22%2C%22ransomware%22%5D%2C%22cm%22%3A%5B%5D%2C%22platform%22%3A%5B%22wordpress%22%5D%2C%22copilotid%22%3A%22%22%7D%2C%22privateMode%22%3Atrue%2C%22adBlock%22%3Atrue%7D%2C%22adBlock%22%3Atrue%7D&_o=ars-technica&_c=ad_metrics&xID=611c038c-1d6b-4a4a-a1a4-a98432d18427&environment=prod&origin=ars-technica
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.247.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-247-44.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Nov 2021 21:03:37 GMT
Connection: keep-alive
Content-Length: 48
Content-Type: image/gif

GET
H/1.1 200
OK 3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00007.ts Show response
dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/ Frame 8FFA 2 MB
2 MB 17ms
16ms XHR
application/x-mpegurl 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dp8hsntg6do36.cloudfront.net/5fbe751038d069741986d243/3c2c91a2-8973-4f9a-a89f-f14bfb4124c4file-5872k-128-48000-1920-00007.ts?requester=oo
Requested by: Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-4d320d99e545eb7aef6a.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 48792f870c369d40e4417158813d5f84d01489bbe289e3fea2f18d568bb33f81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://arstechnica.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Mon, 22 Nov 2021 02:43:29 GMT
Content-Encoding: gzip
Vary: Origin
Age: 66010
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Wed, 25 Nov 2020 15:57:16 GMT
Server: AmazonS3
ETag: W/"dd50b9dc065aa02ee0929e08768c9217"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/x-mpegURL
Via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: ztvOgeMEjBHRHxlcOl7s54DFdPMVjlFP2WaumS5kapECJaWviEJcsQ==

GET track
capture.condenastdigital.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pbs.getpublica.com
URL: https://pbs.getpublica.com/v1/s2s-hb?site_id=2564&format=json&app_name=CNEVIDEO&adserver=gam&slot_count=3&site_name=arstechnica&content_episode=null&content_length=2488&content_season=&content_id=5fbe751038d069741986d243&content_title=Blade%20Runner%20Game%20Director%20Louis%20Castle%3A%20Extended%20Interview&content_series=&content_language=en&content_category=technology%2Cgaming%20%26%20entertainment%2CScience%20%26%20Tech%2CPop%20Culture--Video%20Games&content_keywords=ars%20technica%20war%20stories%2Cblade%20runner%20the%20game%2Cblade%20runner%20war%20stories%2Cars%20blade%20runner%2Cblade%20runner%20louis%20castle%2Clouis%20castle%20westwood%2Cblade%20runner%20game%2Cblade%20runner%20pc%20game%2Cblade%20runner%20game%20development%2Cblade%20runner%20game%20developer%2Cblade%20runner%201997%2Cblade%20runner%20game%201997%2Clouis%20castle%20game%20director%2Clouis%20castle%20interview%2Cwar%20stories%20extended%2Cblade%20runner%20gameplay%2Cblade%20runner%20game%20review%2Cmaking%20of%20blade%20runner%20game%2Clouis%20castle%20westwood%20studios&site_page=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&cb=4583579

Domain: capture.condenastdigital.com
URL: https://capture.condenastdigital.com/track?_ts=2021-11-22T21%3A03%3A39.503Z&_t=timespent&cBr=Ars%20Technica&cKe=advanced%20persistent%20threat%7CIran%7Cransomware&cCh=gadgets&cTi=Hackers%20backed%20by%20Iran%20are%20targeting%20US%20critical%20infrastructure%2C%20US%20warns&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=957&cId=1813895&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns&pRt=referral&pHp=%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&pRr=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F&pWw=1600&pWh=1200&pPw=1600&pPh=5100&pSw=1600&pSh=1200&uID=5a73d2f7-38a9-4f24-99e0-f04165b02587&sID=22924b41-9af2-4401-b4e0-f9da5234ced3&pID=b5439ca9-afdb-4352-a113-9a3364c2e948&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=general&xID=611c038c-1d6b-4a4a-a1a4-a98432d18427&_v=5000&environment=prod&origin=ars-technica

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
arstechnica.com/	1970-01-20 07:39:11	Name: usprivacy Value: 1---
.arstechnica.com/	1970-01-19 22:53:35	Name: session_seen_posts Value: 0
.arstechnica.com/	1970-01-19 23:36:47	Name: seen_posts Value:
arstechnica.com/	1970-01-19 23:05:16	Name: CN_visits_m Value: 1638316800138%26vn%3D1
arstechnica.com/	1970-01-19 22:53:36	Name: CN_in_visit_m Value: true
.arstechnica.com/	1970-01-19 22:53:36	Name: sID Value: 22924b41-9af2-4401-b4e0-f9da5234ced3
arstechnica.com/	1969-12-31 23:59:59	Name: pID Value: b5439ca9-afdb-4352-a113-9a3364c2e948
arstechnica.com/	1969-12-31 23:59:59	Name: CN_sp Value: 5a73d2f7-38a9-4f24-99e0-f04165b02587
arstechnica.com/	1970-01-19 23:36:47	Name: CN_su Value: 22416fa3-f11e-492c-b8cf-6345982e6016
.arstechnica.com/	1970-01-19 22:53:38	Name: AMP_TOKEN Value: %24NOT_FOUND
.arstechnica.com/	1970-01-20 16:24:47	Name: _ga Value: GA1.2.332656279.1637615013
.arstechnica.com/	1970-01-19 22:55:01	Name: _gid Value: GA1.2.248848889.1637615013
.arstechnica.com/	1970-01-19 22:53:35	Name: _dc_gtm_UA-31997-1 Value: 1
arstechnica.com/	1970-01-19 23:36:47	Name: _pbjs_userid_consent_data Value: 3524755945110770
arstechnica.com/	1970-01-20 00:19:59	Name: _pubcid Value: 71b80b13-059d-411f-a106-5b969df40e03
.openx.net/	1970-01-20 07:39:11	Name: i Value: 71b80b13-059d-411f-a106-5b969df40e03\|1637615013
.rubiconproject.com/	1969-12-31 23:59:59	Name: rsid Value: 1\|BdCsOVsH/a/fRiqn0c18Mxvc5rJaP5uXhxp8EvrzPAh1r4z5NGroQMTyZLOPgOikSHO3tT2oYW2peUfJM3OqKzSlnlAWiFIP9hAlb/GKFQIioAWpDL9dOsX4JPWMcjCRbro=
.arstechnica.com/	1970-01-20 07:39:11	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Mon+Nov+22+2021+21%3A03%3A33+GMT%2B0000+(GMT)&version=6.23.0&isIABGlobal=false&hosts=&consentId=46d48436-113a-453c-b783-b3ec14891adb&interactionCount=0&landingPath=https%3A%2F%2Farstechnica.com%2Fgadgets%2F2021%2F11%2Fbeware-of-iranian-government-backed-hackers-waging-ransomware-us-warns%2F%3Futm_social-type%3Downed&groups=C0003%3A0%2CC0004%3A0%2CC0005%3A0%2CC0001%3A1%2CC0002%3A0%2CSTACK42%3A0
.adnxs.com/	1970-01-20 01:03:11	Name: icu Value: ChgI_rtmEAoYASABKAEwpYvwjAY4AUABSAEQpYvwjAYYAA..
.rubiconproject.com/	1970-01-20 07:39:11	Name: khaos Value: KWB5P3BM-F-J0H7
.rubiconproject.com/	1970-01-20 07:39:11	Name: audit Value: 1\|hLZGFuTafB3BlaxKb3FHGK3T44WD0xC8rrUfOpRTiXFqjK1sECNPH8uaLk1THtYnxLKyAmlbh3czP5E5Ixkg4cxuhZpbWKLtDBiQG9/BkHM=
infinityid.condenastdigital.com/	1970-01-20 02:55:30	Name: CN_xid Value: 611c038c-1d6b-4a4a-a1a4-a98432d18427
infinityid.condenastdigital.com/	1970-01-20 06:57:25	Name: CN_xid_refresh Value: 611c038c-1d6b-4a4a-a1a4-a98432d18427
.adnxs.com/	1970-01-20 01:03:11	Name: uuid2 Value: 8804911757549502314
arstechnica.com/	1970-01-19 23:19:30	Name: CN_xid Value: 611c038c-1d6b-4a4a-a1a4-a98432d18427
arstechnica.com/	1970-01-20 01:17:35	Name: cneplayercount Value: 2
.scorecardresearch.com/	1970-01-20 16:10:23	Name: UID Value: 1ZBOQ0H8KZ2IN9P6Y9ETT9g1637615014
.arstechnica.com/	1970-01-20 01:03:11	Name: _fbp Value: fb.1.1637615014978.250654641
arstechnica.com/	1970-01-20 01:17:35	Name: cneplayercaptions Value: showing
arstechnica.com/	1970-01-19 22:53:38	Name: _lr_retry_request Value: true
arstechnica.com/	1970-01-19 23:36:47	Name: _lr_env_src_ats Value: false
.openx.net/	1970-01-19 23:15:11	Name: pd Value: v2\|1637615016\|gekin0vNiygu
.adsrvr.org/	1970-01-20 07:39:11	Name: TDID Value: 8fc24db5-a706-4877-aa9f-aaeb8788acb9
.quantserve.com/	1970-01-20 01:03:11	Name: d Value: EMoBDAHkJIqsMA
.quantserve.com/	1970-01-20 08:23:49	Name: mc Value: 619c05a8-93696-58f40-e0d62
.mathtag.com/	1970-01-20 08:19:30	Name: uuid Value: 38bf619c-05a8-4400-a94e-cbe20140cdb4
.adform.net/	1970-01-19 23:36:47	Name: C Value: 1
.adform.net/	1970-01-20 00:19:59	Name: uid Value: 5270365188390092199
.doubleclick.net/	1970-01-20 08:15:11	Name: IDE Value: AHWqTUkXEQpvNyisTvnVZBmMYJrLatlVYRnfi18K1CqlOYWPXRpzAPgS8WsLJX8UJac
.mathtag.com/	1970-01-19 23:36:47	Name: mt_mop Value: 9:1637615017
.everesttech.net/	1970-01-20 07:39:11	Name: everest_g_v2 Value: g_surferid~YZwFqQAGmLxbpQBG
.yahoo.com/	1970-01-20 07:39:32	Name: A3 Value: d=AQABBKkFnGECEA389FWXgvTtfmJ1l-VdejcFEgEBAQFXnWGlYQAAAAAA_SMAAA&S=AQAAAkvPPsSYKFX5-ngt5wmHqFw

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://arstechnica.com/infinityid Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=1409 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/709414.gif?us_privacy=1--- Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4d.condenastdigital.com
acdn.adnxs.com
ads.yahoo.com
ampcid.google.com
ampcid.google.de
api.cnevids.com
api.condenast.io
api.rlcdn.com
arstechnica.com
assoc-na.associates-amazon.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
capture.condenastdigital.com
cdn.arstechnica.net
cdn.cookielaw.org
cdn.mediavoice.com
cm.g.doubleclick.net
condenastus-d.openx.net
connect.facebook.net
contextual.media.net
d2c8v52ll5s99u.cloudfront.net
dp8hsntg6do36.cloudfront.net
dwgyu36up6iuz.cloudfront.net
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
geolocation.onetrust.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
imasdk.googleapis.com
infinityid.condenastdigital.com
js-sec.indexww.com
log.outbrainimg.com
match.adsrvr.org
mb.moatads.com
mcdp-nydc1.outbrain.com
odb.outbrain.com
p.skimresources.com
pagead2.googlesyndication.com
pbs.getpublica.com
pixel.condenastdigital.com
pixel.quantserve.com
pixel.rubiconproject.com
player.cnevids.com
plugin.mediavoice.com
polarcdn-terrax.com
pr-bh.ybp.yahoo.com
prebid.media.net
pubads.g.doubleclick.net
px.moatads.com
r.skimresources.com
s.skimresources.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
segment-data.zqtk.net
ssum-sec.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
t.skimresources.com
tcheck.outbrainimg.com
token.rubiconproject.com
us-u.openx.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
z-na.associates-amazon.com
z.moatads.com
capture.condenastdigital.com
pbs.getpublica.com
104.85.4.23
104.85.5.185
142.250.184.226
142.250.186.98
143.204.101.162
143.204.101.94
143.204.95.188
143.204.97.28
143.204.98.125
143.204.98.71
143.204.98.86
151.101.114.132
151.101.128.239
151.101.129.108
151.101.194.49
151.101.64.239
151.139.128.11
18.156.195.47
18.190.84.233
185.29.134.248
2.18.234.190
2.18.234.21
2.18.235.40
205.234.175.175
23.37.38.181
23.37.42.132
2602:803:c004:200::140
2606:4700:10::6814:b844
2606:4700::6810:9540
2606:4700::6811:4132
2606:4700::6813:da83
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:80:800::7001
2a00:1450:4001:801::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2006
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200e
2a00:1450:4001:831::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9d
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a05:d018:d29:3602:f42f:15ed:dc1f:f0c8
3.228.34.240
3.33.220.150
34.107.148.139
34.120.133.55
34.195.247.44
34.235.15.213
34.98.64.218
35.179.78.10
35.190.59.101
35.190.91.160
35.201.67.47
35.244.174.68
37.157.2.237
37.252.173.27
52.201.83.88
54.154.239.62
69.173.144.139
69.173.144.165
70.42.32.63
72.21.195.65
0053b1b18533c8a1342d572086360b837088330a0eb528c42e71aaa19f60fdb1
014f2fb8d253cee4da7966e085bf836310d85793e5ab4291489a6add2b123e6a
0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c
030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06
0341556c193a6dc8966ef036e1fdb55bd52e9fdb79497ef4b5297cb731611a0c
039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15
0442f9cfdf3dd089726478361f6cbc8ff84238c13adaf271f52d1417dfad9a91
04ad45dd341f2221df27c3216bb711ea8a9293e1cbe8c79f16dd10db87d43ed6
04affabbdfdb9a578a82c15363b75b79c64307a6b8fec3609fcfc8d5b4c95d80
06b33c040105224101afcdaacd82b6dfb3ea1bf9ef3d7478cf5fa163a0ad65e0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e
0b19d7b02efa2e63180e064f2801718bccb6fd3c2c307ee41110e21e2e4ad390
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e99828cefaa6f9693ef337e90845b5d552f41f60f7c307c58a98c188154b7cc
106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83
11a8668b19ef6097fff8a804c29df8a509e2f83bc09b49cd0be7d47f32d0e6c1
13ad09df4b76a1176f3e84136a845c53e110dd69c16eb8a6a31918f99463a235
159bd804f3a207ce59088ef63f186ba5b3d906d5245b7bfa882a6a6c3f6a9314
16708dda2536b4b3782313db4a6ec8456cd84da7ae0f56d7d2455e68fc9bc4f0
173d7c7e266672df75c4e048a934c55ee24d9a9028a87fd2957e74d1bd6a8d08
18794d2ef2e62636a8d7cea1ce420a572c82e448ab1e4a0a9b817013e99e25f4
1bb152663785de0d636f2f82fcc40d3f48eedb1103e5b18a8156b75ed3c4dbfa
1d9f6d036d9e1cbcbe34790f2282e090aa070bc43fa8ec36b9ab8c2914bbf755
1e96aed3c7e3bcb21f98d7c7c327f2e5d3d96b0317b3ffdf7a44bcd3abc92a88
1f445de04a5aecb7be2e1bb7ea624b6ff895df42fa6edda2e0521a9a347b91f4
1f466b08649eef5ad16c20f6d7207bf8818cb107b6241950dbc568cdffc03d63
1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378
21f93213d56eb417ac2162103b4adeac3307f0f5a361a8c7bbabb40f10827088
23b3e1169aec7a08605694e9b49078b4ef68356f9ae18c533438a83ba53b325b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29637e0647104ccc5d5583e652db29ce99e947c858c3d9502960e7ea7f1aea19
2a9f175b194a086b163117f6a338f0511194f6488b4e651ac3a2aee926d434a4
2c482a58ab3cbe4c3c7806f318a20fc3ab216ce7792de5acb997c14e5b61985e
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
30b5f97631f684e383aa8433196eadfd30e32e14e6cc3ca5be476a4b66f58a51
321cb074d55bfb49606924d5be43291496da9859d3562d60225ac18a0d7e0e8a
347cb64095b29d35a32171fde002a88eb771d1322eeb8528646e2a621a89fc56
34e23d411643b08763f3052d5cb276a0fb01c7d6f7f2a28c248c71f86fce65ab
39e62be89d72bb8938540acfe03e04181b0e8573a62373de3c6cff36e0d996b0
3b0209841325362235c221628e471145726897e4e1c9b210b6e6b2217fdf2ee8
3b733dde510047aba57b7a5e0597f327c9ec61da1634c5d6022751d871e766c4
3b741c508a03df7294a47d302a7793f9cb3e6edf624dfb33ce4995790db6c705
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40ce669780fa869484ea07b29b7b40bf91e21e145b21e3abaa91a357ef7e0fb2
45acec993153bc57d3040b0f14afcf31f61f50397f79b129e29a5ab5e8bb3d0f
48792f870c369d40e4417158813d5f84d01489bbe289e3fea2f18d568bb33f81
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39
4976d521ab3918286d3cd1de1095e5ca97cf5371ec960d0c35b03b20ea1d7330
4d067aab4d696edf85ea216710a54dc64508bb1e82b6d48d905e16f8c5f2c1b8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8
5210a312b316786e908cddb2e218053934705c2c385ab4794d514b6d4e07ce08
5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b
54916830a4704382c31f6c87d03e342ad803979a09d3e4379283da814808e74d
57102516e9d7dfa4054ae168e5001791794304dc2b316c8113164cfd206cc930
571479d52cd675db5573fe46973c62cba6d8224a76136fcefeb90f7dc42a6391
59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282
5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c
5c57a0f6d257ca6be9e6bcb6039fea214962c35b7b30fee3dcc112b8cec18d59
5c5dcbdd805b4603a4ac478d0e3966033767767309ac8eb2ddb6a1aea68ad2c7
5ec92caa48606cbbd1fdb7b430dc9976130cca68e285cabdcac334db5c00f4ea
5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba
5ee8c93fb98398e780a1d2654fe36bf40b6cca6bf01c187c62d01156ee2dc5d0
5f133b60ad7bbbd6b523de333e2b6e316ac818dcf93a8fa183364f7d9abfb429
62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235
66a8d2afd6450d76d15e5b8b786e0b5997d8bec229e4064770bfc8b3421eef86
67156981b5a0d9c7191262d4e95731bb6243d5bb0e5efec77b879781cd1ba4cc
673ba175a4615945e474d7193a03593eb5bf58c4efc98bbef04df57121bec49e
69ea68960d5891581c61b529d674f79b7317e2cd6543a2cb152b3b0ec87e18cf
6b7419c4fa0f9d57268f99de3d580cfb7d239d6b16f7160213186019d083be8f
6e1a8b1bb3e5e1e5a8bb92ea1d8131ebb0fe1b2835b3d66f4886ccd4b5dabb27
6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a
7475f5c70d3b6020b6f4621b2e69fba3360bea00a913e60b085af165b93842ec
74e6f981b8b49af0323f0b5bdbc8399ffbd7c15f1fd047e2e0787bb050ee67dc
76e3c480ce0fd74185bbf9d8806f76239f775b628f66bc775cd09e8e09c7240b
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207
7a64a01e9ecc2e7895c9033ad5302c064ac3060e96d2e036830017aad03b6cf0
7e940502f71091095be29eada2888cf6c9e8a4d0b0eefe78478ce105f18ceac4
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f0ac2034d1b5eabc36c56bb928d6bc091936219153563b2e4627ec74971c31f
807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752
80d3a8b21bedf057c49f279fc289b9a74097f109a10fbea118ad266751a44ca1
82ac71acb9af2e413f0a0ace03ef838c9d5fbbb57c881badbb69c8fd5f0c40c7
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85c33811c2b04e4e02babe2fd6bd7ac0035f93e95827116429bbda2cf9c6c95d
86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a
863b0e04b9e8af02d763cb98563ca8d9f80c6b99a3ec2eb6395db229bc3f8ba9
86b1750ac3fa82df8295e51912887cc0f10833802b17dc1f76a31293f7ecf049
88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf
8b3c2389e343de6db36fef0ff22ecfcb56ef82cf2715447361a3674b73a82f84
8ba138a967a9d9783221e2f5d964b5fc4e74328714bd6e998e26b38538ac2dd4
8d4c241b81f94970e953db16cb99ebfdc6985e0872d9ddf824ab03bba7b09909
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc40a5096530714279199bd98ffbe44f3108bf9dd183ec74d85f69705d86e25
8f4ade5c0b8fdedeefdd3a199c26f0e8abd2d526fd30f84a4ced9931be959c16
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9431bc6d1a6d036a70c92dfc9000d7965f939671a59705bdd01c3e652048ed9a
9664537951dcb4580bae564d7f88764f4b029da8a261701b87088daee7a8c94c
9855a59718962464e4d5f8b5d81bffb21b23697ec11d04554543258a02dabedf
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
9ccc4f584e6ccf57e322aeec34ef531809a406ae596bbcc91681b6fe78d70e87
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a26f3a06775611291ff8d05deab6a7ae89306e505cf805f53fa91c482ce72951
a2f68bc8c6073efd0508c355594e530e140bf887545101f0e3fe7142d4e249ed
a6607887e6c31ca484193f052a418f2c548d27d2409c0041697ae071a2255924
a7d16dbea6d1099c01d7ec5db9f14240ced938c9a02fa1438adcf0b9dd5f4546
a84f14fc85bca40863dbe7ccc7a4065d16d6e4824f25c3042603fec63f296b4d
ac33799b01c54a937f0b15218887cbca56cdf9c9b2c155afe5911d8a304f59bd
ae349e55a8114da27b50d42c1841a458a4d1fd1b5f1a6982672bbf76e258f698
b17641fa05fbd3289813683e25b16f1ba8e021ebe83597a554d1f920ea3801b7
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b26a37736a1c5a3e268b492a0b89a278c88208bdf6ea88543c0720c0317854c8
b53a8679f64261d270c8e531fe1e2b8e463f3592155dcf4c2dbc5deeab2f3b63
b577055e927a94b842ec53fc28f8a4187844e16edd60abaaaf2ee337e213911b
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b72f8b6e1195ddf2e574efdf2de473e3dd42579d828a6d66c868fc59a1f12bb6
b7b81a1093c98375cc4b5ea1e13809bbb44727bc1cbbeb9c061a32bcd9110330
b9bc5e27df97d39e8987cb98d15eec5b4006f7d13856909acc73a05314609a2c
bce95819f6aad47989b09050f087dbfa9290fb602b3db8d48af0fac1846d482d
bd2f1d776a255c29e59f51a99edb16a6c070d10948254b635f9294c6ecb65dd6
c093f493e07bb5abb46735a133912880470d2aece8ef9937bbefff9b93e3ddf8
c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34
c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c46974d8f6030e4888708b18a5d9a32b25eb765a5708896e1899df449d87aab7
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a
cbbf05b75f19de06d0215adf634456637b43c0e1476d19f956e5bedd8e062ed6
cf3ac346996bb6026f9b290f1674b6865c20c7a7bfd878ecd5943cc372d529f1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff3ff7513a42187f914df965c0006c8756f549dc13ffb64540767042902a748
d029f27f8867551293d5c511d597dfb56d9c19bf43dcc9520afef2aedb488697
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1e180dd689871e44f80019fd3754fa8ba82bdd9c3e75259ee95e215ba4875c3
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3
d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa
d9478103283fcc71a2d63fb1dd0e0e1fbf845129ca6a1083e5d83bb6bde0a804
d95fa6e8554892975af74171c022a403546a4392a94d713d548747181353f300
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db13ee339357db5e7cb93375e24ae33ff7ff4b50510ebbadcb8d630c3adc580d
dce92d04fbed4ddd2818e9294233f43b5b18fa36d52ca2a1197b91a07a90a3d0
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de80309d98405d566c6fb1912811b24c8ad3a8380f6819d26a6c1eac5cd99185
deb4905d77dfc76d6afa0cd5873c80a687443ec67e6c17b40001332d47b46be7
e084a2ab3d44702a3c41ebe5e881ec99f74364cb30d3776b7b5f9df67200b945
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e316f6d2d60be91c4800dedbbadc0588437fb04175c45fa328b19bd052c9dbb9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45c4ad07bbc7ee646f4ec2c7e60128f5068bea7abb0d1414bbb32549b50c5ba
e5aba053986fb4ae8df831de0b4e2c3b896de23761298d1fe3aa537a8c1c2fc8
e5dbc70548742ced0b9d86447bc609eb7656f8b771bc75ea076b09dae01eb774
e7e1d8a231003f2577062e3d58f628674d672a79452d19484e593a94bc3d02e2
e8830a414dfeb4c0e0f519d3419f69849df9226f329357c938333dbf2c956f63
ee97e5ab3f0d4e0682976c789daef044ac46dd586ff9aa0e81986df859772280
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d38ae928ba9146b3a17090df2f7eb0199ec4a9734c274ae8867f77b9ad6f41
f2270d3738e32653170a1a5aa6ce4865f519f6f9cc7c94c81ce901569044347e
f9005e0bc66b4637535b09be10356488207c6741d9cf428510105a434164e554
f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d
f962f0c8ed922b0b1fd583d19ab38d00a23ce43c936106ed741eb87a768e18ac
f96404a5109bb3019e0e226fc1755bff9d22c7c31c4878a69807ca4ce6ae4471
fa99e707401fb91592a9b593516b5f368a8cbbabc5ad264fbb4ec59af584dcdf
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fec42251b609d8b4fe4af4f0d5a4b2389feabd5f61aec3ad12e136be94e68d89
ff75fe17e278bd54777fafcca26b43bfc0f3cb94218c1a69d94e5833c4c5f641

arstechnica.com Open in urlscan Pro 18.190.84.233 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

269 Requests

89 %HTTPS

31 %IPv6

43 Domains

76 Subdomains

62 IPs

7 Countries

19571 kBTransfer

27667 kBSize

42 Cookies

40 Outgoing links

Redirected requests

269 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

arstechnica.com Open in urlscan Pro
18.190.84.233 Public Scan

Screenshot
Live screenshot

Full Image

269
Requests

89 %
HTTPS

31 %
IPv6

43
Domains

76
Subdomains

62
IPs

7
Countries

19571 kB
Transfer

27667 kB
Size

42
Cookies

269 HTTP transactions
10 data transactions