urlscan.io logo urlscan.io
SecurityTrails logo

arstechnica.com Open in urlscan Pro
50.31.169.131  Public Scan

Go To Rescan Add Verdict Report
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-th...
Submission: On March 08 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 95 IPs in 6 countries across 60 domains to perform 264 HTTP transactions. The main IP is 50.31.169.131, located in Chicago, United States and belongs to SERVERCENTRAL - Server Central Network, US. The main domain is arstechnica.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 16th 2019. Valid for: 2 years.
This is the only time arstechnica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 50.31.169.131 23352 (SERVERCEN...)
19 205.234.175.175 30081 (CACHENETW...)
2 2.18.69.88 16625 (AKAMAI-AS)
3 151.139.128.10 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 151.101.0.239 54113 (FASTLY)
1 10 2a00:1450:400... 15169 (GOOGLE)
1 3.8.83.125 16509 (AMAZON-02)
1 46.228.164.13 56396 (TURN)
1 23.220.34.169 20940 (AKAMAI-ASN1)
1 35.190.92.63 15169 (GOOGLE)
1 35.161.216.48 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 3 104.103.89.123 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.232.160.106 14618 (AMAZON-AES)
4 54.174.217.231 14618 (AMAZON-AES)
21 54.165.0.24 14618 (AMAZON-AES)
1 2.18.69.225 16625 (AKAMAI-AS)
2 52.206.32.35 14618 (AMAZON-AES)
2 13.35.254.37 16509 (AMAZON-02)
1 2600:9000:200... 16509 (AMAZON-02)
2 2 2a00:1450:400... ()
2 2 2a00:1450:400... ()
2 2a00:1450:400... 15169 (GOOGLE)
2 5 52.51.131.19 16509 (AMAZON-02)
1 34.199.66.245 14618 (AMAZON-AES)
1 2 35.190.59.101 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 99.86.1.198 16509 (AMAZON-02)
2 13.35.253.40 16509 (AMAZON-02)
4 2.18.69.96 16625 (AKAMAI-AS)
1 52.30.183.205 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 13.35.253.99 16509 (AMAZON-02)
1 54.236.94.210 14618 (AMAZON-AES)
2 99.86.3.46 16509 (AMAZON-02)
7 2606:2800:234... 15133 (EDGECAST)
2 3 2620:109:c00c... 14413 (LINKEDIN)
1 1 2620:109:c002... ()
8 104.103.102.169 16625 (AKAMAI-AS)
7 2.18.70.82 16625 (AKAMAI-AS)
1 35.190.40.172 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 172.217.21.194 15169 (GOOGLE)
2 63.32.166.115 16509 (AMAZON-02)
2 63.140.41.50 15224 (OMNITURE)
1 1 66.117.28.86 ()
1 178.250.0.130 44788 (ASN-CRITE...)
1 54.210.157.45 14618 (AMAZON-AES)
2 3 176.34.134.126 16509 (AMAZON-02)
1 13.35.253.129 16509 (AMAZON-02)
1 64.74.236.51 22075 (AS-OUTBRAIN)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:200... 16509 (AMAZON-02)
4 52.0.77.209 14618 (AMAZON-AES)
1 2 104.244.42.72 13414 (TWITTER)
2 35.201.67.47 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:200... 16509 (AMAZON-02)
10 13.35.254.100 16509 (AMAZON-02)
6 13.35.254.194 16509 (AMAZON-02)
2 2606:2800:134... 15133 (EDGECAST)
2 52.10.81.221 16509 (AMAZON-02)
2 2 37.252.172.40 ()
7 34.215.123.63 16509 (AMAZON-02)
2 2 216.58.210.2 ()
2 2 185.64.189.110 ()
1 1 185.31.128.129 ()
1 151.101.2.2 54113 (FASTLY)
1 13.35.253.9 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 13.35.254.94 16509 (AMAZON-02)
1 52.4.204.57 14618 (AMAZON-AES)
1 2606:2800:134... 15133 (EDGECAST)
6 213.19.162.41 26667 (RUBICONPR...)
1 23.53.174.16 16625 (AKAMAI-AS)
8 20 152.195.15.114 15133 (EDGECAST)
2 52.94.216.48 16509 (AMAZON-02)
1 13.35.254.26 16509 (AMAZON-02)
1 2a00:1450:400... ()
2 2a03:2880:f01... ()
6 34.235.240.97 ()
2 13.35.253.81 ()
4 2a00:1450:400... ()
3 13.35.253.82 ()
1 13.35.254.168 ()
4 2.18.70.50 ()
1 2606:4700::68... ()
4 104.17.192.78 ()
2 2606:4700::68... ()
1 2606:4700::68... ()
2 54.175.204.148 ()
1 52.2.117.76 ()
1 23.3.166.144 ()
1 52.33.126.96 ()
2 2a03:2880:f11... ()
1 34.196.95.160 ()
1 104.66.106.214 ()
1 54.77.130.155 ()
2 178.250.0.93 44788 (ASN-CRITE...)
1 34.200.171.196 ()
264 95
1    50.31.169.131 (Chicago, United States)

ASN23352 (SERVERCENTRAL - Server Central Network, US)
PTR: ge-11-2-1.ar10.ord6.us.scnet.net
arstechnica.com
19    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US)
PTR: vip1.G-anycast1.cachefly.net
cdn.arstechnica.net
2    2.18.69.88 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-69-88.deploy.static.akamaitechnologies.com
assets.adobedtm.com
3    151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
s.skimresources.com
p.skimresources.com
1    2a00:1450:4001:808::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    151.101.0.239 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
pixel.condenastdigital.com
10    2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
ampcid.google.de
1    3.8.83.125 (Fairfield, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-8-83-125.eu-west-2.compute.amazonaws.com
secure.quantserve.com
1    46.228.164.13 (United Kingdom)

ASN56396 (TURN, GB)
d.turn.com
1    23.220.34.169 (Cambridge, United States)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-220-34-169.deploy.static.akamaitechnologies.com
ak.sail-horizon.com
1    35.190.92.63 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 63.92.190.35.bc.googleusercontent.com
tag.bounceexchange.com
1    35.161.216.48 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-161-216-48.us-west-2.compute.amazonaws.com
a.ad.gt
1    2a02:26f0:6c00:28c::25ea (European Union)

ASN20940 (AKAMAI-ASN1, US)
snap.licdn.com
3    104.103.89.123 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-103-89-123.deploy.static.akamaitechnologies.com
sb.scorecardresearch.com
1    2a00:1450:4001:81c::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ampcid.google.com
2    34.232.160.106 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-232-160-106.compute-1.amazonaws.com
infinityid.condenastdigital.com
4    54.174.217.231 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-174-217-231.compute-1.amazonaws.com
4d.condenastdigital.com
21    54.165.0.24 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-165-0-24.compute-1.amazonaws.com
capture.condenastdigital.com
1    2.18.69.225 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-69-225.deploy.static.akamaitechnologies.com
widgets.outbrain.com
2    52.206.32.35 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-206-32-35.compute-1.amazonaws.com
api.cnevids.com
2    13.35.254.37 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-37.fra6.r.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
1    2600:9000:200c:da00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
rules.quantcount.com
2    2a00:1450:400c:c0a::9d (Ireland)

ASN- ()
stats.g.doubleclick.net
2    2a00:1450:4001:824::2004 (Ireland)

ASN- ()
www.google.com
2    2a00:1450:4001:820::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
5    52.51.131.19 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-51-131-19.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.199.66.245 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-199-66-245.compute-1.amazonaws.com
srv-2019-03-08-16.config.parsely.com
2    35.190.59.101 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
5    2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
adservice.google.de
2    99.86.1.198 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-99-86-1-198.fra6.r.cloudfront.net
c.amazon-adsystem.com
2    13.35.253.40 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-40.fra6.r.cloudfront.net
player.cnevids.com
4    2.18.69.96 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-69-96.deploy.static.akamaitechnologies.com
js-sec.indexww.com
as-sec.casalemedia.com
1    52.30.183.205 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-30-183-205.eu-west-1.compute.amazonaws.com
segment-data.zqtk.net
2    2606:4700::6813:d983 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.mediavoice.com
plugin.mediavoice.com
1    13.35.253.99 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-99.fra6.r.cloudfront.net
cdn.accelerator.arsdev.net
1    54.236.94.210 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-236-94-210.compute-1.amazonaws.com
infinityid.condenastdigital.com
2    99.86.3.46 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-99-86-3-46.fra6.r.cloudfront.net
assets.bounceexchange.com
7    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
platform.twitter.com
3    2620:109:c00c:104::b93f:9005 (United States)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)
px.ads.linkedin.com
1    2620:109:c002::6cae:a0a (United States)

ASN- ()
www.linkedin.com
8    104.103.102.169 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-103-102-169.deploy.static.akamaitechnologies.com
c.evidon.com
7    2.18.70.82 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-70-82.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
1    35.190.40.172 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 172.40.190.35.bc.googleusercontent.com
api.skimlinks.mgr.consensu.org
2    2a00:1450:4001:820::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
6    172.217.21.194 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
2    63.32.166.115 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-32-166-115.eu-west-1.compute.amazonaws.com
condenast.demdex.net
2    63.140.41.50 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: arstechnica.com.ssl.d1.sc.omtrdc.net
sstats.arstechnica.com
1    66.117.28.86 (Lehi, United States)

ASN- ()
cm.everesttech.net
1    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    54.210.157.45 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-210-157-45.compute-1.amazonaws.com
api.rlcdn.com
3    176.34.134.126 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-134-126.eu-west-1.compute.amazonaws.com
match.adsrvr.org
1    13.35.253.129 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-129.fra6.r.cloudfront.net
mid.rkdms.com
1    64.74.236.51 (United States)

ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US)
PTR: chi.outbrain.com
log.outbrainimg.com
2    2606:4700::6811:4132 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
polarcdn-terrax.com
1    2600:9000:200c:2800:10:27b4:f500:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
iabmap.evidon.com
4    52.0.77.209 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-0-77-209.compute-1.amazonaws.com
l.betrad.com
2    104.244.42.72 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
syndication.twitter.com
2    35.201.67.47 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
1    2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
1    2600:9000:200c:4000:1:af78:4c0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
vendorlist.consensu.org
10    13.35.254.100 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-100.fra6.r.cloudfront.net
dwgyu36up6iuz.cloudfront.net
6    13.35.254.194 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-194.fra6.r.cloudfront.net
dwgyu36up6iuz.cloudfront.net
2    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
cdn.syndication.twimg.com
pbs.twimg.com
2    52.10.81.221 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-10-81-221.us-west-2.compute.amazonaws.com
p.ad.gt
2    37.252.172.40 (European Union)

ASN- ()
PTR: 155.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
7    34.215.123.63 (Boardman, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-215-123-63.us-west-2.compute.amazonaws.com
ids.ad.gt
2    216.58.210.2 (Mountain View, United States)

ASN- ()
PTR: fra16s07-in-f2.1e100.net
cm.g.doubleclick.net
2    185.64.189.110 (United Kingdom)

ASN- ()
image2.pubmatic.com
1    185.31.128.129 (United States)

ASN- ()
p.rfihub.com
1    151.101.2.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)
odb.outbrain.com
1    13.35.253.9 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-253-9.fra6.r.cloudfront.net
player.cnevids.com
3    2a00:1450:4001:820::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
imasdk.googleapis.com
3    13.35.254.94 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-94.fra6.r.cloudfront.net
d2c8v52ll5s99u.cloudfront.net
1    52.4.204.57 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-4-204-57.compute-1.amazonaws.com
evidon.mgr.consensu.org
1    2606:2800:134:1a0d:1429:742:782:b6 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
abs.twimg.com
6    213.19.162.41 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)
fastlane.rubiconproject.com
1    23.53.174.16 (Cambridge, United States)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-53-174-16.deploy.static.akamaitechnologies.com
as-sec.casalemedia.com
20    152.195.15.114 (Ashburn, United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
adserver-us.adtech.advertising.com
2    52.94.216.48 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
aax.amazon-adsystem.com
1    13.35.254.26 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-35-254-26.fra6.r.cloudfront.net
d2c8v52ll5s99u.cloudfront.net
1    2a00:1450:4001:821::2006 (Ireland)

ASN- ()
s0.2mdn.net
2    2a03:2880:f01c:216:face:b00c:0:3 (Ireland)

ASN- ()
connect.facebook.net
6    34.235.240.97 (Ashburn, United States)

ASN- ()
PTR: ec2-34-235-240-97.compute-1.amazonaws.com
capture.condenastdigital.com
2    13.35.253.81 (Seattle, United States)

ASN- ()
PTR: server-13-35-253-81.fra6.r.cloudfront.net
dp8hsntg6do36.cloudfront.net
4    2a00:1450:4001:815::2001 (Ireland)

ASN- ()
tpc.googlesyndication.com
3    13.35.253.82 (Seattle, United States)

ASN- ()
PTR: server-13-35-253-82.fra6.r.cloudfront.net
dp8hsntg6do36.cloudfront.net
1    13.35.254.168 (Seattle, United States)

ASN- ()
PTR: server-13-35-254-168.fra6.r.cloudfront.net
dwgyu36up6iuz.cloudfront.net
4    2.18.70.50 (European Union)

ASN- ()
PTR: a2-18-70-50.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
1    2606:4700::6813:f77e (United States)

ASN- ()
static.polarcdn.com
4    104.17.192.78 (San Francisco, United States)

ASN- ()
polarcdn-pentos.com
2    2606:4700::6811:dd0f (United States)

ASN- ()
bw-prod.plrsrvcs.com
1    2606:4700::6811:4032 (United States)

ASN- ()
polarcdn-terrax.com
2    54.175.204.148 (Ashburn, United States)

ASN- ()
PTR: ec2-54-175-204-148.compute-1.amazonaws.com
v4.moatads.com
1    52.2.117.76 (Ashburn, United States)

ASN- ()
PTR: ec2-52-2-117-76.compute-1.amazonaws.com
capture.condenastdigital.com
1    23.3.166.144 (Cambridge, United States)

ASN- ()
PTR: a23-3-166-144.deploy.static.akamaitechnologies.com
tags.bkrtx.com
1    52.33.126.96 (Boardman, United States)

ASN- ()
PTR: ec2-52-33-126-96.us-west-2.compute.amazonaws.com
pixels.ad.gt
2    2a03:2880:f11c:8083:face:b00c:0:25de (Ireland)

ASN- ()
www.facebook.com
1    34.196.95.160 (Ashburn, United States)

ASN- ()
PTR: ec2-34-196-95-160.compute-1.amazonaws.com
srv-2019-03-08-16.pixel.parsely.com
1    104.66.106.214 (Amsterdam, Netherlands)

ASN- ()
PTR: a104-66-106-214.deploy.static.akamaitechnologies.com
stags.bluekai.com
1    54.77.130.155 (Dublin, Ireland)

ASN- ()
PTR: ec2-54-77-130-155.eu-west-1.compute.amazonaws.com
condenast.demdex.net
2    178.250.0.93 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    34.200.171.196 (Ashburn, United States)

ASN- ()
PTR: ec2-34-200-171-196.compute-1.amazonaws.com
srv-2019-03-08-16.pixel.parsely.com
Apex Domain
Subdomains		 Transfer
36 condenastdigital.com
pixel.condenastdigital.com
infinityid.condenastdigital.com
4d.condenastdigital.com
capture.condenastdigital.com
22 KB
28 cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
dwgyu36up6iuz.cloudfront.net
d2c8v52ll5s99u.cloudfront.net
dp8hsntg6do36.cloudfront.net
1 MB
20 advertising.com
adserver-us.adtech.advertising.com
5 KB
19 arstechnica.net
cdn.arstechnica.net
1 MB
11 ad.gt
a.ad.gt
p.ad.gt
ids.ad.gt
pixels.ad.gt
21 KB
10 doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
pubads.g.doubleclick.net
94 KB
9 evidon.com
c.evidon.com
iabmap.evidon.com
36 KB
9 twitter.com
platform.twitter.com
syndication.twitter.com
110 KB
9 google-analytics.com
www.google-analytics.com
21 KB
8 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
images.outbrainimg.com
56 KB
8 demdex.net
dpm.demdex.net
condenast.demdex.net
7 KB
7 skimresources.com
s.skimresources.com
r.skimresources.com
p.skimresources.com
t.skimresources.com
17 KB
6 moatads.com
z.moatads.com
v4.moatads.com
px.moatads.com
266 KB
6 rubiconproject.com
fastlane.rubiconproject.com
9 KB
5 googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
63 KB
5 cnevids.com
api.cnevids.com
player.cnevids.com
58 KB
5 google.com
ampcid.google.com
www.google.com
adservice.google.com
1 KB
4 polarcdn-pentos.com
polarcdn-pentos.com
912 B
4 casalemedia.com
as-sec.casalemedia.com
3 KB
4 betrad.com
l.betrad.com
480 B
4 linkedin.com
px.ads.linkedin.com
www.linkedin.com
2 KB
4 amazon-adsystem.com
c.amazon-adsystem.com
aax.amazon-adsystem.com
23 KB
4 googletagservices.com
www.googletagservices.com
95 KB
4 google.de
ampcid.google.de
www.google.de
adservice.google.de
578 B
3 googleapis.com
imasdk.googleapis.com
104 KB
3 twimg.com
cdn.syndication.twimg.com
abs.twimg.com
pbs.twimg.com
6 KB
3 polarcdn-terrax.com
polarcdn-terrax.com
97 KB
3 adsrvr.org
match.adsrvr.org
1 KB
3 consensu.org
api.skimlinks.mgr.consensu.org
vendorlist.consensu.org
evidon.mgr.consensu.org
15 KB
3 parsely.com
srv-2019-03-08-16.config.parsely.com
srv-2019-03-08-16.pixel.parsely.com
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com
1 KB
3 bounceexchange.com
tag.bounceexchange.com
assets.bounceexchange.com
97 KB
3 arstechnica.com
arstechnica.com
sstats.arstechnica.com
15 KB
2 criteo.com
bidder.criteo.com
426 B
2 facebook.com
www.facebook.com
495 B
2 plrsrvcs.com
bw-prod.plrsrvcs.com
3 KB
2 facebook.net
connect.facebook.net
61 KB
2 pubmatic.com
image2.pubmatic.com
995 B
2 adnxs.com
secure.adnxs.com
2 KB
2 mediavoice.com
cdn.mediavoice.com
plugin.mediavoice.com
119 KB
2 outbrain.com
widgets.outbrain.com
odb.outbrain.com
47 KB
2 adobedtm.com
assets.adobedtm.com
65 KB
1 bluekai.com
stags.bluekai.com
1 bkrtx.com
tags.bkrtx.com
10 KB
1 polarcdn.com
static.polarcdn.com
109 KB
1 2mdn.net
s0.2mdn.net
10 KB
1 rfihub.com
p.rfihub.com
890 B
1 rkdms.com
mid.rkdms.com
401 B
1 rlcdn.com
api.rlcdn.com
50 B
1 criteo.net
static.criteo.net
25 KB
1 everesttech.net
cm.everesttech.net
527 B
1 arsdev.net
cdn.accelerator.arsdev.net
315 B
1 zqtk.net
segment-data.zqtk.net
940 B
1 indexww.com
js-sec.indexww.com
38 KB
1 quantcount.com
rules.quantcount.com
2 KB
1 licdn.com
snap.licdn.com
5 KB
1 sail-horizon.com
ak.sail-horizon.com
41 KB
1 turn.com
d.turn.com
698 B
1 quantserve.com
secure.quantserve.com
6 KB
1 googletagmanager.com
www.googletagmanager.com
35 KB
264 60
Domain Requested by
28 capture.condenastdigital.com arstechnica.com
20 adserver-us.adtech.advertising.com 8 redirects arstechnica.com
19 cdn.arstechnica.net arstechnica.com
cdn.arstechnica.net
17 dwgyu36up6iuz.cloudfront.net arstechnica.com
d2c8v52ll5s99u.cloudfront.net
9 www.google-analytics.com 1 redirects www.googletagmanager.com
www.google-analytics.com
8 c.evidon.com assets.adobedtm.com
c.evidon.com
arstechnica.com
7 ids.ad.gt arstechnica.com
7 platform.twitter.com cdn.arstechnica.net
platform.twitter.com
6 images.outbrainimg.com arstechnica.com
6 fastlane.rubiconproject.com js-sec.indexww.com
5 dp8hsntg6do36.cloudfront.net arstechnica.com
d2c8v52ll5s99u.cloudfront.net
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
arstechnica.com
5 dpm.demdex.net 2 redirects arstechnica.com
4 polarcdn-pentos.com static.polarcdn.com
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
4 as-sec.casalemedia.com js-sec.indexww.com
4 d2c8v52ll5s99u.cloudfront.net player.cnevids.com
imasdk.googleapis.com
d2c8v52ll5s99u.cloudfront.net
4 l.betrad.com arstechnica.com
4 www.googletagservices.com cdn.arstechnica.net
securepubads.g.doubleclick.net
4 4d.condenastdigital.com pixel.condenastdigital.com
cdn.arstechnica.net
3 z.moatads.com securepubads.g.doubleclick.net
d2c8v52ll5s99u.cloudfront.net
3 imasdk.googleapis.com player.cnevids.com
imasdk.googleapis.com
3 polarcdn-terrax.com cdn.mediavoice.com
static.polarcdn.com
arstechnica.com
3 match.adsrvr.org 2 redirects js-sec.indexww.com
3 condenast.demdex.net assets.adobedtm.com
3 px.ads.linkedin.com 2 redirects arstechnica.com
3 player.cnevids.com cdn.arstechnica.net
player.cnevids.com
3 infinityid.condenastdigital.com pixel.condenastdigital.com
cdn.arstechnica.net
d2c8v52ll5s99u.cloudfront.net
3 sb.scorecardresearch.com 1 redirects arstechnica.com
www.googletagmanager.com
2 bidder.criteo.com static.criteo.net
2 srv-2019-03-08-16.pixel.parsely.com arstechnica.com
2 www.facebook.com arstechnica.com
2 v4.moatads.com arstechnica.com
2 bw-prod.plrsrvcs.com static.polarcdn.com
arstechnica.com
2 connect.facebook.net d2c8v52ll5s99u.cloudfront.net
connect.facebook.net
2 aax.amazon-adsystem.com c.amazon-adsystem.com
2 image2.pubmatic.com 2 redirects
2 cm.g.doubleclick.net 2 redirects
2 secure.adnxs.com 2 redirects
2 p.ad.gt a.ad.gt
arstechnica.com
2 t.skimresources.com s.skimresources.com
2 syndication.twitter.com 1 redirects arstechnica.com
2 sstats.arstechnica.com assets.adobedtm.com
arstechnica.com
2 adservice.google.com www.googletagservices.com
imasdk.googleapis.com
2 assets.bounceexchange.com tag.bounceexchange.com
assets.bounceexchange.com
2 c.amazon-adsystem.com cdn.arstechnica.net
c.amazon-adsystem.com
2 p.skimresources.com arstechnica.com
2 r.skimresources.com 1 redirects arstechnica.com
2 www.google.de arstechnica.com
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
2 d1z2jf7jlzjs58.cloudfront.net arstechnica.com
d1z2jf7jlzjs58.cloudfront.net
2 api.cnevids.com cdn.arstechnica.net
2 assets.adobedtm.com arstechnica.com
assets.adobedtm.com
1 stags.bluekai.com tags.bkrtx.com
1 pixels.ad.gt p.ad.gt
1 tags.bkrtx.com p.ad.gt
1 px.moatads.com arstechnica.com
1 pubads.g.doubleclick.net d2c8v52ll5s99u.cloudfront.net
1 static.polarcdn.com securepubads.g.doubleclick.net
1 s0.2mdn.net imasdk.googleapis.com
1 pbs.twimg.com arstechnica.com
1 abs.twimg.com arstechnica.com
1 evidon.mgr.consensu.org c.evidon.com
1 odb.outbrain.com widgets.outbrain.com
1 p.rfihub.com 1 redirects
1 cdn.syndication.twimg.com platform.twitter.com
1 vendorlist.consensu.org c.evidon.com
1 pagead2.googlesyndication.com securepubads.g.doubleclick.net
1 iabmap.evidon.com c.evidon.com
1 plugin.mediavoice.com cdn.mediavoice.com
1 log.outbrainimg.com widgets.outbrain.com
1 mid.rkdms.com js-sec.indexww.com
1 api.rlcdn.com js-sec.indexww.com
1 static.criteo.net js-sec.indexww.com
1 cm.everesttech.net 1 redirects
1 adservice.google.de www.googletagservices.com
1 api.skimlinks.mgr.consensu.org s.skimresources.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 www.linkedin.com 1 redirects
1 cdn.accelerator.arsdev.net cdn.arstechnica.net
1 cdn.mediavoice.com cdn.arstechnica.net
1 segment-data.zqtk.net cdn.arstechnica.net
1 js-sec.indexww.com cdn.arstechnica.net
1 srv-2019-03-08-16.config.parsely.com d1z2jf7jlzjs58.cloudfront.net
1 rules.quantcount.com secure.quantserve.com
1 ampcid.google.de www.google-analytics.com
1 widgets.outbrain.com cdn.arstechnica.net
1 ampcid.google.com www.google-analytics.com
1 snap.licdn.com arstechnica.com
1 a.ad.gt www.googletagmanager.com
1 tag.bounceexchange.com arstechnica.com
1 ak.sail-horizon.com www.googletagmanager.com
1 d.turn.com arstechnica.com
1 secure.quantserve.com www.googletagmanager.com
1 pixel.condenastdigital.com cdn.arstechnica.net
1 www.googletagmanager.com arstechnica.com
1 s.skimresources.com arstechnica.com
1 arstechnica.com
264 99
Subject Issuer Validity Valid
*.arstechnica.com
Sectigo RSA Domain Validation Secure Server CA		 2019-01-16 -
2021-01-15		 2 years crt.sh
*.cachefly.net
GlobalSign Organization Validation CA - SHA256 - G2		 2018-09-14 -
2019-09-29		 a year crt.sh
assets.adobedtm.com
DigiCert SHA2 High Assurance Server CA		 2019-03-04 -
2020-03-11		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2018-09-13 -
2020-10-07		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
condenast.com
GlobalSign CloudSSL CA - SHA256 - G3		 2019-02-22 -
2019-09-07		 6 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2018-10-16 -
2019-10-21		 a year crt.sh
*.turn.com
DigiCert SHA2 Secure Server CA		 2019-01-25 -
2020-03-31		 a year crt.sh
ak.sail-horizon.com
GeoTrust RSA CA 2018		 2018-04-10 -
2019-04-10		 a year crt.sh
tag.bounceexchange.com
Thawte RSA CA 2018		 2018-08-13 -
2020-08-12		 2 years crt.sh
*.ad.gt
Amazon		 2018-08-03 -
2019-09-03		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2016-02-16 -
2019-04-17		 3 years crt.sh
*.scorecardresearch.com
COMODO RSA Organization Validation Secure Server CA		 2018-11-28 -
2019-12-26		 a year crt.sh
*.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.conde.io
Amazon		 2018-05-22 -
2019-06-22		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2018-12-14 -
2020-03-14		 a year crt.sh
*.cnevids.com
Trusted Secure Certificate Authority 5		 2017-01-10 -
2020-01-10		 3 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2018-10-08 -
2019-10-09		 a year crt.sh
www.google.de
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.config.parsely.com
Amazon		 2019-02-27 -
2020-03-27		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2018-12-18 -
2019-11-21		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-01-09 -
2020-03-09		 a year crt.sh
*.zqtk.net
COMODO RSA Domain Validation Secure Server CA		 2018-08-09 -
2020-08-24		 2 years crt.sh
ssl962336.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-01-25 -
2019-12-11		 a year crt.sh
*.accelerator.arsdev.net
Amazon		 2018-08-14 -
2019-09-14		 a year crt.sh
*.bounceexchange.com
Amazon		 2018-08-21 -
2019-09-21		 a year crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA		 2018-11-19 -
2019-11-27		 a year crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2017-06-06 -
2019-06-11		 2 years crt.sh
*.evidon.com
DigiCert ECC Secure Server CA		 2019-02-01 -
2020-05-02		 a year crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2019-02-24 -
2020-05-25		 a year crt.sh
api.skimlinks.mgr.consensu.org
DigiCert SHA2 Secure Server CA		 2018-08-15 -
2019-10-23		 a year crt.sh
sstats.arstechnica.com
DigiCert SHA2 High Assurance Server CA		 2019-03-03 -
2020-06-05		 a year crt.sh
*.criteo.net
DigiCert SHA2 Secure Server CA		 2018-11-08 -
2019-12-19		 a year crt.sh
*.rlcdn.com
Go Daddy Secure Certificate Authority - G2		 2017-05-08 -
2019-06-21		 2 years crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2017-02-15 -
2019-04-19		 2 years crt.sh
*.rkdms.com
Entrust Certification Authority - L1K		 2017-10-09 -
2020-10-30		 3 years crt.sh
ssl446800.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-10-26 -
2019-05-04		 6 months crt.sh
l.betrad.com
Go Daddy Secure Certificate Authority - G2		 2017-04-25 -
2019-06-24		 2 years crt.sh
syndication.twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-01-24 -
2020-01-24		 a year crt.sh
vendorlist.consensu.org
Amazon		 2019-03-06 -
2020-04-06		 a year crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-02-28 -
2019-09-07		 6 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
evidon.mgr.consensu.org
Amazon		 2018-09-20 -
2019-10-20		 a year crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.adtech.advertising.com
DigiCert SHA2 High Assurance Server CA		 2018-05-22 -
2020-05-26		 2 years crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2018-12-12 -
2019-12-10		 a year crt.sh
*.doubleclick.net
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-01-21 -
2019-04-21		 3 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
moatads.com
DigiCert ECC Secure Server CA		 2018-11-10 -
2020-02-09		 a year crt.sh
ssl962736.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-12-19 -
2019-12-11		 a year crt.sh
ssl887612.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-05-18 -
2019-04-19		 a year crt.sh
ssl880796.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-02-20 -
2019-08-29		 6 months crt.sh
*.moatads.com
DigiCert SHA2 Secure Server CA		 2018-04-27 -
2019-04-27		 a year crt.sh
*.bkrtx.com
DigiCert SHA2 Secure Server CA		 2018-12-03 -
2020-03-03		 a year crt.sh
*.pixel.parsely.com
Amazon		 2019-02-27 -
2020-03-27		 a year crt.sh
odc-prod-01.oracle.com
DigiCert ECC Secure Server CA		 2018-12-10 -
2020-03-10		 a year crt.sh
*.criteo.com
DigiCert SHA2 Secure Server CA		 2018-11-05 -
2020-01-03		 a year crt.sh

This page contains 12 frames:

Primary Page: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Frame ID: AFA09F4A0B757A0BECCCDAE78A11D68C
Requests: 230 HTTP requests in this frame

Frame: https://condenast.demdex.net/dest5.html?d_nsid=0
Frame ID: F8CA1C9B915B40ACA0EFAB811933C523
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Farstechnica.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Frame ID: 55DDF6BD0FD8D9244516375E4CCAD1AE
Requests: 1 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame10.min.html
Frame ID: 0E0991D4D62D617C96694D399BFB4D04
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: A164641CD3BFC4FFF5F6BFAB45065AE4
Requests: 30 HTTP requests in this frame

Frame: https://platform.twitter.com/jot.html
Frame ID: 0D57E2A54E47E6BBA249EEB3E9DC7C9E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.285.0_en.html
Frame ID: 5E224FB8CFA632D7761648780E514ED1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190304/r20190304/client/ext/m_window_focus_non_hydra.js
Frame ID: E8FB35F0E595218957D07C116387FA53
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
Frame ID: A138087F1F14F6A221B6B2471520A0EE
Requests: 1 HTTP requests in this frame

Frame: https://static.polarcdn.com/creative/creative.js
Frame ID: 25DED3D2BFA059CD61FAC6246FCA8C2E
Requests: 12 HTTP requests in this frame

Frame: https://stags.bluekai.com/site/51219?ret=html&phint=AudigentSegmentID%3D&phint=__bk_t%3DA%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild%20%7C%20Ars%20Technica&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&limit=10&r=51894889
Frame ID: A3772BD7E110F9431454DF7A6CEDAD25
Requests: 1 HTTP requests in this frame

Frame: https://condenast.demdex.net/dest4.html?d_nsid=0
Frame ID: EEC6F7C04B56573F7CE8F29DC5D3027A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+wp-(?:content|includes)/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • env /^bouncex$/i
Overall confidence: 100%
Detected patterns
  • env /^criteo/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
  • env /^google_ad_/i
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • env /^moment$/i
Overall confidence: 100%
Detected patterns
  • env /^(?:OutbrainPermaLink|OB_releaseVer)$/i
Overall confidence: 100%
Detected patterns
  • env /^PARSELY$/i
Overall confidence: 100%
Detected patterns
  • env /^quantserve$/i
Overall confidence: 100%
Detected patterns
  • env /^s_(?:account|objectID|code|INST)$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

264
Requests

99 %
HTTPS

27 %
IPv6

60
Domains

99
Subdomains

95
IPs

6
Countries

4014 kB
Transfer

9392 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035094&ns__t=1552061721223&ns_c=UTF-8&c8=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild%20%7C%20Ars%20Technica&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1552061721223&ns_c=UTF-8&c8=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild%20%7C%20Ars%20Technica&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&c9=
Request Chain 52
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-31997-1&cid=1946715653.1552061721&jid=359638735&gjid=163972958&_gid=1262458432.1552061721&_u=aGBAgUAjAAQC~&z=836492379 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31997-1&cid=1946715653.1552061721&jid=359638735&_v=j73&z=836492379 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31997-1&cid=1946715653.1552061721&jid=359638735&_v=j73&z=836492379&slf_rd=1&random=1788577031
Request Chain 53
  • https://dpm.demdex.net/id?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F7093025512D2B690A490D44%40AdobeOrg&d_nsid=0&ts=1552061721509 HTTP 302
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F7093025512D2B690A490D44%40AdobeOrg&d_nsid=0&ts=1552061721509
Request Chain 56
  • https://r.skimresources.com/api/?callback=skimlinksBeaconCallback&data=%7B%22pubcode%22%3A%22100098X1555750%22%2C%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F%22%2C%22domains%22%3A%5B%22microsoft.com%22%2C%22facebook.com%22%2C%22twitter.com%22%2C%22reddit.com%22%2C%22chromereleases.googleblog.com%22%2C%22google.com%22%2C%22security.googleblog.com%22%2C%22outbrain.com%22%2C%22condenast.com%22%5D%7D HTTP 302
  • https://r.skimresources.com/api/?callback=skimlinksBeaconCallback&persistence=1&xguid=01D5F1CTZ4ZRK1KNHPJNBYDZ05&data=%7B%22pubcode%22%3A%22100098X1555750%22%2C%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F%22%2C%22domains%22%3A%5B%22microsoft.com%22%2C%22facebook.com%22%2C%22twitter.com%22%2C%22reddit.com%22%2C%22chromereleases.googleblog.com%22%2C%22google.com%22%2C%22security.googleblog.com%22%2C%22outbrain.com%22%2C%22condenast.com%22%5D%7D&checksum=d3ebe4af9526d2db412ffea50868f96fb1e1c4059c955f51412933dd7cb1ff05
Request Chain 74
  • https://px.ads.linkedin.com/collect/?time=1552061721596&pid=895394&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&fmt=js&s=1 HTTP 302
  • https://px.ads.linkedin.com/collect/?time=1552061721596&pid=895394&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&fmt=js&s=1&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1552061721596%26pid%3D895394%26url%3Dhttps%253A%252F%252Farstechnica.com%252Finformation-technology%252F2019%252F03%252Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%252F%26fmt%3Djs%26s%3D1%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect/?time=1552061721596&pid=895394&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&fmt=js&s=1&cookiesTest=true&liSync=true
Request Chain 88
  • https://cm.everesttech.net/cm/dd?d_uuid=82668335761286303253620890801045522588 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XIKVGQAAEFiiUjx0
Request Chain 137
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=4651a76b-1656-43c7-9309-9b9867f6b737&adnxs_id=$UID HTTP 302
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D4651a76b-1656-43c7-9309-9b9867f6b737%26adnxs_id%3D%24UID HTTP 302
  • https://ids.ad.gt/api/v1/match?id=4651a76b-1656-43c7-9309-9b9867f6b737&adnxs_id=7004295617297334264
Request Chain 138
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=4651a76b-1656-43c7-9309-9b9867f6b737 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=4651a76b-1656-43c7-9309-9b9867f6b737 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=382ab7b5-054d-4203-a227-10a6f3aad02a&id=4651a76b-1656-43c7-9309-9b9867f6b737
Request Chain 139
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=4651a76b-1656-43c7-9309-9b9867f6b737 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=4651a76b-1656-43c7-9309-9b9867f6b737&google_tc= HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=4651a76b-1656-43c7-9309-9b9867f6b737&google_gid=CAESEGgIDRTe7TkdcVG4uO00Gd8&google_cver=1&google_ula=450542624,0
Request Chain 140
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=4651a76b-1656-43c7-9309-9b9867f6b737&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D4651a76b-1656-43c7-9309-9b9867f6b737 HTTP 302
  • https://ids.ad.gt/api/v1/adb_match?adb=82668335761286303253620890801045522588&id=4651a76b-1656-43c7-9309-9b9867f6b737
Request Chain 141
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D4651a76b-1656-43c7-9309-9b9867f6b737 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D4651a76b-1656-43c7-9309-9b9867f6b737 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=9FE7294D-8D04-473B-B32D-94B1421520FA&id=4651a76b-1656-43c7-9309-9b9867f6b737
Request Chain 142
  • https://p.rfihub.com/cm?pub=38725&userid=4651a76b-1656-43c7-9309-9b9867f6b737&in=1&forward=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fszm_match%3Fszm%3D{userid}%26id%3D4651a76b-1656-43c7-9309-9b9867f6b737 HTTP 302
  • https://ids.ad.gt/api/v1/szm_match?szm=1049690557612454184&id=4651a76b-1656-43c7-9309-9b9867f6b737
Request Chain 162
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/ADTECH;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks._KGPeRKZS; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/ADTECH;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks._KGPeRKZS
Request Chain 163
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/ADTECH;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks._Ljxu4CM4; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/ADTECH;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks._Ljxu4CM4
Request Chain 165
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/ADTECH;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._klkLM909; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/ADTECH;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._klkLM909
Request Chain 166
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/ADTECH;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._5yhyt3RC; HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/ADTECH;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._5yhyt3RC
Request Chain 190
  • https://syndication.twitter.com/i/jot HTTP 302
  • https://platform.twitter.com/jot.html
Request Chain 250
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/ADTECH;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks._KGPeRKZS HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/ADTECH;apid=1A62564892-41bd-11e9-b880-0ec83b91fe34;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks._KGPeRKZS
Request Chain 251
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/ADTECH;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._5yhyt3RC HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/ADTECH;apid=1A6257636c-41bd-11e9-b2da-0efd2af68b76;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._5yhyt3RC
Request Chain 252
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/ADTECH;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._klkLM909 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/ADTECH;apid=1A62575d0e-41bd-11e9-8f8a-0ee260c63e88;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._klkLM909
Request Chain 253
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/ADTECH;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks._Ljxu4CM4 HTTP 302
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/ADTECH;apid=1A62588fa8-41bd-11e9-a821-0eb56199d91a;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks._Ljxu4CM4
Request Chain 276
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=868087577&t=pageview&_s=1&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&ul=en-us&de=UTF-8&dt=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild%20%7C%20Ars%20Technica&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGhAAUI7AAQC~&jid=23912811&gjid=1213651408&cid=1735068556.1552061724&tid=UA-87198801-1&_gid=825587831.1552061730&_r=1&cd1=4651a76b-1656-43c7-9309-9b9867f6b737&cd2=LU6O0M&cd4=arstechnica.com&cd5=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cd6=Passive%20Tagger&cd7=63cc73a3ea43f44ca40ea0af8e9602be&cd9=620349&cd3=57&z=296648446 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-87198801-1&cid=1735068556.1552061724&jid=23912811&_gid=825587831.1552061730&gjid=1213651408&_v=j73&z=296648446 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87198801-1&cid=1735068556.1552061724&jid=23912811&_v=j73&z=296648446 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87198801-1&cid=1735068556.1552061724&jid=23912811&_v=j73&z=296648446&slf_rd=1&random=668204584

264 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/ 		41 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.31.169.131 Chicago, United States, ASN23352 (SERVERCENTRAL - Server Central Network, US),
Reverse DNS
ge-11-2-1.ar10.ord6.us.scnet.net
Software
nginx /
Resource Hash
7f33b408bb432a25329b099b791cea12ed1f0d320e5ee40780c233507251e4f2
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
arstechnica.com
:scheme
https
:path
/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
200
server
nginx
date
Fri, 08 Mar 2019 16:15:20 GMT
content-type
text/html; charset=UTF-8
link
<https://arstechnica.com/wp-json/>; rel="https://api.w.org/"
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
x-ars-server
web205
content-encoding
gzip
main-4251613299.css
cdn.arstechnica.net/wp-content/themes/ars/assets/css/ 		327 KB
68 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-4251613299.css
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
def8b1b4acb8af33768482c30df84198d8586642bb9012441a4733eb806d5db7

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:20 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
69582
x-cf-tsc
1551064599
x-cf2
H
last-modified
Fri, 22 Feb 2019 19:51:00 GMT
server
CFS 0215
x-cff
B
etag
W/"5c7052a4-51d25"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
43357
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:20 GMT
win7-start-640x482.png
cdn.arstechnica.net/wp-content/uploads/2014/10/ 		276 KB
276 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2014/10/win7-start-640x482.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
179f9d198f75c2c596ca5f5106c272c924e4dd59012c0624568612eb11f9763b

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:20 GMT
x-cf3
M
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1552009106:cacheN.fra2-01:H
status
200
content-length
282115
x-cf-tsc
1552010694
x-cf2
H
last-modified
Wed, 01 Oct 2014 21:51:35 GMT
server
CFS 0215
x-cff
B
etag
"542c7767-44e03"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:20 GMT
main-e4c87f2834.js
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 		640 KB
209 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-e4c87f2834.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
a5144eac32861f3e0d84fb1d85d9be7292605043decaf4ea95bda26bdf66cc0b

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:20 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
213347
x-cf-tsc
1551104078
x-cf2
H
last-modified
Fri, 22 Feb 2019 19:51:00 GMT
server
CFS 0215
x-cff
B
etag
"5c7052a4-9fe24"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
30444
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:20 GMT
ars-7c94d08bf6.ads.us.js
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/ars-7c94d08bf6.ads.us.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
c0868291bf7ee06819a5d6f492858dfafb3d8ef15deae431f054017a9088d3c3

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:20 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
1540
x-cf-tsc
1551104057
x-cf2
H
last-modified
Fri, 22 Feb 2019 19:51:00 GMT
server
CFS 0215
x-cff
B
etag
"5c7052a4-d88"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
22445
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:20 GMT
satelliteLib-56a425e07376b6977c987d46ef46ba636a6e2036.js
assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/ 		104 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/satelliteLib-56a425e07376b6977c987d46ef46ba636a6e2036.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.69.88 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-69-88.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
64230599a9383ecbe698e348ca55b33096869b8b8ffd6a8923918488629f325c

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Nov 2018 21:18:16 GMT
Server
Apache
ETag
"47f40c9097e79b869a19e7c5cd70e4e8:1541625496"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*, *, *
Content-Length
34596
Expires
Fri, 08 Mar 2019 17:15:21 GMT
100098X1555750.skimlinks.js
s.skimresources.com/js/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/100098X1555750.skimlinks.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e5f875cc88451316617f5ce12096acd0702cacbfe87dd741838151e2a1dc74e6

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
last-modified
Wed, 06 Mar 2019 12:21:00 GMT
server
AmazonS3
x-amz-request-id
45474DEE2EF1B8AE
etag
"6141dcb8cc4cf707d6e6118e6d7cb7e7"
x-hw
1552061721.cds037.pa1.hn,1552061721.cds024.pa1.c
content-type
application/octet-stream
status
200
cache-control
max-age=3600
accept-ranges
bytes
content-length
14472
x-amz-id-2
PUVhdabuyACdHW14a8e1joEBiAX9nkz7E8w26YegWnFo9a9FI9rKN2Yq5IamhDeVjLn70Q8NyYs=
services.min.js
cdn.arstechnica.net/cns/ 		150 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/cns/services.min.js?1552061700
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
f0dbb63f9fc23558751866752892d2b1cf2c488744ce3a63a8ee53ee980adf69

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:20 GMT
content-encoding
gzip
x-cf3
M
x-amz-request-id
6A4CBB1D9D73065F
x-cf1
14961:fD.fra2:co:1551477843:cacheN.fra2-01:H
status
200
content-length
44024
x-amz-id-2
6U1PCIDxfr+oxjoyZeHCLVWdgTAR2lNHTLflEh9UCGn/0bch2ojtmqEDLWW4eq0CXdacOHsDXk4=
x-served-by
cache-mdw17368-MDW
cf4ttl
43200.000
x-cf2
H
last-modified
Fri, 01 Mar 2019 21:18:27 GMT
server
CFS 0215
x-timer
S1551477845.839846,VS0,VE1
x-cff
B
etag
"e7cba1ad8b8993051dbdc5cd0cb3f730"
vary
Accept-Encoding
x-amz-version-id
UZAwYS0IaHUxfAdqRFj2XtiuwDsQD0fb
access-control-allow-origin
*
expires
Fri, 03 May 2019 16:15:20 GMT
cache-control
max-age=4838400
cf4age
0
accept-ranges
bytes
content-type
text/javascript
x-cf-tsc
1551477844
x-cache-hits
1
gtm.js
www.googletagmanager.com/ 		150 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:808::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
35f6540173a26af4e63d4efd93cdd0805c2d06196e34f1687ceb11761c2fe50e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:20 GMT
content-encoding
br
last-modified
Fri, 08 Mar 2019 00:53:16 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
35429
x-xss-protection
1; mode=block
expires
Fri, 08 Mar 2019 16:15:20 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		357 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
economica-bold-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-bold-otf-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-4251613299.css
Origin
https://arstechnica.com

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
25592
x-cf-tsc
1551093943
x-cf2
H
last-modified
Fri, 22 Feb 2019 19:50:59 GMT
server
CFS 0215
x-cff
B
etag
"5c7052a3-63f8"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
26607
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:21 GMT
economica-regular-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-regular-otf-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-4251613299.css
Origin
https://arstechnica.com

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
24264
x-cf-tsc
1551093943
x-cf2
H
last-modified
Fri, 22 Feb 2019 19:50:59 GMT
server
CFS 0215
x-cff
B
etag
"5c7052a3-5ec8"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
26607
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:21 GMT
truncated
/ 		279 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		400 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		700 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		841 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
blockquote-15f4e0cf4f.svg
cdn.arstechnica.net/wp-content/themes/ars/assets/img/ 		434 B
757 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/blockquote-15f4e0cf4f.svg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
69df9c207667c2ef7940a78d951cda72d599be4e843d8bc43cc3b0ff2c08e280

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-4251613299.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
434
x-cf-tsc
1551084252
x-cf2
H
last-modified
Fri, 22 Feb 2019 19:50:59 GMT
server
CFS 0215
x-cff
B
etag
"5c7052a3-1b2"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
11343
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:21 GMT
Dang.jpg
cdn.arstechnica.net/wp-content/uploads/2018/10/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2018/10/Dang.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
92486
x-cf-tsc
1551903421
x-cf2
H
last-modified
Mon, 08 Oct 2018 19:35:22 GMT
server
CFS 0215
x-cff
B
etag
"5bbbb17a-16946"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
41545
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:21 GMT
channel-ars-be7bb52ba9.png
cdn.arstechnica.net/wp-content/themes/ars/assets/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/channel-ars-be7bb52ba9.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-4251613299.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
4809
x-cf-tsc
1551104061
x-cf2
H
last-modified
Fri, 22 Feb 2019 19:50:59 GMT
server
CFS 0215
x-cff
B
etag
"5c7052a3-12c9"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
36214
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:21 GMT
truncated
/ 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7f2558d7005dc61e343b6abb61a63da8ace760a0fdd45cb0cc124b0de5b4c2f

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		18 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
opensans-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-regular-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-4251613299.css
Origin
https://arstechnica.com

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
18824
x-cf-tsc
1551093945
x-cf2
H
last-modified
Fri, 22 Feb 2019 19:50:59 GMT
server
CFS 0215
x-cff
B
etag
"5c7052a3-4988"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
26609
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:21 GMT
bitter-italic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-italic-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-4251613299.css
Origin
https://arstechnica.com

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
24212
x-cf-tsc
1551093945
x-cf2
H
last-modified
Fri, 22 Feb 2019 19:50:59 GMT
server
CFS 0215
x-cff
B
etag
"5c7052a3-5e94"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
26609
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:21 GMT
bitter-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-regular-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-4251613299.css
Origin
https://arstechnica.com

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
22872
x-cf-tsc
1551093943
x-cf2
H
last-modified
Fri, 22 Feb 2019 19:50:59 GMT
server
CFS 0215
x-cff
B
etag
"5c7052a3-5958"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
26607
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:21 GMT
opensans-semibold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibold-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-4251613299.css
Origin
https://arstechnica.com

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
18972
x-cf-tsc
1551065549
x-cf2
H
last-modified
Fri, 22 Feb 2019 19:50:59 GMT
server
CFS 0215
x-cff
B
etag
"5c7052a3-4a1c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
45093
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:21 GMT
opensans-semibolditalic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibolditalic-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-4251613299.css
Origin
https://arstechnica.com

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
20872
x-cf-tsc
1551086563
x-cf2
H
last-modified
Fri, 22 Feb 2019 19:50:59 GMT
server
CFS 0215
x-cff
B
etag
"5c7052a3-5188"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
18748
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:21 GMT
opensans-italic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-italic-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
c46974d8f6030e4888708b18a5d9a32b25eb765a5708896e1899df449d87aab7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-4251613299.css
Origin
https://arstechnica.com

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
20748
x-cf-tsc
1551093945
x-cf2
H
last-modified
Fri, 22 Feb 2019 19:50:59 GMT
server
CFS 0215
x-cff
B
etag
"5c7052a3-510c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
25912
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:21 GMT
opensans-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-bold-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-4251613299.css
Origin
https://arstechnica.com

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
19516
x-cf-tsc
1551095970
x-cf2
H
last-modified
Fri, 22 Feb 2019 19:50:59 GMT
server
CFS 0215
x-cff
B
etag
"5c7052a3-4c3c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
28229
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:21 GMT
bitter-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-bold-webfont.woff2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-4251613299.css
Origin
https://arstechnica.com

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
22104
x-cf-tsc
1551094224
x-cf2
H
last-modified
Fri, 22 Feb 2019 19:50:59 GMT
server
CFS 0215
x-cff
B
etag
"5c7052a3-5658"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
26484
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:21 GMT
sparrow.min.js
pixel.condenastdigital.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.condenastdigital.com/sparrow.min.js
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/services.min.js?1552061700
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.0.239 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e53759cbefbca7ac3585c5a7586b03a20b664142fa2bb668ba1d11213c97f423

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
Content-Encoding
gzip
Age
340603
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3, 28267
Connection
keep-alive
Content-Length
13219
x-amz-id-2
xd1+yeEFTU9q2brJ2F7DjIW+4XlI5g+WcyXrwk3x6llRKqsAjUEQ2JZsBiTSzr75ABhMkGX0ZR8=
X-Served-By
cache-iad2141-IAD, cache-hhn1529-HHN
Last-Modified
Mon, 28 Jan 2019 17:44:57 GMT
Server
AmazonS3
X-Timer
S1552061721.213709,VS0,VE0
ETag
"4beefaddd4ac53cdf6e84d0d370b0aa1"
Vary
Accept-Encoding
x-amz-request-id
3CF8D054D39F1709
Access-Control-Allow-Origin
*
Cache-Control
no-cache, public, max-age=604800
Accept-Ranges
bytes
Content-Type
application/javascript
Expires
Mon, 28 Jan 2019 23:44:56 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
6226
date
Fri, 08 Mar 2019 14:31:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Fri, 08 Mar 2019 16:31:35 GMT
quant.js
secure.quantserve.com/ 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.8.83.125 Fairfield, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-8-83-125.eu-west-2.compute.amazonaws.com
Software
QS /
Resource Hash
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08-Mar-2019 16:15:21 GMT
Server
QS
ETag
M0-e2b9884a
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=604800
Connection
keep-alive
Content-Length
5456
Expires
Fri, 15 Mar 2019 16:15:21 GMT
PageName=information%20technology,SiteID=Ars%20Technica,CampaignID=1802C,Channel=website,CreativeID=f48f8c3d-f66f-4c5b-b832-d5f51a4096c6
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MjExL3QvMA/kv/ 		253 B
698 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MjExL3QvMA/kv/PageName=information%20technology,SiteID=Ars%20Technica,CampaignID=1802C,Channel=website,CreativeID=f48f8c3d-f66f-4c5b-b832-d5f51a4096c6
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.228.164.13 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
6fffe3cffc09afa88cbc0aba9b3e9376b980a29011ba15fca117d2cdfb09ae36

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:20 GMT
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server
Apache-Coyote/1.1
Content-Type
text/javascript;charset=UTF-8
Content-Length
253
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
spm.v1.min.js
ak.sail-horizon.com/spm/ 		112 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.220.34.169 Cambridge, United States, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-220-34-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
844c37a72e87bef80e24829f54a4b824c29424cc89e2de915eb8b5f18342bcb2

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Feb 2019 17:51:32 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
must-revalidate, max-age=600, must-revalidate
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
41520
Expires
Fri, 08 Mar 2019 16:25:21 GMT
i.js
tag.bounceexchange.com/2806/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/2806/i.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.92.63 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
63.92.190.35.bc.googleusercontent.com
Software
fasthttp /
Resource Hash
6740713340261d414578aa9ddb0154faa89b87cfdfe271f286c0431739681ecb

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:20 GMT
content-encoding
gzip
server
fasthttp
etag
93239bf763ba70
content-type
text/plain; charset=utf-8
status
200
cache-control
no-cache, must-revalidate
x-region
europe-west3
alt-svc
clear
content-length
3246
via
1.1 google
57
a.ad.gt/api/v1/u/matches/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/57
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.161.216.48 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-161-216-48.us-west-2.compute.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash
0cfdd05004584b708f134ae6492e2f5062fed1848f40a0d50321c47bf0f4b788

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
Content-Encoding
gzip
Server
nginx/1.8.1
Connection
keep-alive
Content-Length
1281
Content-Type
text/html; charset=utf-8
insight.min.js
snap.licdn.com/li.lms-analytics/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 23:03:30 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=9820
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4571
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035094&ns__t=1552061721223&ns_c=UTF-8&c8=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild%20%7C%20Ar...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1552061721223&ns_c=UTF-8&c8=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild%20%7C%20A...
0
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1552061721223&ns_c=UTF-8&c8=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild%20%7C%20Ars%20Technica&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&c9=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.89.123 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-89-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:21 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1552061721223&ns_c=UTF-8&c8=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild%20%7C%20Ars%20Technica&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&c9=
Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:21 GMT
Cache-Control
private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection
keep-alive
Content-Length
0
Expires
Mon, 01 Jan 1990 00:00:00 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 15:59:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
945
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
856
x-xss-protection
1; mode=block
expires
Fri, 08 Mar 2019 16:59:36 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
1; mode=block
/
infinityid.condenastdigital.com/ 		36 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://infinityid.condenastdigital.com/?rand=1552061721271
Requested by
Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.160.106 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-160-106.compute-1.amazonaws.com
Software
nginx/1.15.8 /
Resource Hash
5485c2db1069486409d899ca3ca2226cc23791a96a90bc0ddb5b34ef09ca8d62

Request headers

Accept
text/plain
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
Server
nginx/1.15.8
vary
origin,accept-encoding
Content-Type
text/plain; charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
Connection
keep-alive
transfer-encoding
chunked
content
4d.condenastdigital.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://4d.condenastdigital.com/content?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F
Requested by
Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.217.231 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-174-217-231.compute-1.amazonaws.com
Software
/
Resource Hash
5bb7d60993b9cf91b64eb70de99f52cb31af5a0fad0bc655401f448f4816bffa

Request headers

Accept
text/plain
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
transfer-encoding
chunked
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
Connection
keep-alive
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A21.276Z&_t=library_sparrow&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=3600&pSw=1600&pSh=1200&uID=65322976-8e33-4fb5-a4b6-bee0516459cd&uNw=1&uUq=1&sID=ca4660ed-a0c7-4f0c-9f9c-9a7a93874314&pID=88dca0f2-6d5c-45f5-bdb3-bc2a8db1b830&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&requestStart=757.6850056648254&requestEnd=834.4950005412102&init=884.7500011324883&_logType=info
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:21 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A21.281Z&_t=loaded&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=3600&pSw=1600&pSh=1200&uID=65322976-8e33-4fb5-a4b6-bee0516459cd&sID=ca4660ed-a0c7-4f0c-9f9c-9a7a93874314&pID=88dca0f2-6d5c-45f5-bdb3-bc2a8db1b830&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns&cns=2_25_6&feature_get_entries=true&feature_performance_now=true&cns_metrics=1_1_0&cns_metrics_sparrow=1_2_0&_logType=info
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:21 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
outbrain.js
widgets.outbrain.com/ 		110 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js?_=1552061721337
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-e4c87f2834.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.69.225 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-69-225.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f9c96666149eee7854565396eafd702e0aa3cfa26f7c0f889517fa01e8ce2398

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 11:35:18 GMT
Server
Apache
ETag
"e8bf17df4ebddfba940fd6e0f2fd619b:1551958518"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Access-Control-Allow-Credentials
false
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
39139
video_groups
api.cnevids.com/v1/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cnevids.com/v1/video_groups?filters={%22channel_key%22:%22arstechnica%22}&pagesize=20&endpoint=oo.arstechnica
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-e4c87f2834.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.32.35 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-206-32-35.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
725c7bc55a612ac24f0381c6f089d535113081cab5b492b540c0911ea36945ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/*
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Status
200 OK
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
647
X-XSS-Protection
1; mode=block
X-Request-Id
25f5e503-efef-4263-9844-379860cc4059
X-Runtime
0.001672
X-Backend-Node
10.110.10.11
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.14.1
X-Frame-Options
SAMEORIGIN
ETag
W/"fb276fb00b8130575eaf0f4fb88f59e7"
X-Download-Options
noopen
Vary
Accept-Encoding, Origin
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
publisher:getClientId
ampcid.google.de/v1/ 		3 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
1; mode=block
p.js
d1z2jf7jlzjs58.cloudfront.net/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.37 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-37.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Wed, 06 Mar 2019 22:30:18 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Mar 2014 00:45:07 GMT
Server
nginx
Age
72257
ETag
W/"53191693-19c1"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
Cache-Control
max-age=86400, public
Connection
keep-alive
X-Amz-Cf-Id
j1WCUIMtCGygY20-PVNELh1JSe55rLpOiqWufp4ns61svmscMo1PJw==
Expires
Thu, 07 Mar 2019 21:20:39 GMT
rules-p-Jjy-Cyr1NZGRz.js
rules.quantcount.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Jjy-Cyr1NZGRz.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:da00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efdbd8582066a12cf45115f1e150d2a8de06bf6b14db3feca98b116efeb9e0bb

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 15:22:41 GMT
content-encoding
gzip
last-modified
Mon, 19 Mar 2018 22:18:17 GMT
server
AmazonS3
age
3164
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
status
200
cache-control
max-age=3600
x-amz-cf-id
i2X2SLd6dnXr7Rdy0bWns8vaB8V_y5yyOj0ZoQHCofolUhQkx4ln1w==
via
1.1 7a5407bd3564d5f8494603c5f2d0661f.cloudfront.net (CloudFront)
collect
www.google-analytics.com/ 		35 B
128 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://arstechnica.com
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j73&tid=UA-31997-1&cid=1946715653.1552061721&jid=359638735&gjid=163972958&_gid=1262458432.1552061721&_u=aGBAgUAjAAQC~&z=836492379
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31997-1&cid=1946715653.1552061721&jid=359638735&_v=j73&z=836492379
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31997-1&cid=1946715653.1552061721&jid=359638735&_v=j73&z=836492379&slf_rd=1&random=1788577031
42 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31997-1&cid=1946715653.1552061721&jid=359638735&_v=j73&z=836492379&slf_rd=1&random=1788577031
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:21 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:21 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-31997-1&cid=1946715653.1552061721&jid=359638735&_v=j73&z=836492379&slf_rd=1&random=1788577031
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
rd
dpm.demdex.net/id/
Redirect Chain
  • https://dpm.demdex.net/id?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F7093025512D2B690A490D44%40AdobeOrg&d_nsid=0&ts=1552061721509
  • https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F7093025512D2B690A490D44%40AdobeOrg&d_nsid=0&ts=1552061721509
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F7093025512D2B690A490D44%40AdobeOrg&d_nsid=0&ts=1552061721509
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.131.19 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-51-131-19.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Location
https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F7093025512D2B690A490D44%40AdobeOrg&d_nsid=0&ts=1552061721509
X-TID
/hFZ0jxjQLc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Access-Control-Allow-Origin
https://arstechnica.com
X-TID
/hFZ0jxjQLc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F7093025512D2B690A490D44%40AdobeOrg&d_nsid=0&ts=1552061721509
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s-code-contents-566dcf5046f148f38d0aa32bf73df40db7ae7768.js
assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/ 		104 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/s-code-contents-566dcf5046f148f38d0aa32bf73df40db7ae7768.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/satelliteLib-56a425e07376b6977c987d46ef46ba636a6e2036.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.69.88 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-69-88.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9a425fc348afedf03100a9a5cccb756c1a00818d57e4a2bbb1c032111f0ac454

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Nov 2018 21:18:16 GMT
Server
Apache
ETag
"ccc6d020b3575de11cd0e798e0463ccd:1541625496"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*, *, *
Content-Length
31389
Expires
Fri, 08 Mar 2019 17:15:21 GMT
arstechnica.com
srv-2019-03-08-16.config.parsely.com/config/ 		387 B
805 B 		Script
General
Check archive.org
Download Go to
Full URL
https://srv-2019-03-08-16.config.parsely.com/config/arstechnica.com
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.66.245 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-199-66-245.compute-1.amazonaws.com
Software
/ Express
Resource Hash
26e9588f101e2d6e4e66cee70b9cc964f796b42f173dcf62f494f6a30a465ed6

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:22 GMT
Cache-Control
private, no-cache
Connection
keep-alive
X-Powered-By
Express
ETag
W/"183-PvP9UpnwU6iq9JvCPU5hhw"
Content-Length
387
Content-Type
text/javascript; charset=utf-8
/
r.skimresources.com/api/
Redirect Chain
  • https://r.skimresources.com/api/?callback=skimlinksBeaconCallback&data=%7B%22pubcode%22%3A%22100098X1555750%22%2C%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2...
  • https://r.skimresources.com/api/?callback=skimlinksBeaconCallback&persistence=1&xguid=01D5F1CTZ4ZRK1KNHPJNBYDZ05&data=%7B%22pubcode%22%3A%22100098X1555750%22%2C%22page%22%3A%22https%3A%2F%2Farstech...
175 B
470 B 		Script
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/?callback=skimlinksBeaconCallback&persistence=1&xguid=01D5F1CTZ4ZRK1KNHPJNBYDZ05&data=%7B%22pubcode%22%3A%22100098X1555750%22%2C%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F%22%2C%22domains%22%3A%5B%22microsoft.com%22%2C%22facebook.com%22%2C%22twitter.com%22%2C%22reddit.com%22%2C%22chromereleases.googleblog.com%22%2C%22google.com%22%2C%22security.googleblog.com%22%2C%22outbrain.com%22%2C%22condenast.com%22%5D%7D&checksum=d3ebe4af9526d2db412ffea50868f96fb1e1c4059c955f51412933dd7cb1ff05
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.59.101 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
423d51d2668cc4d1c35dd0557c3e67f8a67dd5040f702f5da69144f48421386f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
via
1.1 google
x-content-type-options
nosniff
server
openresty/1.11.2.5
access-control-allow-origin
https://arstechnica.com
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
200
access-control-allow-credentials
true
content-type
application/javascript
alt-svc
clear

Redirect headers

date
Fri, 08 Mar 2019 16:15:21 GMT
via
1.1 google
server
openresty/1.11.2.5
access-control-allow-origin
https://arstechnica.com
location
//r.skimresources.com/api/?callback=skimlinksBeaconCallback&persistence=1&xguid=01D5F1CTZ4ZRK1KNHPJNBYDZ05&data=%7B%22pubcode%22%3A%22100098X1555750%22%2C%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F%22%2C%22domains%22%3A%5B%22microsoft.com%22%2C%22facebook.com%22%2C%22twitter.com%22%2C%22reddit.com%22%2C%22chromereleases.googleblog.com%22%2C%22google.com%22%2C%22security.googleblog.com%22%2C%22outbrain.com%22%2C%22condenast.com%22%5D%7D&checksum=d3ebe4af9526d2db412ffea50868f96fb1e1c4059c955f51412933dd7cb1ff05
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
status
302
access-control-allow-credentials
true
content-type
text/html
alt-svc
clear
content-length
167
px.gif
p.skimresources.com/ 		43 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=5.471712379765572
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
UploadServer /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
status
200
x-guploader-uploadid
AEnB2UoZwyX5g6q7tfP7xOc3D_wRvXkCC68PRWoge1cOG2RYlaS0aKuQwGZxvcI7XFwkWG32wz5trJGwGd5Y-FcIzC0wuan6TNKuWnkLXcdS_lKcUv56oW0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
content-length
43
x-hw
1552061721.cds037.pa1.hn,1552061721.cds008.pa1.c
last-modified
Tue, 23 Oct 2018 13:19:28 GMT
server
UploadServer
etag
"f837aa60b6fe83458f790db60d529fc9"
x-goog-hash
crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation
1540300768038458
cache-control
public, max-age=7200
x-goog-stored-content-length
43
accept-ranges
bytes
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=5.471712379765572
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software
UploadServer /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
status
200
x-guploader-uploadid
AEnB2UoZwyX5g6q7tfP7xOc3D_wRvXkCC68PRWoge1cOG2RYlaS0aKuQwGZxvcI7XFwkWG32wz5trJGwGd5Y-FcIzC0wuan6TNKuWnkLXcdS_lKcUv56oW0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
4
x-goog-stored-content-encoding
identity
content-length
43
x-hw
1552061721.cds037.pa1.hn,1552061721.cds008.pa1.c
last-modified
Tue, 23 Oct 2018 13:19:28 GMT
server
UploadServer
etag
"f837aa60b6fe83458f790db60d529fc9"
x-goog-hash
crc32c=xra6Ow==, md5=+DeqYLb+g0WPeQ22DVKfyQ==
x-goog-generation
1540300768038458
cache-control
public, max-age=7200
x-goog-stored-content-length
43
accept-ranges
bytes
content-type
image/gif
gpt.js
www.googletagservices.com/tag/js/ 		33 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/services.min.js?1552061700
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b19dd5778845b9f9854149a207a7a220a12c66c5b862917b1d02436f9007103d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"100 / 255 of 1000 / last-modified: 1551999591"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10841
x-xss-protection
1; mode=block
expires
Fri, 08 Mar 2019 16:15:21 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		66 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/services.min.js?1552061700
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.1.198 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-1-198.fra6.r.cloudfront.net
Software
Server /
Resource Hash
06042f6ac2063c8e23fcce2c7c64449bae470d34c4d46f97e145242158ef15f3

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Mar 2019 16:37:18 GMT
Content-Encoding
gzip
Server
Server
Age
85082
ETag
179e41b046d5f974d2586d066c70d87e
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 21da0a66bafe2c8de8be4a4d8039346b.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Id
AOkTIIvb-JtowZgTF7SU8ozlCRRZ_eMWKj0ipu8rcQzjOf7KnsT2Jg==
arstechnica.js
player.cnevids.com/interlude/ 		107 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/interlude/arstechnica.js
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/services.min.js?1552061700
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.40 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-40.fra6.r.cloudfront.net
Software
nginx/1.14.1 /
Resource Hash
248e1405685687dcdde4650d3dc566d95c218108cc8677e419d3d33c5db6dab2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:14:28 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Age
53
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Status
200 OK
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Request-Id
911a94cf-4815-47a2-a20b-4b3a30a70a95
X-Runtime
0.042124
X-Backend-Node
10.110.29.24
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.14.1
ETag
W/"44dac8dc0bb4c9cddf9301ea791c0b5b"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
Cache-Control
max-age=0, private, must-revalidate
X-Amz-Cf-Id
yd-tJTeFrgcqJn2dnmf47YiARxQ4oAVdk4RfDqC-EJs1yxkUxpKh4w==
htw-condenast.js
js-sec.indexww.com/ht/ 		173 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/htw-condenast.js
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/services.min.js?1552061700
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.69.96 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-69-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7e3b9033f4ca4eb837497a36031a4c27e6905bd8a0554f81a43faaa63981ec1f

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Mar 2019 15:20:06 GMT
Server
Apache
ETag
"901a2f-2b41b-58396c2045802"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=462
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
38322
Expires
Fri, 08 Mar 2019 16:23:03 GMT
conde-nast
segment-data.zqtk.net/ 		669 B
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://segment-data.zqtk.net/conde-nast?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/services.min.js?1552061700
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.183.205 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-30-183-205.eu-west-1.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
f7e36a47d749d3ceca7e6b363f781302c1bda76fa09b141ea274549913cd061d

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
Last-Modified
Fri, 08 Mar 2019 02:05:21 GMT
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Content-Type
application/javascript; charset=UTF-8
Content-Length
669
Expires
Sun, 10 Mar 2019 02:05:21 GMT
conde-asa-polar-master.js
cdn.mediavoice.com/nativeads/script/condenastcorporate/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/services.min.js?1552061700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d983 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
cf-cache-status
HIT
status
200
content-type
text/javascript
content-length
2018
via
1.1 varnish
server
cloudflare
cache-control
max-age=21600
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
937082967 936897224
x-country
DE
cf-ipcountry
DE
accept-ranges
bytes
cf-ray
4b461b810ae0c2dd-FRA
https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F
cdn.accelerator.arsdev.net/h/ 		22 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.accelerator.arsdev.net/h/https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F?callback=arsData
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/services.min.js?1552061700
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.99 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-99.fra6.r.cloudfront.net
Software
nginx/1.4.6 (Ubuntu) / PHP/5.5.9-1ubuntu4.9
Resource Hash
2468e7cbee8db61a3406be6e331bd58e83cb8e64dd62ed4d5dd40e70f5e3e0cd

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:28 GMT
via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
server
nginx/1.4.6 (Ubuntu)
age
118
x-powered-by
PHP/5.5.9-1ubuntu4.9
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=300, public
x-amz-cf-id
nwqWjpwWapGqxXSCV5nv86RhsXOJNW39L0JdhjbUVQyeCzZuwkG4AQ==
content
4d.condenastdigital.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://4d.condenastdigital.com/content?url=https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/services.min.js?1552061700
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.217.231 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-174-217-231.compute-1.amazonaws.com
Software
/
Resource Hash
5bb7d60993b9cf91b64eb70de99f52cb31af5a0fad0bc655401f448f4816bffa

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
transfer-encoding
chunked
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
Connection
keep-alive
/
infinityid.condenastdigital.com/ 		36 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://infinityid.condenastdigital.com/?rand=1552061721536
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/services.min.js?1552061700
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.236.94.210 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-236-94-210.compute-1.amazonaws.com
Software
nginx/1.15.8 /
Resource Hash
75b5cf7bd068e50f15b143e303f0722743ae2024f107433a36fb92e67768c300

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
Server
nginx/1.15.8
vary
origin,accept-encoding
Content-Type
text/plain; charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
Connection
keep-alive
transfer-encoding
chunked
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A21.539Z&_t=library_service&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=3600&pSw=1600&pSh=1200&uID=65322976-8e33-4fb5-a4b6-bee0516459cd&sID=ca4660ed-a0c7-4f0c-9f9c-9a7a93874314&pID=88dca0f2-6d5c-45f5-bdb3-bc2a8db1b830&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&init=756.2699988484383&requestEnd=617.4950003623962&requestStart=586.0000029206276&device=desktop&cns=2_25_6&_logType=info
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:21 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A21.553Z&_t=page_created&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=3600&pSw=1600&pSh=1200&uID=65322976-8e33-4fb5-a4b6-bee0516459cd&sID=ca4660ed-a0c7-4f0c-9f9c-9a7a93874314&pID=88dca0f2-6d5c-45f5-bdb3-bc2a8db1b830&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&content_uri=information_technology&image_avg_surface=482400&image_count=1&image_surface=482400&server=production&vp_height=1200&vp_width=1585&channel=information_technology&slots_count=6&tags=browsers_chrome_2_exploits_zeroday_google_2_microsoft_windows_vulnerabilities&template=article&ver_cns_ads=2_18_5&device=desktop&cns=2_25_6&_logType=info
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:21 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
ijs_all_modules_6f1349cd453fe65dc5cdec068426e0bc.js
assets.bounceexchange.com/assets/smart-tags/versioned/ 		414 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tags/versioned/ijs_all_modules_6f1349cd453fe65dc5cdec068426e0bc.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/2806/i.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.3.46 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-3-46.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fcbb793912dadc86707ace5d2c2c0bfa56d80b4b4299d46da367ee4eb440670

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Thu, 07 Mar 2019 19:00:02 GMT
content-encoding
gzip
last-modified
Thu, 07 Mar 2019 16:28:45 GMT
server
AmazonS3
age
76520
etag
"fc27ce7822d09d28c5f9574126f1ceef"
x-cache
Hit from cloudfront
x-amz-version-id
xkhbKMqkN9uFoKL_Fc25VdGIrt45ruBl
status
200
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
content-length
95699
via
1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
x-amz-cf-id
4HntkrzzfUkrGYD_Mbq7pj6QyCfWrWQNdN-Ix2SZKbNTJoUIjCB6zw==
widgets.js
platform.twitter.com/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js?_=1552061721338
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-e4c87f2834.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4196) /
Resource Hash
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:40:21 GMT
Server
ECS (fcn/4196)
Etag
"4cf9f34505e9344b9a7e4d00e67b6c88+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=1800
Content-Type
application/javascript; charset=utf-8
Content-Length
28028
yubikey-promo-2x-a2b77428d4.png
cdn.arstechnica.net/wp-content/themes/ars/assets/img/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/yubikey-promo-2x-a2b77428d4.png
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-e4c87f2834.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS - CacheNetworks, Inc., US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
1f984105fa8d01eee607c197a2b918604aa4c0d608f1cbf8a0f15f6502d2318d

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-4251613299.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:fD.fra2:co:1525808045:cacheN.fra2-01:H
status
200
content-length
156233
x-cf-tsc
1551094390
x-cf2
H
last-modified
Fri, 22 Feb 2019 19:50:59 GMT
server
CFS 0215
x-cff
B
etag
"5c7052a3-26249"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
25427
accept-ranges
bytes
expires
Fri, 03 May 2019 16:15:21 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ded8aafe08adcc23835de89f62fbee0b98184f32296c7679ab5b5a358f044f63

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
/
px.ads.linkedin.com/collect/
Redirect Chain
  • https://px.ads.linkedin.com/collect/?time=1552061721596&pid=895394&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zerod...
  • https://px.ads.linkedin.com/collect/?time=1552061721596&pid=895394&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zerod...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%2F%3Ftime%3D1552061721596%26pid%3D895394%26url%3Dhttps%253A%252F%252Farstechnica.com%252Finformation-technol...
  • https://px.ads.linkedin.com/collect/?time=1552061721596&pid=895394&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zerod...
0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://px.ads.linkedin.com/collect/?time=1552061721596&pid=895394&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&fmt=js&s=1&cookiesTest=true&liSync=true
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:109:c00c:104::b93f:9005 , United States, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:22 GMT
content-encoding
gzip
server
Play
vary
Accept-Encoding
x-li-fabric
prod-ltx1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
20
x-li-uuid
DeMq2OkHihXgWLCu5ioAAA==

Redirect headers

date
Fri, 08 Mar 2019 16:15:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
302
x-li-pop
prod-edc2
content-length
20
x-li-uuid
7Zv70ekHihVgTkvkLysAAA==
pragma
no-cache
server
Play
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000
x-li-fabric
prod-ltx1
location
https://px.ads.linkedin.com/collect/?time=1552061721596&pid=895394&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&fmt=js&s=1&cookiesTest=true&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' platform.linkedin.com spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
evidon-sitenotice-tag.js
c.evidon.com/sitenotice/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/satelliteLib-56a425e07376b6977c987d46ef46ba636a6e2036.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.102.169 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-102-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e6b7af9cebec6e08f0d84046a51912d2e7dac2070a46d3d4ecf42673432f76ac

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
status
200
access-control-max-age
86400
content-length
10658
last-modified
Wed, 27 Feb 2019 22:45:43 GMT
server
Apache
etag
"499850fce82e70c62601a766978d58e7:1551307544"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400, private;max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 09 Mar 2019 16:15:21 GMT
country.js
c.evidon.com/geo/ 		260 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/geo/country.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/satelliteLib-56a425e07376b6977c987d46ef46ba636a6e2036.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.102.169 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-102-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f9784f57729f84391b084eed9e944e048f771129d65e9b58f34095fdfba86473

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
last-modified
Wed, 30 May 2018 22:23:16 GMT
server
Apache
access-control-allow-origin
*
etag
"c1e367d098d326049811561575dbda4a:1527718996"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/x-javascript
status
200
access-control-max-age
86400
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
content-length
165
snthemes.js
c.evidon.com/sitenotice/4419/ 		57 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/4419/snthemes.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/satelliteLib-56a425e07376b6977c987d46ef46ba636a6e2036.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.102.169 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-102-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cfcdfbf144964c03b23e6e63abfeeeb923eedda0c421f6279bad5040ef5a3dd1

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
status
200
access-control-max-age
86400
content-length
3254
last-modified
Thu, 26 Jul 2018 15:49:16 GMT
server
Apache
etag
"4f337c9f26cb2f12ef4d5d50fc716fc2:1532620156"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400, private;max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 09 Mar 2019 16:15:21 GMT
settings.js
c.evidon.com/sitenotice/4419/arstechnica/ 		18 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/4419/arstechnica/settings.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/satelliteLib-56a425e07376b6977c987d46ef46ba636a6e2036.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.102.169 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-102-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2e5f6d282905384667c9ed88ca5b18dbe6bc45a9eacfdb9fc993db35fe47ee9c

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
status
200
access-control-max-age
86400
content-length
3730
last-modified
Fri, 22 Feb 2019 20:37:05 GMT
server
Apache
etag
"9d236b0d7efa67570ed34eecd17e1a32:1550867825"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400, private;max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 09 Mar 2019 16:15:21 GMT
YXJzdGVjaG5pY2EuY29t
tcheck.outbrainimg.com/tcheck/check/ 		16 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/YXJzdGVjaG5pY2EuY29t
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?_=1552061721337
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.70.82 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=28387
Date
Fri, 08 Mar 2019 16:15:21 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
false
Content-Length
16
Expires
Sat, 09 Mar 2019 00:08:28 GMT
iab
api.skimlinks.mgr.consensu.org/ 		772 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.skimlinks.mgr.consensu.org/iab
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.40.172 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
172.40.190.35.bc.googleusercontent.com
Software
nginx/1.14.0 /
Resource Hash
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.14.0
access-control-allow-headers
*
status
200
vary
Accept-Encoding
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
via
1.1 google
rd
dpm.demdex.net/id/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id/rd?d_visid_ver=2.1.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F7093025512D2B690A490D44%40AdobeOrg&d_nsid=0&ts=1552061721509
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.131.19 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-51-131-19.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c9c3a2accaad3854ce020c900848c590510dafe4e60936de86454cd31e5f9eb7

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v021-0a2a4ad05.edge-irl1.demdex.com 5.49.0.20190304124312 5ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
UXaUCUL3T8c=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1476
Expires
Thu, 01 Jan 1970 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.1.198 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-1-198.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

Date
Thu, 07 Mar 2019 19:00:02 GMT
Content-Encoding
gzip
Vary
Origin
Age
76520
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Fri, 24 Aug 2018 07:13:51 GMT
Server
AmazonS3
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Via
1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
Cache-Control
public, max-age=86400
X-Amz-Cf-Id
8-NeCjFfUnBOiH-lLz5-Jy4h31tyy5V0v_ptfPuNFKVP8-NGbCgdHQ==
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
pubads_impl_318.js
securepubads.g.doubleclick.net/gpt/ 		159 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_318.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
sffe /
Resource Hash
825614864dd2332974044ff99c9661f05f9500150b5f3339b683e28ed353c3bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 07 Mar 2019 16:13:26 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
58628
x-xss-protection
1; mode=block
expires
Fri, 08 Mar 2019 16:15:21 GMT
Cookie set dest5.html
condenast.demdex.net/ Frame F8CA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://condenast.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/satelliteLib-56a425e07376b6977c987d46ef46ba636a6e2036.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.166.115 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-63-32-166-115.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
condenast.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Accept-Encoding
gzip, deflate, br
Cookie
demdex=82668335761286303253620890801045522588
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 06 Mar 2019 12:41:23 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=82668335761286303253620890801045522588;Path=/;Domain=.demdex.net;Expires=Wed, 04-Sep-2019 16:15:21 GMT;Max-Age=15552000
Vary
Accept-Encoding, User-Agent
X-TID
jQjrIgkiSxg=
Content-Length
2764
Connection
keep-alive
id
sstats.arstechnica.com/ 		49 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sstats.arstechnica.com/id?d_visid_ver=2.1.0&d_fieldgroup=A&mcorgid=F7093025512D2B690A490D44%40AdobeOrg&mid=82832905816745909563635079230505256005&ts=1552061721712
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/satelliteLib-56a425e07376b6977c987d46ef46ba636a6e2036.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.140.41.50 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
arstechnica.com.ssl.d1.sc.omtrdc.net
Software
Omniture DC/2.0.0 /
Resource Hash
420004c433cee057c8f96aaca84e43462e63af631e5f282127cff4dff4fac815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Origin
https://arstechnica.com
Accept-Encoding
gzip, deflate, br
Host
sstats.arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Accept
*/*
Cache-Control
no-cache
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Cookie
sID=ca4660ed-a0c7-4f0c-9f9c-9a7a93874314; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.1946715653.1552061721; _gid=GA1.2.1262458432.1552061721; _dc_gtm_UA-31997-1=1; session_seen_posts=0; seen_posts=
Connection
keep-alive
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
X-Content-Type-Options
nosniff
Server
Omniture DC/2.0.0
xserver
www85
Vary
Origin
X-C
ms-6.6.0
P3P
CP="This is not a P3P policy"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/x-javascript
Keep-Alive
timeout=15
Content-Length
49
X-XSS-Protection
1; mode=block
ibs:dpid=411&dpuuid=XIKVGQAAEFiiUjx0
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=82668335761286303253620890801045522588
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XIKVGQAAEFiiUjx0
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XIKVGQAAEFiiUjx0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.51.131.19 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-51-131-19.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v021-0be10947d.edge-irl1.demdex.com 5.49.0.20190304124312 6ms
Pragma
no-cache
X-TID
0TuG9iuMQL4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XIKVGQAAEFiiUjx0
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
publishertag.js
static.criteo.net/js/ld/ 		83 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/htw-condenast.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b0e82f9ce6c1510f32a8e18c9581ba6573b6988dabdd3f2ed6c1ba08eff85cb9

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:24 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 13:26:35 GMT
Server
nginx
ETag
W/"5c811c0b-14ca7"
Transfer-Encoding
chunked
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Sat, 09 Mar 2019 16:15:24 GMT
identity
api.rlcdn.com/api/ 		0
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/htw-condenast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.157.45 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-210-157-45.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

status
202
date
Fri, 08 Mar 2019 16:15:22 GMT
content-length
0
rid
match.adsrvr.org/track/ 		109 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=183973
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/htw-condenast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
176.34.134.126 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-176-34-134-126.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ca35b31db046f7bc4c92ef1c5df3a92eb6a8a4fcc5e3e736064f6c2a05a718c4

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
x-aspnet-version
4.0.30319
status
200
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://arstechnica.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Sun, 07 Apr 2019 16:15:21 GMT
ids
mid.rkdms.com/ 		0
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mid.rkdms.com/ids?ptk=17c1789b-e660-493b-aa74-3c8fb990dc5f&pubid=CONDENAST
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/htw-condenast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.129 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-129.fra6.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
299 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1552061721817&sessionId=5b3d4a87-d659-6767-9550-31e6aac3c2e0&url=arstechnica.com&cheqEvent=0&exitReason=2
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?_=1552061721337
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.74.236.51 , United States, ASN22075 (AS-OUTBRAIN - Outbrain, Inc., US),
Reverse DNS
chi.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:22 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
4
Expires
0
user
4d.condenastdigital.com/ 		46 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4d.condenastdigital.com/user?xid=b46e5211-aacf-447a-ade9-1e56027804c5
Requested by
Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.217.231 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-174-217-231.compute-1.amazonaws.com
Software
/
Resource Hash
a940c62e737f5df02b1e71325c0d63006de29074dbd1641181b8d5ca6b0cc155

Request headers

Accept
text/plain
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:22 GMT
content-encoding
gzip
transfer-encoding
chunked
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
Connection
keep-alive
plugin.js
plugin.mediavoice.com/ 		313 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.mediavoice.com/plugin.js
Requested by
Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d983 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5fba85d99192860858d3534bad3ab2350dfa191b563c52d83b6f41fd92b046ce

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-ray
4b461b81cd94c2dd-FRA
status
200
content-length
119321
via
1.1 varnish
x-varnish
2045822748 2045822740
last-modified
Wed, 06 Mar 2019 14:06:26 GMT
server
cloudflare
etag
W/"5c7fd3e2-4e266"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=43200
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Sat, 09 Mar 2019 02:06:32 GMT
condenastcorporate
polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/ 		181 B
586 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/condenastcorporate
Requested by
Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bd131d59efb6aa6a2d98ce4af498a811c84f74148129e140ff5a76904ca9f74

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

timing-allow-origin
*
date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
server
cloudflare
status
200
etag
W/"4ed41fc03a3c3b67ac78af86ee19d7f1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Country
cache-control
max-age=86400
x-country
DE
cf-ray
4b461b822eb3c2dd-FRA
widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html
platform.twitter.com/widgets/ Frame 55DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2e9f365dae390394eb8d923cba8c5b11.html?origin=https%3A%2F%2Farstechnica.com&settingsEndpoint=https%3A%2F%2Fsyndication.twitter.com%2Fsettings
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?_=1552061721338
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40DF) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/

Response headers

Content-Encoding
gzip
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 08 Mar 2019 16:15:21 GMT
Etag
"347ce5de96d97a02c18244967b8b6532+gzip"
Last-Modified
Thu, 07 Mar 2019 17:39:26 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40DF)
Vary
Accept-Encoding
X-Cache
HIT
Content-Length
5783
moment~timeline~tweet.6e5b62723488aee38af0c77681396a5b.js
platform.twitter.com/js/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/moment~timeline~tweet.6e5b62723488aee38af0c77681396a5b.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?_=1552061721338
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/4186) /
Resource Hash
e26fdccb214e020f70cf2aede7b77d5dc51854e23b3acbb4bcff0018773a636f

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:39:15 GMT
Server
ECS (fcn/4186)
Etag
"da3e8002f83d92efe615008a56f12f48+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
Content-Type
application/javascript; charset=utf-8
Content-Length
7925
tweet.2b7769d244a8dfeb3ab9d97583412dec.js
platform.twitter.com/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/tweet.2b7769d244a8dfeb3ab9d97583412dec.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?_=1552061721338
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/40EA) /
Resource Hash
9c6ea1ab4588c0be7dc9cb629aa641415dd91acaea7084de6921a7ffa2299bfb

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:39:15 GMT
Server
ECS (fcn/40EA)
Etag
"20fa27831d8703b8d33a11abad368f93+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
Content-Type
application/javascript; charset=utf-8
Content-Length
6038
5b27ee7e8c1abc4e7900000f
api.cnevids.com/v1/video_groups/ 		30 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cnevids.com/v1/video_groups/5b27ee7e8c1abc4e7900000f?endpoint=oo.arstechnica
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-e4c87f2834.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.32.35 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-206-32-35.compute-1.amazonaws.com
Software
nginx/1.14.1 /
Resource Hash
25c26304d8ffe02bedcddf818f97e3cbb186f86eb5b119a9274a50e6acf0df3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/*
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Status
200 OK
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
6167
X-XSS-Protection
1; mode=block
X-Request-Id
5d1056f7-89bd-44c0-bd3c-4c5b8efbef04
X-Runtime
0.002814
X-Backend-Node
10.110.44.187
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.14.1
X-Frame-Options
SAMEORIGIN
ETag
W/"bc42385ef45b17d34f6db16093f84865"
X-Download-Options
noopen
Vary
Accept-Encoding, Origin
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
event
condenast.demdex.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://condenast.demdex.net/event?d_nsid=0&d_ld=_ts%3D1552061721928&d_rtbd=json&d_jsonv=1&d_dst=1&d_cb=demdexRequestCallback_0_1552061721928&c_pageName=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&c_channel=Biz%20%26amp%3B%20IT&c_events=event2%2Cevent28&c_eVar2=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&c_prop3=D%3Dv3&c_eVar3=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&c_prop4=D%3Dv4&c_eVar4=1470461&c_prop5=D%3Dv5&c_eVar5=report&c_prop6=D%3Dv6&c_eVar6=Biz%20%26amp%3B%20IT&c_prop7=D%3Dv7&c_eVar7=Biz%20%26amp%3B%20IT%2Fundefined&c_prop11=D%3Dv11&c_eVar11=11%3A15%20AM%7CFriday&c_prop16=not%20logged%20in&c_eVar16=not%20logged%20in&c_prop17=1&c_eVar17=1&c_prop23=D%3Dv23&c_eVar23=New&c_prop32=D%3Dv32&c_eVar32=1&c_prop44=D%3Dv44&c_eVar44=null&c_prop50=browsers%7Cchrome-2%7Cexploits-zeroday%7Cgoogle-2%7Cmicrosoft-windows-vulnerabilities%7Ctype%3A%20report&c_prop51=D%3Dv51&c_eVar51=desktop%20layout%3A1600x1200&c_prop55=D%3Dv55&c_eVar55=Dan%20Goodin&c_prop56=D%3Dv56&c_eVar56=1.0&c_prop60=D%3Dv60&c_eVar60=669&c_prop61=D%3Dv61&c_eVar61=14h%7C0d&c_prop62=D%3Dv62&c_eVar62=2019-03-08T02%3A02%3A29%2B00%3A00&c_prop65=D%3Dv65&c_eVar65=null
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/s-code-contents-566dcf5046f148f38d0aa32bf73df40db7ae7768.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.32.166.115 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-63-32-166-115.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
eecb8397baf04b7717d3b03dcda1d287218ae1d25ddedc662497f61b044d7ce8

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v021-01fd1f10e.edge-irl1.demdex.com 5.49.0.20190304124312 13ms
Pragma
no-cache
Content-Encoding
gzip
X-TID
M/NcmpQ2TBw=
Vary
Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
application/javascript;charset=utf-8
Content-Length
1441
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s96165372119218
sstats.arstechnica.com/b/ss/conde-arstechnica/1/JS-1.4.1-D7QN/ 		43 B
615 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sstats.arstechnica.com/b/ss/conde-arstechnica/1/JS-1.4.1-D7QN/s96165372119218?AQB=1&ndh=1&pf=1&t=8%2F2%2F2019%2016%3A15%3A21%205%200&D=D%3D&mid=82832905816745909563635079230505256005&aamlh=6&ce=UTF-8&ns=condenast&pageName=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&g=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cc=USD&ch=Biz%20%26amp%3B%20IT&events=event2%2Cevent28&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&v2=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&l2=browsers%7Cchrome-2%7Cexploits-zeroday%7Cgoogle-2%7Cmicrosoft-windows-vulnerabilities%7Ctype%3A%20report&c3=D%3Dv3&v3=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&c4=D%3Dv4&v4=1470461&c5=D%3Dv5&v5=report&c6=D%3Dv6&v6=Biz%20%26amp%3B%20IT&c7=D%3Dv7&v7=Biz%20%26amp%3B%20IT%2Fundefined&c11=D%3Dv11&v11=11%3A15%20AM%7CFriday&c16=not%20logged%20in&v16=not%20logged%20in&c17=1&v17=1&c23=D%3Dv23&v23=New&c32=D%3Dv32&v32=1&c44=D%3Dv44&v44=null&c50=browsers%7Cchrome-2%7Cexploits-zeroday%7Cgoogle-2%7Cmicrosoft-windows-vulnerabilities%7Ctype%3A%20report&c51=D%3Dv51&v51=desktop%20layout%3A1600x1200&c55=D%3Dv55&v55=Dan%20Goodin&c56=D%3Dv56&v56=1.0&c60=D%3Dv60&v60=669&c61=D%3Dv61&v61=14h%7C0d&c62=D%3Dv62&v62=2019-03-08T02%3A02%3A29%2B00%3A00&c65=D%3Dv65&v65=null&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
63.140.41.50 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS
arstechnica.com.ssl.d1.sc.omtrdc.net
Software
Omniture DC/2.0.0 /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
sstats.arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Cookie
sID=ca4660ed-a0c7-4f0c-9f9c-9a7a93874314; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.1946715653.1552061721; _gid=GA1.2.1262458432.1552061721; _dc_gtm_UA-31997-1=1; session_seen_posts=0; seen_posts=; s_depth=1; s_vnum_m=1554076800918%26vn%3D1; sinvisit_m=true; s_ppn=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F; s_nr=1552061721923-New; s_cc=true
Connection
keep-alive
Cache-Control
no-cache
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:21 GMT
X-Content-Type-Options
nosniff
X-C
ms-6.6.0
P3P
CP="This is not a P3P policy"
Connection
Keep-Alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Sat, 09 Mar 2019 16:15:21 GMT
Server
Omniture DC/2.0.0
xserver
www29
ETag
"3333027166621335552-4710449665961687003"
Vary
*
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, max-age=0, no-transform, private
Keep-Alive
timeout=15
Expires
Thu, 07 Mar 2019 16:15:21 GMT
en.js
c.evidon.com/sitenotice/4419/translations/ 		72 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/4419/translations/en.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.102.169 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-102-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7713f8cd92d4d6de8f561a9974209f8532e11b1db64d9a20efb50cf995609db0

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
status
200
access-control-max-age
86400
content-length
3963
last-modified
Tue, 14 Aug 2018 17:59:16 GMT
server
Apache
etag
"130e50d48e15fc5162f9707b91233f47:1534269556"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400, private;max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 09 Mar 2019 16:15:21 GMT
iabevidonmapping.js
iabmap.evidon.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://iabmap.evidon.com/iabevidonmapping.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:2800:10:27b4:f500:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ee0b073a6e108bae553cefc4977268d998facd834934bb9888f34c80198f34e6

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 08:07:26 GMT
content-encoding
gzip
last-modified
Wed, 31 Oct 2018 18:38:05 GMT
server
AmazonS3
age
89290
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
x-amz-cf-id
5mD5QuBDExIQ5zTmfir8JCpF6T_Irst9JgFV_iMB9PPOFxcZK6Ad3g==
via
1.1 60a935292c9892b0b7f9e56f65af863a.cloudfront.net (CloudFront)
evidon-cmp.js
c.evidon.com/sitenotice/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-cmp.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.102.169 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-102-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7d04fd8c29a304afd75c2cb3e00860fdb73653a0eec57ccc12f4922d581ecbe0

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
status
200
access-control-max-age
86400
content-length
6692
last-modified
Wed, 27 Feb 2019 22:45:44 GMT
server
Apache
etag
"aac133e70d8a9cffef5742dc1842b6ba:1551307548"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400, private;max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 09 Mar 2019 16:15:21 GMT
evidon-banner.js
c.evidon.com/sitenotice/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.evidon.com/sitenotice/evidon-banner.js
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.102.169 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-102-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4b51cad50779921c134fe5f8a46df29da7bdedf5f643c331d192b6057af97992

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
status
200
access-control-max-age
86400
content-length
2538
last-modified
Wed, 27 Feb 2019 22:45:43 GMT
server
Apache
etag
"41298c7c9394582aaf744ce4397a8521:1551307546"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=86400, private;max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 09 Mar 2019 16:15:21 GMT
1
l.betrad.com/site/v3/4419/3803/3/1/2/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/site/v3/4419/3803/3/1/2/1?consent=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.77.209 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-77-209.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Fri, 08 Mar 2019 16:15:22 GMT
content-encoding
gzip
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by
Express
vary
Accept-Encoding
icong1.png
c.evidon.com/pub/ 		506 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.evidon.com/pub/icong1.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.103.102.169 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-102-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
47ecf8e24654258186de2aabeeb592dc0c1f3d071b0f5b48622be67a9fd60c98

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:21 GMT
content-encoding
gzip
status
200
access-control-max-age
86400
content-length
529
last-modified
Thu, 02 Jun 2011 18:30:38 GMT
server
Apache
etag
"e06dbc187b21a416c4ef0da5a3fd3829:1307039438"
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
syndication
syndication.twitter.com/i/jot/ 		43 B
346 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/syndication?l=%7B%22_category_%22%3A%22syndicated_impression%22%2C%22triggered_on%22%3A1552061721987%2C%22dnt%22%3Afalse%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.72 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
65
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
119
pragma
no-cache
last-modified
Fri, 08 Mar 2019 16:15:22 GMT
server
tsa_f
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
10dc4eead1856d3374e83ddc3dbb5fc5
x-transaction
00ec68ef000f4d13
expires
Tue, 31 Mar 1981 05:00:00 GMT
track.php
t.skimresources.com/api/ 		22 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/track.php
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.67.47 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:22 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
warning
299 - "Deprecated API"
alt-svc
clear
content-length
22
link
t.skimresources.com/api/ 		22 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.201.67.47 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:22 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
status
200
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
warning
299 - "Deprecated API"
alt-svc
clear
content-length
22
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		162 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_318.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
a9e8a6bef7b0d2d7843c8d96d5c3828c935c86fa264f2097e5e0ddd72cef209b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 15:50:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1492
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
61883
x-xss-protection
1; mode=block
server
cafe
etag
2655862412896736968
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 08 Mar 2019 16:50:30 GMT
vendorlist.json
vendorlist.consensu.org/ 		77 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vendorlist.consensu.org/vendorlist.json
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:4000:1:af78:4c0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
50ce00ed072a39317bfd698cff66f0233eb061cf02d57e07f3daa273e0effd7e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

date
Thu, 07 Mar 2019 20:24:08 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
71475
x-cache
Hit from cloudfront
status
200
access-control-allow-origin
*
last-modified
Thu, 07 Mar 2019 16:00:18 GMT
server
AmazonS3
access-control-max-age
86400
access-control-allow-methods
GET
x-amz-version-id
PJ1Jy6JytVXY_zDMcRYtYALhv6aB0ShI
via
1.1 e7c35757c4581d46396ae4c0a48815ef.cloudfront.net (CloudFront)
cache-control
max-age=259200
content-type
application/json; charset=utf-8
x-amz-cf-id
sv56eUq3NHaSLUb0YygC2ISJ9CWS54NInNMBkli2WakGgI5A2GRFfg==
20312
l.betrad.com/site/v3/4419/3803/3/1/2/1/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/site/v3/4419/3803/3/1/2/1/20312?consent=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.77.209 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-77-209.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Fri, 08 Mar 2019 16:15:22 GMT
content-encoding
gzip
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by
Express
vary
Accept-Encoding
20312
l.betrad.com/site/v3/4419/3803/3/4/2/1/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/site/v3/4419/3803/3/4/2/1/20312?consent=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.77.209 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-77-209.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Fri, 08 Mar 2019 16:15:22 GMT
content-encoding
gzip
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by
Express
vary
Accept-Encoding
20312
l.betrad.com/site/v3/4419/3803/3/2/2/1/ 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.betrad.com/site/v3/4419/3803/3/2/2/1/20312?consent=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.77.209 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-0-77-209.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status
204
date
Fri, 08 Mar 2019 16:15:22 GMT
content-encoding
gzip
etag
W/"a-bAsFyilMr4Ra1hIU5PyoyFRunpI"
x-powered-by
Express
vary
Accept-Encoding
5c74019c40f94807b9000000.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady63488780
player.cnevids.com/script/video/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/script/video/5c74019c40f94807b9000000.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady63488780
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-e4c87f2834.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.40 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-40.fra6.r.cloudfront.net
Software
nginx/1.14.1 /
Resource Hash
89509d0e523f21696446882850e90f9d5919a16c7aba2ee3848b9dea33c3b0f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:22 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Cache
Miss from cloudfront
Status
200 OK
Connection
keep-alive
Content-Length
19112
X-XSS-Protection
1; mode=block
X-Request-Id
e1256edd-6c81-4bb2-be13-91aeb51782e6
X-Runtime
0.008994
X-Backend-Node
10.110.45.152
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.14.1
ETag
W/"0a823066cfa46be494510bd39e032af8"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
Cache-Control
max-age=0, private, must-revalidate
X-Amz-Cf-Id
YUxyUepL-qrKVqj4pMl_fbY69pktXCb6ebYNkgwIH1QTJiAH9EK2Cw==
arstechnica_war-stories-c-and-c-tiberian-sun.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/arstechnica_war-stories-c-and-c-tiberian-sun.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-100.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 27 Feb 2019 16:48:29 GMT
Via
1.1 varnish, 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Age
775613
Edge-Cache-Tag
313687566273846460968749706722669918033,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
19022
X-Request-Id
adbd00b36667674a
X-Served-By
cache-fra19141-FRA
Last-Modified
Wed, 27 Feb 2019 16:48:24 GMT
Server
cloudinary
X-Timer
S1551286109.206125,VS0,VE190
ETag
"fe52b9acd391d8bee8de15a0f429b377"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
QJkcssmex034xPqz92KCLBBZulqaJXZWwlgVm2RTw4QSKzjAzGujPA==
X-Cache-Hits
0
arstechnica_army-s-next-vertical-lift-en-route.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550680609/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550680609/arstechnica_army-s-next-vertical-lift-en-route.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-100.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
4868ca91bcd0d492c501ec5b8d44ac78d3e1226977ae14ff598f5efe78751951

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 21 Feb 2019 15:50:50 GMT
Via
1.1 varnish, 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Age
1297472
Edge-Cache-Tag
312535560964408758261298476626669868625,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
4867
X-Request-Id
0fcb1e3f977d8a35
X-Served-By
cache-hhn1523-HHN
Last-Modified
Thu, 21 Feb 2019 15:50:43 GMT
Server
cloudinary
X-Timer
S1550764250.379842,VS0,VE183
ETag
"90ad4d692f7209c01596b99729f26e7b"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
40wjFN5jYD0C_ftr6eNExJnFXJKvA77lgy3-w2FuI-pYT8W5H50MSA==
X-Cache-Hits
0
arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-100.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 15 Feb 2019 15:34:32 GMT
Via
1.1 varnish, 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Age
1816850
Edge-Cache-Tag
292757494989914907279105994976263969890,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
18172
X-Request-Id
d20856717f768878
X-Served-By
cache-fra19143-FRA
Last-Modified
Fri, 15 Feb 2019 15:34:33 GMT
Server
cloudinary
X-Timer
S1550244873.748801,VS0,VE172
ETag
"32f1b8954559c8d598e9861f5b8360b9"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
ePxfU8W1voEnq4OOb5JJqfSE8XQc-kIS7TEcuSHhi1ZXz7DuXLqLLQ==
X-Cache-Hits
0
arstechnica_sitrep-president-trump-s-missile-defense-strategy.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1548700799/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1548700799/arstechnica_sitrep-president-trump-s-missile-defense-strategy.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-100.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
de7e987b13a516c3c85e56d6b661929539d01906f8bd15f4440af2c6ed93d6ab

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Mon, 11 Feb 2019 17:05:24 GMT
Via
1.1 varnish, 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Age
2156998
Edge-Cache-Tag
451606510291173075421239350555464354948,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
8338
X-Request-Id
7d27bebea3c736e7
X-Served-By
cache-hhn1525-HHN
Last-Modified
Wed, 30 Jan 2019 18:19:14 GMT
Server
cloudinary
X-Timer
S1549904724.932595,VS0,VE232
ETag
"bcb1adcc61de1e8426163f2fa2a406ba"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
G9upKE7r_bcRQyJykjtqjlyOzv6YMlpVv-IOQYvWKFfvIKSjdZz_4A==
X-Cache-Hits
0
arstechnica_war-stories-dead-space-the-drag-tentacle.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/arstechnica_war-stories-dead-space-the-drag-tentacle.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-100.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Mar 2019 19:08:05 GMT
Via
1.1 varnish, 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Age
2215012
Edge-Cache-Tag
561334743792169660751574031162860899763,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
7393
X-Served-By
cache-fra19129-FRA
Last-Modified
Tue, 08 Jan 2019 16:38:58 GMT
Server
cloudinary
X-Timer
S1546965539.158106,VS0,VE116
ETag
"17a6e4b5eb75eb12f5d8c89eb3d0ace8"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
lb0Bs05sGAJmGZavIcxP2YMOrQWsmHwY2r0I6fTmDAIi42AmtuDrTw==
X-Cache-Hits
0
arstechnica_how-does-that-work-rising-sea-levels.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1543950592/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1543950592/arstechnica_how-does-that-work-rising-sea-levels.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-100.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
dd261883873740a78bac0e65e1cef85b5fcc28635db0ec6c77fdedc60dc88862

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Mar 2019 19:00:28 GMT
Via
1.1 varnish, 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Age
1091264
Edge-Cache-Tag
385094425222450584203964863140983279661,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
9655
X-Served-By
cache-hhn1537-HHN
Last-Modified
Thu, 06 Dec 2018 14:36:01 GMT
Server
cloudinary
X-Timer
S1544106963.502265,VS0,VE111
ETag
"bda75cc62fe7e0ea855b01b75e00e673"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
wwR7YdRHSdxKl8xplIT7Ba6NMK4RTFknw0SbzKRZvTkeEYJ0_LCkHw==
X-Cache-Hits
0
arstechnica_hybrid-options-for-us-s-next-top-fighter.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1543245409/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1543245409/arstechnica_hybrid-options-for-us-s-next-top-fighter.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-100.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
e014974a17d0f6e6775b4fcf5e53e2b0f3570edc070104c75d34a07d8dac4cc5

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Mar 2019 19:03:56 GMT
Via
1.1 varnish, 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Age
142172
Edge-Cache-Tag
283442808216472163809384800557055011655,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
6586
X-Served-By
cache-hhn1535-HHN
Last-Modified
Wed, 28 Nov 2018 14:30:45 GMT
Server
cloudinary
X-Timer
S1543418077.346624,VS0,VE114
ETag
"8a94ee8d7c54e8d420f337a0b28fb6a6"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
vR1beYLfNTsP-tbktWmpoE_aU8LIqTVOfUpoljHfe2gwTm5SkdvxBw==
X-Cache-Hits
0
arstechnica_teach-the-controversy-flat-earthers.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/arstechnica_teach-the-controversy-flat-earthers.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Mar 2019 19:00:28 GMT
Via
1.1 varnish, 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
Age
144307
Edge-Cache-Tag
522150850958368321191235208678465217967,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
10595
X-Request-Id
0d3c8bdfb997f2cc
X-Served-By
cache-fra19130-FRA
Last-Modified
Fri, 09 Nov 2018 14:44:53 GMT
Server
cloudinary
X-Timer
S1541774697.715247,VS0,VE188
ETag
"6c0c4f8a9d61ed2b5863a8058c624a37"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
-lgvWNE2YTsUCozsejd_5oWutnHyaZr28O6ys-J8zWT0SQwAYM9LYw==
X-Cache-Hits
0
arstechnica_star-control-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1540238325/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1540238325/arstechnica_star-control-war-stories.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-100.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
5ecce433fdd65965f4acae00993b06c37d0f4960c18b36312efbf96471f95474

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 23 Oct 2018 16:50:31 GMT
Via
1.1 varnish, 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Age
1351177
Edge-Cache-Tag
530064111679661360080335205530300069954,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
10583
X-Served-By
cache-hhn1536-HHN
Last-Modified
Tue, 23 Oct 2018 16:50:21 GMT
Server
cloudinary
X-Timer
S1540313432.546501,VS0,VE110
ETag
"adccb40ff91a04ac0066ab46e3c60f86"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
mDkjoq4O1KMu8zkq-P0_AGO-nHi8m_Ej8fkMqwQXjS9S_2lILhIZ-g==
X-Cache-Hits
0
arstechnica_war-stories-serious-sam.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1538576823/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1538576823/arstechnica_war-stories-serious-sam.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
ed86af54b875e74d1f45f0e835237ecb7f8d1bd3f06d51c9586576ef756a372e

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Mar 2019 19:08:08 GMT
Via
1.1 varnish, 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
Age
784482
Edge-Cache-Tag
302283555134930517008734674519776029634,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
13034
X-Served-By
cache-hhn1537-HHN
Last-Modified
Wed, 03 Oct 2018 18:45:04 GMT
Server
cloudinary
X-Timer
S1539650558.664767,VS0,VE148
ETag
"5ad02d5b6b61591f35f1a938c31ee9e9"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
iJCX6qFjUEMkjvmFvnCYHseE4oK3FL0CowxOHMGpQNLDQC-cNAvhlw==
X-Cache-Hits
0
arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-100.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Mar 2019 19:00:28 GMT
Via
1.1 varnish, 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Age
837864
Edge-Cache-Tag
389498626973997838808844380914497340413,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
12509
X-Request-Id
4e915ac71870520d
X-Served-By
cache-hhn1523-HHN
Last-Modified
Fri, 21 Sep 2018 16:51:30 GMT
Server
cloudinary
X-Timer
S1539654107.953322,VS0,VE303
ETag
"b9c502ffc902b60d0eb13698b37a945d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
c8_DGC_ErRLq6-ncQIFrRc8IvsR8wO6IPtdnU0d_Lmi_5LJV9X2ahA==
X-Cache-Hits
0
arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Mar 2019 19:10:54 GMT
Via
1.1 varnish, 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
Age
75874
Edge-Cache-Tag
294316597633303263276952824544497226127,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
7181
X-Served-By
cache-fra19147-FRA
Last-Modified
Fri, 06 Jul 2018 12:23:22 GMT
Server
cloudinary
X-Timer
S1533341234.118391,VS0,VE1
ETag
"0549828edcecd339d8d10ebe6119de70"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
32ZzJNOOzO0sYP35KDmf1ewTlzG948V14QlnCkYhsW3Trxol5_HYvQ==
X-Cache-Hits
1
arstechnica_apollo-mission-episode-1.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/arstechnica_apollo-mission-episode-1.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.100 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-100.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Mar 2019 19:08:08 GMT
Via
1.1 varnish, 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Age
310103
Edge-Cache-Tag
424632948265147424317824738369264083785,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
14040
X-Request-Id
9dae2162891da1d5
X-Served-By
cache-hhn1539-HHN
Last-Modified
Tue, 05 Dec 2017 01:52:25 GMT
Server
cloudinary
X-Timer
S1541180718.638055,VS0,VE212
ETag
"ecc047c6eed3dc571a78eab647201220"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
LwoQeeuCQPFdcoGnZJFvv1RjpKXw-eY4kxggEEJVyxcSXsE_7ggx_Q==
X-Cache-Hits
0
arstechnica_richard-garriot-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_thescene.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/arstechnica_richard-garriot-war-stories.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 16 Oct 2018 01:12:01 GMT
Via
1.1 varnish, 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
Age
1217589
Edge-Cache-Tag
489732375708630852448407029403767769375,605383893367339607624947511135489672318,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
13885
X-Request-Id
7a037febdfa5b2c1
X-Served-By
cache-hhn1545-HHN
Last-Modified
Fri, 06 Jul 2018 19:56:42 GMT
Server
cloudinary
X-Timer
S1539652322.877179,VS0,VE1
ETag
"13d45a1733ad4d2f3ae707584d6a8a32"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
2N-R9w_hb6pNiG-7XPRGtPRxQGHBgkvogcRtMfIbe3KwE_Mx_VS-Qw==
X-Cache-Hits
1
user
4d.condenastdigital.com/ 		46 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4d.condenastdigital.com/user?xid=75665ec2-eb2f-4598-9071-a1b3f2c6038e
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/services.min.js?1552061700
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.174.217.231 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-174-217-231.compute-1.amazonaws.com
Software
/
Resource Hash
62bb6746267fe1df0dd37b00f8d6200f6bf7da0835f4df9de6e4f3ed30ccee64

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

Date
Fri, 08 Mar 2019 16:15:22 GMT
content-encoding
gzip
transfer-encoding
chunked
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
Connection
keep-alive
truncated
/ 		408 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A22.205Z&_t=pageview&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4100&pSw=1600&pSh=1200&uID=70aa7437-fec5-46ea-9f03-1974676eb451&uNw=1&uUq=1&pID=083ca866-8218-4f05-8ffd-f73335d2c559&uDt=desktop&aam_uuid=82668335761286303253620890801045522588&_o=ars-technica&_c=general&xID=b46e5211-aacf-447a-ade9-1e56027804c5&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:22 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
tweets.json
cdn.syndication.twimg.com/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweets.json?callback=__twttr.callbacks.cb0&ids=1103763266445037568&lang=en&suppress_response_codes=true&theme=light&tz=GMT%2B0000
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?_=1552061721338
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
tsa_o /
Resource Hash
17374005456b65e6898fc61e57ec1cd134b72cf59d2114a4c36ec8b62cac8958
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-disposition
attachment; filename=jsonp.jsonp
strict-transport-security
max-age=631138519
content-length
2077
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report
x-response-time
164
last-modified
Fri, 08 Mar 2019 16:15:22 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
must-revalidate, max-age=60
x-connection-hash
6659980280b285131e3660fb31b70eb6
timing-allow-origin
*
x-transaction
003ed966004ac1a1
expires
Fri, 08 Mar 2019 16:16:22 GMT
57
p.ad.gt/api/v1/p/passive/63cc73a3ea43f44ca40ea0af8e9602be/4651a76b-1656-43c7-9309-9b9867f6b737/ 		51 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/passive/63cc73a3ea43f44ca40ea0af8e9602be/4651a76b-1656-43c7-9309-9b9867f6b737/57
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/57
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.81.221 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-10-81-221.us-west-2.compute.amazonaws.com
Software
nginx/1.10.1 / Express
Resource Hash
b953349d4a251b552db4844bbe7e5e99b193288ae05a174795845da11855f478

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:29 GMT
Content-Encoding
gzip
Server
nginx/1.10.1
X-Powered-By
Express
ETag
W/"ca35-fVG63xxiar60xF1GRwOGwmlXhDo"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
13248
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=4651a76b-1656-43c7-9309-9b9867f6b737&adnxs_id=$UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D4651a76b-1656-43c7-9309-9b9867f6b737%26adnxs_id%3D%24UID
  • https://ids.ad.gt/api/v1/match?id=4651a76b-1656-43c7-9309-9b9867f6b737&adnxs_id=7004295617297334264
43 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=4651a76b-1656-43c7-9309-9b9867f6b737&adnxs_id=7004295617297334264
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.123.63 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-215-123-63.us-west-2.compute.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:25 GMT
Cache-Control
public, max-age=43200
Server
nginx/1.8.1
Connection
keep-alive
Content-Type
image/gif
transfer-encoding
chunked
Expires
Sat, 09 Mar 2019 04:15:25 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:27 GMT
AN-X-Request-Uuid
4cc4dfe7-15db-434d-9da1-71ac56fbe5c2
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://ids.ad.gt/api/v1/match?id=4651a76b-1656-43c7-9309-9b9867f6b737&adnxs_id=7004295617297334264
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
185.220.70.202; 185.220.70.202; 155.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.37:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=4651a76b-1656-43c7-9309-9b9867f6b737
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=4651a76b-1656-43c7-9309-9b9867f6b737
  • https://ids.ad.gt/api/v1/t_match?tdid=382ab7b5-054d-4203-a227-10a6f3aad02a&id=4651a76b-1656-43c7-9309-9b9867f6b737
43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=382ab7b5-054d-4203-a227-10a6f3aad02a&id=4651a76b-1656-43c7-9309-9b9867f6b737
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.123.63 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-215-123-63.us-west-2.compute.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:23 GMT
Cache-Control
public, max-age=43200
Server
nginx/1.8.1
Connection
keep-alive
Content-Type
image/gif
transfer-encoding
chunked
Expires
Sat, 09 Mar 2019 04:15:23 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:22 GMT
x-aspnet-version
4.0.30319
location
https://ids.ad.gt/api/v1/t_match?tdid=382ab7b5-054d-4203-a227-10a6f3aad02a&id=4651a76b-1656-43c7-9309-9b9867f6b737
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status
302
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=4651a76b-1656-43c7-9309-9b9867f6b737
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=4651a76b-1656-43c7-9309-9b9867f6b737&google_tc=
  • https://ids.ad.gt/api/v1/g_match?id=4651a76b-1656-43c7-9309-9b9867f6b737&google_gid=CAESEGgIDRTe7TkdcVG4uO00Gd8&google_cver=1&google_ula=450542624,0
43 B
605 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=4651a76b-1656-43c7-9309-9b9867f6b737&google_gid=CAESEGgIDRTe7TkdcVG4uO00Gd8&google_cver=1&google_ula=450542624,0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.123.63 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-215-123-63.us-west-2.compute.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:23 GMT
Cache-Control
public, max-age=43200
Server
nginx/1.8.1
Connection
keep-alive
Content-Type
image/gif
transfer-encoding
chunked
Expires
Sat, 09 Mar 2019 04:15:23 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:22 GMT
server
HTTP server (unknown)
location
https://ids.ad.gt/api/v1/g_match?id=4651a76b-1656-43c7-9309-9b9867f6b737&google_gid=CAESEGgIDRTe7TkdcVG4uO00Gd8&google_cver=1&google_ula=450542624,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
357
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
adb_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=348447&dpuuid=4651a76b-1656-43c7-9309-9b9867f6b737&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fadb_match%3Fadb%3D%24%7BDD_UUID%7D%26id%3D4651a76b-1656-43c7-9309-9b986...
  • https://ids.ad.gt/api/v1/adb_match?adb=82668335761286303253620890801045522588&id=4651a76b-1656-43c7-9309-9b9867f6b737
43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/adb_match?adb=82668335761286303253620890801045522588&id=4651a76b-1656-43c7-9309-9b9867f6b737
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.123.63 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-215-123-63.us-west-2.compute.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:23 GMT
Cache-Control
public, max-age=43200
Server
nginx/1.8.1
Connection
keep-alive
Content-Type
image/gif
transfer-encoding
chunked
Expires
Sat, 09 Mar 2019 04:15:23 GMT

Redirect headers

Pragma
no-cache
X-TID
XL6Dx3/TSS0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://ids.ad.gt/api/v1/adb_match?adb=82668335761286303253620890801045522588&id=4651a76b-1656-43c7-9309-9b9867f6b737
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D4651a76b-1656-43c7-9309-9b9867f6b737
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D4651a76b-1656-43c7-9309-9b9867f6b737
  • https://ids.ad.gt/api/v1/pbm_match?pbm=9FE7294D-8D04-473B-B32D-94B1421520FA&id=4651a76b-1656-43c7-9309-9b9867f6b737
43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=9FE7294D-8D04-473B-B32D-94B1421520FA&id=4651a76b-1656-43c7-9309-9b9867f6b737
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.123.63 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-215-123-63.us-west-2.compute.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:29 GMT
Cache-Control
public, max-age=43200
Server
nginx/1.8.1
Connection
keep-alive
Content-Type
image/gif
transfer-encoding
chunked
Expires
Sat, 09 Mar 2019 04:15:29 GMT

Redirect headers

Location
https://ids.ad.gt/api/v1/pbm_match?pbm=9FE7294D-8D04-473B-B32D-94B1421520FA&id=4651a76b-1656-43c7-9309-9b9867f6b737
Date
Fri, 08 Mar 2019 16:15:29 GMT
X-Cnection
close
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Content-Length
439
Content-Type
text/html; charset=iso-8859-1
szm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://p.rfihub.com/cm?pub=38725&userid=4651a76b-1656-43c7-9309-9b9867f6b737&in=1&forward=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fszm_match%3Fszm%3D{userid}%26id%3D4651a76b-1656-43c7-9309-9b9867f6b737
  • https://ids.ad.gt/api/v1/szm_match?szm=1049690557612454184&id=4651a76b-1656-43c7-9309-9b9867f6b737
43 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/szm_match?szm=1049690557612454184&id=4651a76b-1656-43c7-9309-9b9867f6b737
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.123.63 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-215-123-63.us-west-2.compute.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:24 GMT
Cache-Control
public, max-age=43200
Server
nginx/1.8.1
Connection
keep-alive
Content-Type
image/gif
transfer-encoding
chunked
Expires
Sat, 09 Mar 2019 04:15:24 GMT

Redirect headers

Location
https://ids.ad.gt/api/v1/szm_match?szm=1049690557612454184&id=4651a76b-1656-43c7-9309-9b9867f6b737
Server
Jetty(9.0.6.v20130930)
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
local_storage_frame10.min.html
assets.bounceexchange.com/assets/bounce/ Frame 0E09 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame10.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tags/versioned/ijs_all_modules_6f1349cd453fe65dc5cdec068426e0bc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.3.46 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-99-86-3-46.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

:method
GET
:authority
assets.bounceexchange.com
:scheme
https
:path
/assets/bounce/local_storage_frame10.min.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/

Response headers

status
200
content-type
text/html
content-length
995
date
Mon, 10 Dec 2018 18:23:34 GMT
last-modified
Thu, 06 Dec 2018 22:10:11 GMT
etag
"55fccc7bc73db2181e976f1ccec90e2c"
cache-control
max-age=31536000
content-encoding
gzip
x-amz-version-id
iR64T.LKj_uq4qI1dcEGfT66vRlvUKzS
accept-ranges
bytes
server
AmazonS3
age
7595509
x-cache
Hit from cloudfront
via
1.1 89c822bb1ce1445a7be6d1057088cfbf.cloudfront.net (CloudFront)
x-amz-cf-id
u663pYizbQY9LilCTYW0UQ1ogRmKenJGLTqNJd3qi7p5aldJNJInxg==
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A22.281Z&_t=library_gpt&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4100&pSw=1600&pSh=1200&uID=70aa7437-fec5-46ea-9f03-1974676eb451&sID=6591ace8-8aae-44a1-83c2-ec2bf2edc026&pID=083ca866-8218-4f05-8ffd-f73335d2c559&uDt=desktop&aam_uuid=82668335761286303253620890801045522588&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&xID=b46e5211-aacf-447a-ade9-1e56027804c5&init=1890.064999461174&requestEnd=1266.745001077652&requestStart=1142.1300023794174&device=desktop&cns=2_25_6&_logType=info&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:22 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
ptrack-v1.2.0-engagedtime-slots.js
d1z2jf7jlzjs58.cloudfront.net/code/ 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/code/ptrack-v1.2.0-engagedtime-slots.js
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.37 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-37.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
f77676385ed899908297ac3d793b6f79b7a342438ba59b9878678c42a8a7ffa1

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
public
Date
Thu, 07 Feb 2019 00:07:57 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Jan 2019 22:59:57 GMT
Server
nginx
Age
2563644
ETag
W/"5c2e93ed-9c5a"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
Cache-Control
max-age=315360000, public
Connection
keep-alive
X-Amz-Cf-Id
dsSkFBGgbxhdhh2c608yNRCklXg_MbRl9r3iqxI2zPHm0ohmr2kvKA==
Expires
Thu, 31 Dec 2037 23:55:55 GMT
get
odb.outbrain.com/utils/ 		15 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=http%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&srcUrl=http%3A%2F%2Ffeeds.arstechnica.com%2Farstechnica%2Findex%2F&settings=true&recs=true&widgetJSId=JS_1&key=NANOWDGT01&idx=0&version=01020406&apv=false&sig=FgPyS075&format=vjapi&rand=26748&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&adblck=false&secured=true&va=true&cmpStat=1&ref=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js?_=1552061721337
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
51b1a54cfb4232c26cf1e79e731f7a221a997a07bbc667df1467308c3fe84ec8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=0; includeSubDomains;
content-encoding
gzip
traffic-path
NYDC1, JFK, HHN, Europe1
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
status
200
x-served-by
cache-jfk8128-JFK, cache-hhn1528-HHN
pragma
no-cache
x-timer
S1552061723.682009,VS0,VE129
date
Fri, 08 Mar 2019 16:15:22 GMT
vary
Accept-Encoding, User-Agent
content-type
text/x-json; charset=UTF-8
via
1.1 varnish, 1.1 varnish
expires
Thu, 01 Jan 1970 00:00:00 GMT
cache-control
no-cache
backend-ip
104.156.90.28
accept-ranges
bytes, bytes
x-cache-hits
0, 0
embed-api.json
player.cnevids.com/ 		6 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/embed-api.json?videoId=5c74019c40f94807b9000000&embedLocation=arstechnica
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5c74019c40f94807b9000000.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady63488780
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.9 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-253-9.fra6.r.cloudfront.net
Software
nginx/1.14.1 /
Resource Hash
db743eb52236d80e2d05734949cf9d6236637a0470228e1b62e812cfbf8f947c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

Date
Fri, 08 Mar 2019 16:14:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Age
49
X-Cache
Hit from cloudfront
Status
200 OK
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
2017
X-XSS-Protection
1; mode=block
X-Request-Id
8c7f4382-75d1-4565-9ef5-72432bf44fcf
X-Runtime
0.007266
X-Backend-Node
10.110.72.103
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.14.1
ETag
W/"48dda38319b9660f4b8900c25bea6138"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Via
1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
YqiRyPcudPvnePzlnQhdKa5ZUul9QIMlzZNoM6qX8rL4Kl4tmYRTOA==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A164 		240 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5c74019c40f94807b9000000.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady63488780
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4620483c3660f7ba753a841a2b165598e01d866d4cf58e5af711c347978d3d44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
83324
x-xss-protection
1; mode=block
expires
Fri, 08 Mar 2019 16:15:22 GMT
gpt_proxy.js
imasdk.googleapis.com/js/sdkloader/ 		60 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5c74019c40f94807b9000000.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady63488780
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a742cd3ac0f18dba9a942bd971db58414bdc23c3845af4474213e7b5913917c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:03:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 06 Mar 2019 20:43:19 GMT
server
sffe
age
738
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
22314
x-xss-protection
1; mode=block
expires
Fri, 08 Mar 2019 16:18:04 GMT
player-style-93d3ac933e3b2a7c0bd52030be8ef0af.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame A164 		74 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/player-style-93d3ac933e3b2a7c0bd52030be8ef0af.css
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5c74019c40f94807b9000000.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady63488780
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.94 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-94.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4cc07db5e979ec8fc492f1cd9d88391360460adc0d8ce6ae568d50cc084da3e0

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 13 Feb 2019 16:48:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 06 Feb 2019 15:32:39 GMT
Server
AmazonS3
Age
1985187
ETag
"4acddbd24b10301fdc4909837b98a5bf"
X-Cache
Hit from cloudfront
Content-Type
text/css; charset=utf-8
Via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11327
X-Amz-Cf-Id
_ZL4ZX9UmcXpiBMQB3VNDcudSUj3NFJ0xT4JyjajvZ4GuP21hI-K2A==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
main-a0f3daf0649193ef3409.js
d2c8v52ll5s99u.cloudfront.net/player/ Frame A164 		910 KB
226 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5c74019c40f94807b9000000.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady63488780
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.94 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-94.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a364d999a39b6964fa5ffba9801ae2d00111af45d45b910d1b412990cfdf4370

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Thu, 07 Mar 2019 19:00:23 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Mar 2019 17:35:27 GMT
Server
AmazonS3
Age
76500
ETag
"fc2d79b9c186b0efa11c680234cfbd48"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
231234
X-Amz-Cf-Id
bXURm3DU7v-xAoTTfTzSNQlETV4oxMG9QU1m3yE-gpqu7mIuorj3xQ==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
getcookie
evidon.mgr.consensu.org/iab/ 		169 B
381 B 		Script
General
Check archive.org
Download Go to
Full URL
https://evidon.mgr.consensu.org/iab/getcookie
Requested by
Host: c.evidon.com
URL: https://c.evidon.com/sitenotice/evidon-cmp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.4.204.57 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-4-204-57.compute-1.amazonaws.com
Software
/
Resource Hash
9b133863146a5f391e8cee0842cafc7498ae89b6f79edbecfc842055342c1fe2

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:23 GMT
access-control-allow-origin
*
x-amzn-requestid
603f831a-41bd-11e9-9faa-03cd18423d62
content-type
text/javascript
status
200
x-amzn-trace-id
Root=1-5c82951b-53d4711a8f758e4ad0d2c0ee;Sampled=0
x-amz-apigw-id
WOw8OEWIoAMFwZg=
content-length
169
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Response headers

Content-Type
image/png
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Response headers

Content-Type
video/mp4
1f5d1.png
abs.twimg.com/emoji/v2/72x72/ 		1017 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://abs.twimg.com/emoji/v2/72x72/1f5d1.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AA) /
Resource Hash
344fc83ee040ebe9934481e6612f9034adba51287c997605aa97a8cd08e1c910
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:22 GMT
x-content-type-options
nosniff
x-ton-expected-size
1017
x-cache
HIT
status
200
content-length
1017
x-response-time
113
surrogate-key
twitter-assets
last-modified
Wed, 21 Feb 2018 22:30:28 GMT
server
ECS (fcn/41AA)
etag
"fYojTpdW3SSFZ3D6qE+yRw=="
content-type
image/png
access-control-allow-origin
*
x-connection-hash
2af2c3cc79c8abb76173994a6777c700
accept-ranges
bytes
expires
Sat, 07 Mar 2020 16:15:22 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A22.591Z&_t=slot_staged&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4100&pSw=1600&pSh=1200&uID=70aa7437-fec5-46ea-9f03-1974676eb451&sID=6591ace8-8aae-44a1-83c2-ec2bf2edc026&pID=083ca866-8218-4f05-8ffd-f73335d2c559&uDt=desktop&aam_uuid=82668335761286303253620890801045522588&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&xID=b46e5211-aacf-447a-ade9-1e56027804c5&content_uri=information_technology&image_avg_surface=31903.714285714286&image_count=21&image_surface=669978&server=production&vp_height=1200&vp_width=1585&created=2179.4100031256676&staged=2198.4999999403954&pageload_to_staged=2198.4999999403954&channel=information_technology&ctx_template=article&id=1552061722570dzgv69jn2fxixrzdnrajlb0r1kzy8c&instance=0&name=post_nav_0&position_fold=atf&position_xy=125x193&tags=browsers_chrome_2_exploits_zeroday_google_2_microsoft_windows_vulnerabilities&template=article&type=post_nav&CNS_init=756.2699988484383&CNS_init_to_staged=1442.230001091957&ver_cns_ads=2_18_5&device=desktop&cns=2_25_6&_logType=info&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:22 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
fastlane.json
fastlane.rubiconproject.com/a/api/ 		239 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&size_id=2&p_pos=btf&rp_floor=0.01&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&p_screen_res=1600x1200&site_id=196712&zone_id=960274&kw=rp.fastlane&tk_flint=custom&rand=0.8751979590570833
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/htw-condenast.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
3fddddc4ef61779d4ee404b977efb8e7e7d8e0689fe9fbc71e628a2243e376aa

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:25 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=7
Content-Length
239
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&size_id=57&p_pos=btf&rp_floor=0.01&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&p_screen_res=1600x1200&site_id=196712&zone_id=960274&kw=rp.fastlane&tk_flint=custom&rand=0.5331975138612974
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/htw-condenast.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
7a6e237dfa5dce8f6dc4a3ae9f3688fc6b49d697988d9ca4ed238fc1a0c30a6a

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:25 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=9
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&size_id=55&p_pos=btf&rp_floor=0.01&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&p_screen_res=1600x1200&site_id=196712&zone_id=960274&kw=rp.fastlane&tk_flint=custom&rand=0.7272828705287215
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/htw-condenast.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
ffcd9849c2aefdce1104fa3e285d9d8ffd2d7caf0e0f4cbe2b3955e3a3059271

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:25 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=10
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
as-sec.casalemedia.com/ 		66 B
945 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7.2&s=175689&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A58745527%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%221%22%2C%22siteID%22%3A%22175689%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%222%22%2C%22siteID%22%3A%22175690%22%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%223%22%2C%22siteID%22%3A%22175691%22%7D%2C%22id%22%3A%223%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2252525caf-583e-4d58-808f-21b8c8224d2f%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222019-03-08T16%3A15%3A21%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/htw-condenast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.53.174.16 Cambridge, United States, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-53-174-16.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dd7bf70750dd60e2e47ef30369b2dec0f0c0d1f0fa27d5d819a51389cc2ebd73

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:22 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript
Content-Length
86
Expires
Fri, 08 Mar 2019 16:15:22 GMT
ADTECH;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks._KGPeRKZS
adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/ADTECH;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks._KGPeRKZS;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/ADTECH;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks....
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/ADTECH;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks._KGPeRKZS
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
nginx
access-control-allow-origin
https://arstechnica.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/ADTECH;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks._KGPeRKZS
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/ADTECH;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks._KGPeRKZS
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks._Ljxu4CM4
adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/ADTECH;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks._Ljxu4CM4;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/ADTECH;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks....
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/ADTECH;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks._Ljxu4CM4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
nginx
access-control-allow-origin
https://arstechnica.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/ADTECH;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks._Ljxu4CM4
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/ADTECH;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks._Ljxu4CM4
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A22.617Z&_t=slot_staged&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4100&pSw=1600&pSh=1200&uID=70aa7437-fec5-46ea-9f03-1974676eb451&sID=6591ace8-8aae-44a1-83c2-ec2bf2edc026&pID=083ca866-8218-4f05-8ffd-f73335d2c559&uDt=desktop&aam_uuid=82668335761286303253620890801045522588&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&xID=b46e5211-aacf-447a-ade9-1e56027804c5&content_uri=information_technology&image_avg_surface=31903.714285714286&image_count=21&image_surface=669978&server=production&vp_height=1200&vp_width=1585&created=2182.190001010895&staged=2226.3550013303757&pageload_to_staged=2226.3550013303757&channel=information_technology&ctx_template=article&id=15520617225733mk9eydpvpy7xlwbkjgohjlg1c5qhb&instance=0&name=siderail_0&position_fold=atf&position_xy=145x0&tags=browsers_chrome_2_exploits_zeroday_google_2_microsoft_windows_vulnerabilities&template=article&type=siderail&CNS_init=756.2699988484383&CNS_init_to_staged=1470.0850024819374&ver_cns_ads=2_18_5&device=desktop&cns=2_25_6&_logType=info&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:23 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
ADTECH;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._klkLM909
adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/ADTECH;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._klkLM909;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/ADTECH;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks....
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/ADTECH;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._klkLM909
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
nginx
access-control-allow-origin
https://arstechnica.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/ADTECH;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._klkLM909
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/ADTECH;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._klkLM909
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._5yhyt3RC
adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/ADTECH;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._5yhyt3RC;
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/ADTECH;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks....
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/ADTECH;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._5yhyt3RC
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
nginx
access-control-allow-origin
https://arstechnica.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/ADTECH;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._5yhyt3RC
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/ADTECH;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._5yhyt3RC
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		236 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&size_id=15&p_pos=btf&rp_floor=0.01&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&p_screen_res=1600x1200&site_id=196712&zone_id=960274&kw=rp.fastlane&tk_flint=custom&rand=0.6333546497633595
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/htw-condenast.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
f6ad658b40a08500387fc7704d972148f6626f3c3d243f55b87a65be62f85e6b

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:25 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=10
Content-Length
236
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&size_id=10&p_pos=btf&rp_floor=0.01&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&p_screen_res=1600x1200&site_id=196712&zone_id=960274&kw=rp.fastlane&tk_flint=custom&rand=0.18742151980177346
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/htw-condenast.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
fc0d336903df48aa21dd94a29e7f69c14e6f996d04f2df9291811429ff970cac

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:25 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=7
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&size_id=54&p_pos=btf&rp_floor=0.01&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&p_screen_res=1600x1200&site_id=196712&zone_id=960274&kw=rp.fastlane&tk_flint=custom&rand=0.6806060061961201
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/htw-condenast.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software
RAS 2.4 /
Resource Hash
5905ac60b7ab6149a165229f0b22b4c85645f55a4b0eae6083da9eb7e48e463e

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:26 GMT
Server
RAS 2.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Type
application/json
Keep-Alive
timeout=0, max=5
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
as-sec.casalemedia.com/ 		66 B
945 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/cygnus?v=7.2&s=175689&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A33142133%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2210%22%2C%22siteID%22%3A%22175698%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22siteID%22%3A%22175699%22%7D%2C%22id%22%3A%222%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A1050%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2212%22%2C%22siteID%22%3A%22175700%22%7D%2C%22id%22%3A%223%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2252525caf-583e-4d58-808f-21b8c8224d2f%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222019-03-08T16%3A15%3A21%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/htw-condenast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.69.96 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-69-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
852e636040ee34d67eb8b11fff1015f762b261a95f58e29771d7c2f63c795a8b

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:23 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript
Content-Length
86
Expires
Fri, 08 Mar 2019 16:15:23 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A22.631Z&_t=slot_staged&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4100&pSw=1600&pSh=1200&uID=70aa7437-fec5-46ea-9f03-1974676eb451&sID=6591ace8-8aae-44a1-83c2-ec2bf2edc026&pID=083ca866-8218-4f05-8ffd-f73335d2c559&uDt=desktop&aam_uuid=82668335761286303253620890801045522588&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&xID=b46e5211-aacf-447a-ade9-1e56027804c5&content_uri=information_technology&image_avg_surface=31903.714285714286&image_count=21&image_surface=669978&server=production&vp_height=1200&vp_width=1585&created=2185.7200041413307&staged=2240.345001220703&pageload_to_staged=2240.345001220703&channel=information_technology&ctx_template=article&id=native_xrail300x140_frame&instance=0&name=native_xrail_0&position_fold=atf&position_xy=436x0&tags=browsers_chrome_2_exploits_zeroday_google_2_microsoft_windows_vulnerabilities&template=article&type=native_xrail&CNS_init=756.2699988484383&CNS_init_to_staged=1484.0750023722649&ver_cns_ads=2_18_5&device=desktop&cns=2_25_6&_logType=info&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:23 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A22.640Z&_t=slot_staged&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4100&pSw=1600&pSh=1200&uID=70aa7437-fec5-46ea-9f03-1974676eb451&sID=6591ace8-8aae-44a1-83c2-ec2bf2edc026&pID=083ca866-8218-4f05-8ffd-f73335d2c559&uDt=desktop&aam_uuid=82668335761286303253620890801045522588&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&xID=b46e5211-aacf-447a-ade9-1e56027804c5&content_uri=information_technology&image_avg_surface=31903.714285714286&image_count=21&image_surface=669978&server=production&vp_height=1200&vp_width=1585&created=2186.640001833439&staged=2248.850002884865&pageload_to_staged=2248.850002884865&channel=information_technology&ctx_template=article&id=1552061722577baan7yap8hugdpj3r1koeh0wcq4q73&instance=0&name=out_of_page_0&out_of_page=true&position_fold=atf&position_xy=0x0&tags=browsers_chrome_2_exploits_zeroday_google_2_microsoft_windows_vulnerabilities&template=article&type=out_of_page&CNS_init=756.2699988484383&CNS_init_to_staged=1492.5800040364265&ver_cns_ads=2_18_5&device=desktop&cns=2_25_6&_logType=info&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:23 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
tweet.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
platform.twitter.com/css/ 		54 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/css/tweet.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?_=1552061721338
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A3) /
Resource Hash
c139b8dd7b1ccda2813ae79d127d1c0256f91a71fce5581887a1d5fbbca81bde

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:22 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:39:11 GMT
Server
ECS (fcn/41A3)
Etag
"ae6fef09ef216879adf6be6beb2522ea+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
Content-Type
text/css; charset=utf-8
Content-Length
12323
tweet.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
platform.twitter.com/css/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://platform.twitter.com/css/tweet.0940efb0bc0eb82a2de893b3e7b414bf.light.ltr.css
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?_=1552061721338
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41A3) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:23 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Mar 2019 17:39:11 GMT
Server
ECS (fcn/41A3)
Etag
"ae6fef09ef216879adf6be6beb2522ea+gzip"
Vary
Accept-Encoding
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Cache-Control
public, max-age=315360000
Content-Type
text/css; charset=utf-8
Content-Length
12323
bid
aax.amazon-adsystem.com/e/dtb/ 		47 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3035&u=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pid=1805108181711552061721667&cb=5267533142921552061722663&ws=1600x1200&v=7.27.00&t=2000&slots=%5B%7B%22sd%22%3A%22cns_ads_1552061722570dZGV69Jn2FxiXrZdNrajlb0r1Kzy8c_post_nav_0_container%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.48 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
56cf1565404f9c1926e44455a40f276f8748a3667fb7376e111ff544c39aa3d5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

Date
Fri, 08 Mar 2019 16:15:24 GMT
Server
Server
Vary
User-Agent
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
https://arstechnica.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
47
bid
aax.amazon-adsystem.com/e/dtb/ 		47 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=3035&u=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pid=1805108181711552061721667&cb=4365143926041552061722667&ws=1600x1200&v=7.27.00&t=2000&slots=%5B%7B%22sd%22%3A%22cns_ads_15520617225733Mk9EyDpvpY7XLwBkjGOhjlG1C5qHb_siderail_0_container%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%7D%5D&pj=%7B%22apse%22%3A%7B%22chunkRequests%22%3Afalse%2C%22shouldSampleLatency%22%3Afalse%7D%7D&cfgv=0&gdprl=%7B%22status%22%3A%22cmp-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.216.48 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
Server /
Resource Hash
6d018fea6749b205f0a18c8c3000b2e9d0a69810f88eeb79ce878dad54665ff6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

Date
Fri, 08 Mar 2019 16:15:24 GMT
Server
Server
Vary
User-Agent
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
https://arstechnica.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
47
eyJpdSI6IjU1M2I5OWE1OTBiZGQ0MWNjOWM0NjZmYjI1ZDI1ZDdkNDljYTA5YjVjYWU5M2ZjZDFjZDEzYzJhZGJiMWNhNjEiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU1M2I5OWE1OTBiZGQ0MWNjOWM0NjZmYjI1ZDI1ZDdkNDljYTA5YjVjYWU5M2ZjZDFjZDEzYzJhZGJiMWNhNjEiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.70.82 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8c6f01011ba9fb737c9c9a7ad1aa841dfd740f20f858dd556458ad8f839fccf0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Sun, 10 Feb 2019 03:15:57 GMT
Date
Fri, 08 Mar 2019 16:15:23 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=1429998
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
7712
eyJpdSI6IjNkNThkMzM1NTg2YjI1MzhjOGQzOWZiMDZiYzkwYzI5MDZjNmVlZTM1ODEwN2I2ZDQwOTA1MGNhZDQ4YzM1YTMiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjNkNThkMzM1NTg2YjI1MzhjOGQzOWZiMDZiYzkwYzI5MDZjNmVlZTM1ODEwN2I2ZDQwOTA1MGNhZDQ4YzM1YTMiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.70.82 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8b5e23b2d300b18635623a11dce1f91fcbb4dea92d9b7d24a13a709102bf9737
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Thu, 07 Feb 2019 12:30:21 GMT
Date
Fri, 08 Mar 2019 16:15:23 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=1693948
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
7306
eyJpdSI6IjI0OGI4Y2UwNTBhNDYwNTUyMmMyMmYzZjRkZGEzYzEyNzNjYWNkNTYwYzc4NDE2YjNiNWE3MzYwMDI5YTBmMDAiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI0OGI4Y2UwNTBhNDYwNTUyMmMyMmYzZjRkZGEzYzEyNzNjYWNkNTYwYzc4NDE2YjNiNWE3MzYwMDI5YTBmMDAiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.70.82 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8f18d2dbb06d9b6e11f1ce534033538ed1d2fd36eeb72661a8f57099608987b2
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Mon, 18 Feb 2019 15:42:52 GMT
Date
Fri, 08 Mar 2019 16:15:23 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=972785
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
12700
eyJpdSI6ImRhNmQ5MzczM2Y4OTU0MjRkZmQwZjZlZDdlYmY5MGQwOGU5ZjRiZjQwNDEzZjkyM2FiZWU1N2Q0ZWI0NDJiOWUiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRhNmQ5MzczM2Y4OTU0MjRkZmQwZjZlZDdlYmY5MGQwOGU5ZjRiZjQwNDEzZjkyM2FiZWU1N2Q0ZWI0NDJiOWUiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.70.82 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2287b2f9f62c564184c0c0f86c59bad3eed2bbdc7259c82840cd28bc0a439ee6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Tue, 12 Feb 2019 15:53:14 GMT
Date
Fri, 08 Mar 2019 16:15:23 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=467398
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
10626
eyJpdSI6IjI4MTQ3ZWY2OWIwY2I1NWZlNjUyYTI2ZTE5NTZmOTRmY2IzYjFjMmJlNjQ5YTEzNTdiMzNhOGY1ODI3ZDBlN2IiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI4MTQ3ZWY2OWIwY2I1NWZlNjUyYTI2ZTE5NTZmOTRmY2IzYjFjMmJlNjQ5YTEzNTdiMzNhOGY1ODI3ZDBlN2IiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.70.82 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
dfd408b32e7b286626d2dc64ad58c94fedc6abd121b9d838c6fc1482ad93ed1c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Tue, 29 Jan 2019 10:50:46 GMT
Date
Fri, 08 Mar 2019 16:15:23 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=1110104
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
5536
eyJpdSI6ImM1MWRkODEwZGZkZDNmNzYwNWNlYTkxMDY4YmVhNzQwODk5ZTM2NDMyMTA2MWI5NTI1ZWJkOGYzNTA3ZWIxYjMiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6ImM1MWRkODEwZGZkZDNmNzYwNWNlYTkxMDY4YmVhNzQwODk5ZTM2NDMyMTA2MWI5NTI1ZWJkOGYzNTA3ZWIxYjMiLCJ3IjoxNDAsImgiOjEwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.70.82 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-70-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fafacd939f169a4c75c357d1644184138e4c9b770dc6ccbf2cdc5a175fbf3e0b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Encoding
gzip
Last-Modified
Tue, 05 Feb 2019 09:59:19 GMT
Date
Fri, 08 Mar 2019 16:15:23 GMT
Vary
Accept-Encoding
Content-Type
image/webp
Cache-Control
max-age=1702670
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
11122
203707df-230b-4b1d-b7a5-aaa2e47964bc
https://arstechnica.com/ Frame A164 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://arstechnica.com/203707df-230b-4b1d-b7a5-aaa2e47964bc
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
tSrTWEcF_normal.jpg
pbs.twimg.com/profile_images/726281003317108736/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/726281003317108736/tSrTWEcF_normal.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/41AE) /
Resource Hash
66bb845b12e6e0f06c19b336978e63dce937e08aa37d66baa5c3b40d5dc8648a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-response-time
137
date
Fri, 08 Mar 2019 16:15:23 GMT
x-content-type-options
nosniff
surrogate-key
profile_images profile_images/bucket/1 profile_images/726281003317108736
last-modified
Sat, 30 Apr 2016 05:22:19 GMT
server
ECS (fcn/41AE)
access-control-allow-origin
*
x-cache
HIT
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
x-connection-hash
000ea7be0a0c6e5144d32cde7f123e0e
accept-ranges
bytes
content-length
2035
truncated
/ 		825 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		572 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		707 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		835 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7e8d9c376f9c2619e8812440b680d6b28c3ed51cb6e7e71ea877fe5441aa9215

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		323 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4

Request headers

Response headers

Content-Type
image/svg+xml;charset=utf-8
jot.html
platform.twitter.com/ Frame 0D57
Redirect Chain
  • https://syndication.twitter.com/i/jot
  • https://platform.twitter.com/jot.html
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/jot.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js?_=1552061721338
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECS (fcn/419C) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
null
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Accept-Ranges
bytes
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Fri, 08 Mar 2019 16:15:23 GMT
Etag
"d9592a6c704736fa4da218d4357976dd"
Last-Modified
Thu, 07 Mar 2019 17:40:21 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/419C)
X-Cache
HIT
Content-Length
80

Redirect headers

status
302 302 Found
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length
0
content-type
text/html;charset=utf-8
date
Fri, 08 Mar 2019 16:15:23 GMT
expires
Tue, 31 Mar 1981 05:00:00 GMT
last-modified
Fri, 08 Mar 2019 16:15:23 GMT
location
https://platform.twitter.com/jot.html
pragma
no-cache
server
tsa_f
strict-transport-security
max-age=631138519
x-connection-hash
10dc4eead1856d3374e83ddc3dbb5fc5
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-response-time
119
x-transaction
00e43347007744c5
x-tsa-request-body-time
0
x-twitter-response-tags
BouncerCompliant
x-xss-protection
0
sf-ui-display-medium-webfont.woff2
d2c8v52ll5s99u.cloudfront.net/assets/fonts/ Frame A164 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.26 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-26.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://d2c8v52ll5s99u.cloudfront.net/player/player-style-93d3ac933e3b2a7c0bd52030be8ef0af.css
Origin
https://arstechnica.com

Response headers

Date
Fri, 08 Mar 2019 16:15:24 GMT
Content-Encoding
gzip
X-Cache
RefreshHit from cloudfront
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
29632
Via
1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
Last-Modified
Mon, 26 Jun 2017 15:24:42 GMT
Server
AmazonS3
ETag
"7d18db04f980971f2a9c5026bbc34bed"
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff2
Access-Control-Allow-Origin
*
Cache-Control
max-age=63072000, public
Accept-Ranges
bytes
X-Amz-Cf-Id
Cbaq0h8B__FedPD8gDhPYNhE5wvWkbFE9xG2Pryt8xEypEXNdAwVBQ==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
bridge3.285.0_en.html
imasdk.googleapis.com/js/core/ Frame 5E22 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.285.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.285.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
182408
date
Tue, 05 Mar 2019 19:25:18 GMT
expires
Wed, 04 Mar 2020 19:25:18 GMT
last-modified
Tue, 05 Mar 2019 18:09:58 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, max-age=31536000
age
247805
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
client.js
s0.2mdn.net/instream/video/ Frame A164 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::2006 , Ireland, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10523
x-xss-protection
1; mode=block
expires
Fri, 08 Mar 2019 16:15:23 GMT
integrator.js
adservice.google.com/adsid/ Frame A164 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
fbevents.js
connect.facebook.net/en_US/ Frame A164 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN (),
Reverse DNS
Software
/
Resource Hash
6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
15216
x-xss-protection
0
pragma
public
x-fb-debug
cD4JSdNAk0Nlx4UOie1Nb6an3vd3gN+2Bkc8qhxm7JqcOtxYxueG9xf43RS2RnJE4hJK1cuIJy4vxITUAGDT/A==
date
Fri, 08 Mar 2019 16:15:23 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
comscore-min.js
d2c8v52ll5s99u.cloudfront.net/player/ Frame A164 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/comscore-min.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.94 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-94.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:14:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 24 May 2017 18:19:15 GMT
Server
AmazonS3
Age
30
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
AQIXNulE2RP5sNHnGF1VDpd7n-iAB_gdV78eEkMGLmSswA5yMC1Icg==
collect
www.google-analytics.com/r/ 		35 B
111 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/r/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://arstechnica.com
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
infinityid
infinityid.condenastdigital.com/ Frame A164 		36 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://infinityid.condenastdigital.com/infinityid
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.160.106 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-160-106.compute-1.amazonaws.com
Software
nginx/1.15.8 /
Resource Hash
2ed1e03fed787a162c3415d70cb50c1905809b1603ed964de8c0a100237f8a46

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

Date
Fri, 08 Mar 2019 16:15:23 GMT
content-encoding
gzip
Server
nginx/1.15.8
vary
origin,accept-encoding
Content-Type
text/plain; charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
Connection
keep-alive
transfer-encoding
chunked
track
capture.condenastdigital.com/ Frame A164 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2019-03-08T16%3A15%3A23.556Z&_c=&_t=Player%20Requested&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:23 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ Frame A164 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2019-03-08T16%3A15%3A23.607Z&_c=gptError&_t=gptData&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&dim1=%7B%22adBlocked%22%3Afalse%2C%22embedLocation%22%3A%22arstechnica%22%2C%22error%22%3A%22Cannot%20read%20property%20%270%27%20of%20undefined%22%2C%22publicaEnabled%22%3Afalse%2C%22videoId%22%3A%225c74019c40f94807b9000000%22%7D
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:23 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ Frame A164 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2019-03-08T16%3A15%3A23.772Z&_c=Performance&_t=adj_player_download_time&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=http%3A%2F%2Fvideo.arstechnica.com%2Fwatch%2Fwar-stories-c-and-c-tiberian-sun&cId=5c74019c40f94807b9000000&cKe=&cPd=2019-02-26T16%3A00%3A00%2B00%3A00&cTi=War%20Stories%20%7C%20Command%20%26%20Conquer%3A%20Tiberian%20Sun&mDu=782&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pWw=540&pWh=303.75&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22guid%22%3A%2210302bb2-3b20-77b3-b15b-e554dbd51c57%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22manual%22%2C%22persistent%22%3Afalse%2C%22playerDepth%22%3A3100.640625%2C%22playerType%22%3A%22video-continuous%22%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3Anull%2C%22recStrategy%22%3Anull%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3Anull%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%7D&_v=457.7450007200241&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.240.97 Ashburn, United States, ASN (),
Reverse DNS
ec2-34-235-240-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:23 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
arstechnica_war-stories-c-and-c-tiberian-sun.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1551193450/ Frame A164 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1551193450/arstechnica_war-stories-c-and-c-tiberian-sun.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
2720e6e8e7f3ae84079b8e84afdc637805a8886e610db0b29217947057a3a0e4

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Feb 2019 16:05:55 GMT
Via
1.1 varnish, 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
Age
864568
Edge-Cache-Tag
313687566273846460968749706722669918033,316951410886732526360935603098811400471,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
66605
X-Request-Id
d05453b4de442a1f
X-Served-By
cache-fra19134-FRA
Last-Modified
Tue, 26 Feb 2019 16:01:05 GMT
Server
cloudinary
X-Timer
S1551197155.084973,VS0,VE468
ETag
"88b0913f1937b6d9267d1b2ef5ebdae4"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
5r2Fq4ItJeF5G1D0T2Xb16Dz1ZUMIkC26jkrTaxY7gFfAQxCGqg0qA==
X-Cache-Hits
0
ed2945fc-45f3-4520-8dd4-648a02d3ebc4thumbs.mp4
dp8hsntg6do36.cloudfront.net/5c74019c40f94807b9000000/ Frame A164 		128 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5c74019c40f94807b9000000/ed2945fc-45f3-4520-8dd4-648a02d3ebc4thumbs.mp4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.81 Seattle, United States, ASN (),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range
bytes=0-
chrome-proxy
frfr

Response headers

Date
Fri, 08 Mar 2019 06:17:18 GMT
Via
1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
Last-Modified
Mon, 25 Feb 2019 23:46:10 GMT
Server
AmazonS3
Age
35886
ETag
"1c51b5694b5f0596f2162f4b722c3668"
X-Cache
Hit from cloudfront
Content-Type
video/mp4
Content-Range
bytes 0-2539905/2539906
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2539906
X-Amz-Cf-Id
VnbjPXZ0n6tv7XZfZZebTa6DHTO3kN-SzrOEeBwbrGN58Poe6Apk3A==
ed2945fc-45f3-4520-8dd4-648a02d3ebc4thumbs.mp4
dp8hsntg6do36.cloudfront.net/5c74019c40f94807b9000000/ Frame A164 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5c74019c40f94807b9000000/ed2945fc-45f3-4520-8dd4-648a02d3ebc4thumbs.mp4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.81 Seattle, United States, ASN (),
Reverse DNS
server-13-35-253-81.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Range
bytes=0-
chrome-proxy
frfr

Response headers

Date
Fri, 08 Mar 2019 06:17:18 GMT
Via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
Last-Modified
Mon, 25 Feb 2019 23:46:10 GMT
Server
AmazonS3
Age
35886
ETag
"1c51b5694b5f0596f2162f4b722c3668"
X-Cache
Hit from cloudfront
Content-Type
video/mp4
Content-Range
bytes 0-2539905/2539906
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2539906
X-Amz-Cf-Id
uhy-uCQg8oe1aRE36fBzfQwdXYXVm61cQDAMnFVGYo-mb-yIbj4igA==
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A23.891Z&_t=slot_requested&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4500&pSw=1600&pSh=1200&uID=5ff3cc6f-e2ed-4ce6-8711-016c45bf2d65&uNw=1&uUq=1&pID=5909252c-689a-4d39-8fc5-761c57a23948&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&xID=b46e5211-aacf-447a-ade9-1e56027804c5&content_uri=information_technology&image_avg_surface=29581.11111111111&image_count=27&image_surface=798690&server=production&vp_height=1200&vp_width=1585&created=2179.4100031256676&staged=2198.4999999403954&pageload_to_staged=2198.4999999403954&channel=information_technology&ctx_template=article&id=1552061722570dzgv69jn2fxixrzdnrajlb0r1kzy8c&instance=0&name=post_nav_0&position_fold=atf&position_xy=125x193&tags=browsers_chrome_2_exploits_zeroday_google_2_microsoft_windows_vulnerabilities&template=article&type=post_nav&CNS_init=756.2699988484383&suffix=dart&CNS_init_to_staged=1442.230001091957&inViewport=2212.3600021004677&pageLoad_to_in_viewport=1456.0900032520294&isRefresh=true&is_first_Request=true&requested=3500.150002539158&pageLoad_to_requested=3500.150002539158&CNS_init_to_requested=2743.8800036907196&ver_cns_ads=2_18_5&device=desktop&cns=2_25_6&_logType=info&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.240.97 Ashburn, United States, ASN (),
Reverse DNS
ec2-34-235-240-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:23 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A23.911Z&_t=slot_requested&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4500&pSw=1600&pSh=1200&uID=5ff3cc6f-e2ed-4ce6-8711-016c45bf2d65&sID=d5919389-1062-4eb8-b4ad-81c5e9c2b32b&pID=5909252c-689a-4d39-8fc5-761c57a23948&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&xID=b46e5211-aacf-447a-ade9-1e56027804c5&content_uri=information_technology&image_avg_surface=29581.11111111111&image_count=27&image_surface=798690&server=production&vp_height=1200&vp_width=1585&created=2182.190001010895&staged=2226.3550013303757&pageload_to_staged=2226.3550013303757&channel=information_technology&ctx_template=article&id=15520617225733mk9eydpvpy7xlwbkjgohjlg1c5qhb&instance=0&name=siderail_0&position_fold=atf&position_xy=145x0&tags=browsers_chrome_2_exploits_zeroday_google_2_microsoft_windows_vulnerabilities&template=article&type=siderail&CNS_init=756.2699988484383&suffix=dart&CNS_init_to_staged=1470.0850024819374&inViewport=2234.875001013279&pageLoad_to_in_viewport=1478.6050021648407&isRefresh=true&requested=3519.725002348423&pageLoad_to_requested=3519.725002348423&CNS_init_to_requested=2763.4550034999847&ver_cns_ads=2_18_5&device=desktop&cns=2_25_6&_logType=info&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:23 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A23.927Z&_t=slot_requested&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4500&pSw=1600&pSh=1200&uID=5ff3cc6f-e2ed-4ce6-8711-016c45bf2d65&sID=d5919389-1062-4eb8-b4ad-81c5e9c2b32b&pID=5909252c-689a-4d39-8fc5-761c57a23948&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&xID=b46e5211-aacf-447a-ade9-1e56027804c5&content_uri=information_technology&image_avg_surface=29581.11111111111&image_count=27&image_surface=798690&server=production&vp_height=1200&vp_width=1585&created=2185.7200041413307&staged=2240.345001220703&pageload_to_staged=2240.345001220703&channel=information_technology&ctx_template=article&id=native_xrail300x140_frame&instance=0&name=native_xrail_0&position_fold=atf&position_xy=436x0&tags=browsers_chrome_2_exploits_zeroday_google_2_microsoft_windows_vulnerabilities&template=article&type=native_xrail&CNS_init=756.2699988484383&suffix=dart&CNS_init_to_staged=1484.0750023722649&inViewport=2247.7200031280518&pageLoad_to_in_viewport=1491.4500042796135&isRefresh=true&requested=3535.8950048685074&pageLoad_to_requested=3535.8950048685074&CNS_init_to_requested=2779.625006020069&ver_cns_ads=2_18_5&device=desktop&cns=2_25_6&_logType=info&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:23 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A23.944Z&_t=slot_requested&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4500&pSw=1600&pSh=1200&uID=5ff3cc6f-e2ed-4ce6-8711-016c45bf2d65&sID=d5919389-1062-4eb8-b4ad-81c5e9c2b32b&pID=5909252c-689a-4d39-8fc5-761c57a23948&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&xID=b46e5211-aacf-447a-ade9-1e56027804c5&content_uri=information_technology&image_avg_surface=29581.11111111111&image_count=27&image_surface=798690&server=production&vp_height=1200&vp_width=1585&created=2186.640001833439&staged=2248.850002884865&pageload_to_staged=2248.850002884865&channel=information_technology&ctx_template=article&id=1552061722577baan7yap8hugdpj3r1koeh0wcq4q73&instance=0&name=out_of_page_0&out_of_page=true&position_fold=atf&position_xy=0x0&tags=browsers_chrome_2_exploits_zeroday_google_2_microsoft_windows_vulnerabilities&template=article&type=out_of_page&CNS_init=756.2699988484383&suffix=dart&CNS_init_to_staged=1492.5800040364265&inViewport=2257.7650025486946&pageLoad_to_in_viewport=1501.4950037002563&isRefresh=true&requested=3553.175002336502&pageLoad_to_requested=3553.175002336502&CNS_init_to_requested=2796.905003488064&ver_cns_ads=2_18_5&device=desktop&cns=2_25_6&_logType=info&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.240.97 Ashburn, United States, ASN (),
Reverse DNS
ec2-34-235-240-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:24 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1817752981404124&correlator=676067733258685&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&hxva=1&scor=4168006341531730&eid=21062745%2C21063116&vrg=318&tfcd=0&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776%2C8%3A32776&sc=1&sfv=1-0-32&iu_parts=3379%2Cconde.ars%2Cinterstitial%2Cinformation-technology%2Carticle%2C1%2Chero%2Crail%2C2&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5%2C0%2F1%2F6%2F3%2F4%2F5%2C0%2F1%2F7%2F3%2F4%2F5%2C0%2F1%2F7%2F3%2F4%2F8&prev_iu_szs=1x1%2C728x90%7C970x60%7C970x250%7C930x400%7C930x370%7C970x90%7C970x420%7C9x1%7C9x3%7C9x9%7C1200x370%2C300x250%7C300x600%7C300x1050%2C300x140&fsbs=1%2C1%2C1%2C1&ists=8&prev_scp=ctx_slot_name%3D_out_of_page_0%26ctx_slot_instance%3D_out_of_page_0%26ctx_slot_type%3D_out_of_page%26ctx_slot_manual_rn%3D0%26ctx_slot_rn%3D0%7Cctx_slot_name%3Dpost_nav_0%26ctx_slot_instance%3Dpost_nav_0%26ctx_slot_type%3Dpost_nav%26ctx_slot_manual_rn%3D0%26ctx_slot_rn%3D0%7Cctx_slot_name%3Dsiderail_0%26ctx_slot_instance%3Dsiderail_0%26ctx_slot_type%3Dsiderail%26ctx_slot_manual_rn%3D0%26ctx_slot_rn%3D0%7Cctx_slot_name%3Dnative_xrail_0%26ctx_slot_instance%3Dnative_xrail_0%26ctx_slot_type%3Dnative_xrail%26ctx_slot_manual_rn%3D0%26ctx_slot_rn%3D0&eri=1&cust_params=amznbid%3D1%26amznp%3D1%26env_device_type%3Ddesktop%26env_server%3Dproduction%26rdt_device_template%3Ddesktop_article%26cnt_tags%3Dbrowsers%252Cchrome-2%252Cexploits-zeroday%252Cgoogle-2%252Cmicrosoft-windows-vulnerabilities%26usr_bkt_pv%3D35%26ctx_cns_version%3D2_25_6%26vnd_ars_data%3D100k_pvs%26vnd_4d_ctx_topics%3DALLBRANDS_70%252CALLBRANDS_7%252CALLBRANDS_63%252CALLBRANDS_38%252CALLBRANDS_31%252CALLBRANDS_283%252CALLBRANDS_274%252CALLBRANDS_258%252CALLBRANDS_167%252CALLBRANDS_134%252CALLBRANDS_64%252CALLBRANDS_57%252CALLBRANDS_28%252CALLBRANDS_244%252CALLBRANDS_21%252CALLBRANDS_192%26vnd_4d_ctx_topic_sc%3D0.36449373524178913%252C0.36449373524178913%252C0.36449373524178913%252C0.36449373524178913%252C0.36449373524178913%252C0.36449373524178913%252C0.36449373524178913%252C0.36449373524178913%252C0.36449373524178913%252C0.36449373524178913%252C0.3303682024074294%252C0.3303682024074294%252C0.3303682024074294%252C0.3303682024074294%252C0.3303682024074294%252C0.3303682024074294%26vnd_4d_ctx_entities%3Dwindows%252Cchrome%252Cmicrosoft%252Cgoogle%252Cpage%2520layout%252Czeroday%252Csecurity%2520sandbox%252Cjustin%2520schuh%252Cprivilege%2520escalation%252Cclement%2520lecigne%252Coperating%2520system%252Cdan%2520goodin%252Cutc%252Cuse-after-free%252Ccond%25C3%25A9%2520nast%252Cmicrosoft.%252Cpost%252Cars%2520orbital%2520transmission%252Cthreat%2520analysis%2520group%252Cjeff%2520jones%26vnd_4d_ctx_ent_sc%3D1%252C0.8747121402560297%252C0.8567897402574511%252C0.8100877428057475%252C0.6660943105546828%252C0.5843780773092034%252C0.5462448150102216%252C0.5445767820667076%252C0.47182473679159576%252C0.43899052895372104%252C0.43413688302871667%252C0.41468205884677967%252C0.38494362819262024%252C0.3458045236845908%252C0.3342018205734761%252C0.32363817831813835%252C0.30472620535079054%252C0.2991889344877834%252C0.2940067052600753%252C0.2755070984827381%26vnd_4d_ctx_keywords%3Dwindows%252Cvulnerability%252Cchrome%252Cmicrosoft%252Cgoogle%252Cpage%2520layout%252Cattacker%252Cunpatched%2520flaw%252Czeroday%252Csecurity%2520sandbox%252Cjustin%2520schuh%252Cbrowser%252Cuser%252Cversion%252Cprivilege%2520escalation%252Cclement%2520lecigne%252Coperating%2520system%252Cofficial%252Cdan%2520goodin%252Cutc%26vnd_4d_ctx_kw_sc%3D1%252C0.9031162459735986%252C0.8747121402560297%252C0.8567897402574511%252C0.8100877428057475%252C0.6660943105546828%252C0.6099855839451671%252C0.5939714770030419%252C0.5843780773092034%252C0.5462448150102216%252C0.5445767820667076%252C0.5374524276793875%252C0.5311520035540467%252C0.4980227976374234%252C0.47182473679159576%252C0.43899052895372104%252C0.43413688302871667%252C0.4293979286711203%252C0.41468205884677967%252C0.38494362819262024%26vnd_4d_pid%3D88dca0f2-6d5c-45f5-bdb3-bc2a8db1b830%26vnd_prx_segments%3D300003%252C121100%252C131100%252C131103%252C210000%252C210012%252C240000%252C240002%252C240003%252C240004%252C240001%252C240005%252C240006%252C240007%252C240008%252C240009%252C240011%252C240012%252C240013%252C240014%252C240017%252C240015%252C240016%252Cwmhp4i%252C2hkgm5%252Cap05we%252Cfdf1wd%252Cf5u35n%252Cv8lc56%252C_DmPpgZICoqu_%26vnd_aam_uuid%3D82668335761286303253620890801045522588%26vnd_aam_conde%3Dsv%26vnd_4d_xid%3D75665ec2-eb2f-4598-9071-a1b3f2c6038e%26vnd_4d_sid%3D6591ace8-8aae-44a1-83c2-ec2bf2edc026%26ctx_template%3Darticle%26ctx_page_slug%3Dattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%26ctx_page_channel%3Dinformation_technology&cookie_enabled=1&bc=15&lmt=1552061723&dt=1552061723974&dlt=1552061720859&idt=1211&frm=20&biw=1585&bih=1200&oid=3&adxs=0%2C193%2C1063%2C1063&adys=0%2C80%2C370%2C786&adks=4076805749%2C1282358911%2C1902648615%2C57498633&ucis=1%7C2%7C3%7C4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&dssz=67&icsg=563671507927040&mso=262144&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C1200x90%7C300x250%7C300x0&msz=0x-1%7C1200x90%7C300x250%7C300x140&blev=1&bisch=1&ga_vid=1735068556.1552061724&ga_sid=1552061724&ga_hid=868087577&fws=4%2C4%2C4%2C4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_318.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
afc8fd115dd98ebd6904f54467adda649f1bdd808429d4809076963c0496555b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

date
Fri, 08 Mar 2019 16:15:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,145160,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
9711
x-xss-protection
1; mode=block
google-lineitem-id
-2,4830169578,-1,4736014287
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,138247271585,-1,138237302059
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_318.js
securepubads.g.doubleclick.net/gpt/ 		67 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_318.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_318.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
sffe /
Resource Hash
89d1f7ea9f5180ecaeb9026a9f22d66e7cb4a7f6842dee215980c5d2d14a94bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Mar 2019 15:59:17 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
25365
x-xss-protection
1; mode=block
expires
Fri, 08 Mar 2019 16:15:24 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_318.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::2001 , Ireland, ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
track
capture.condenastdigital.com/ Frame A164 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2019-03-08T16%3A15%3A24.009Z&_c=Player%20Event&_t=Player%20Loaded&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=http%3A%2F%2Fvideo.arstechnica.com%2Fwatch%2Fwar-stories-c-and-c-tiberian-sun&cId=5c74019c40f94807b9000000&cKe=&cPd=2019-02-26T16%3A00%3A00%2B00%3A00&cTi=War%20Stories%20%7C%20Command%20%26%20Conquer%3A%20Tiberian%20Sun&mDu=782&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pWw=540&pWh=303.75&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22guid%22%3A%2210302bb2-3b20-77b3-b15b-e554dbd51c57%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22manual%22%2C%22persistent%22%3Afalse%2C%22playerDepth%22%3A3100.640625%2C%22playerType%22%3A%22video-continuous%22%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3Anull%2C%22recStrategy%22%3Anull%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22OUT_OF_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%7D&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:24 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
c21a1645-1a87-4901-8d03-9196c0ef0748
https://arstechnica.com/ Frame A164 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://arstechnica.com/c21a1645-1a87-4901-8d03-9196c0ef0748
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d5f3418a3fa657175d5341b5e032be036cb4d5818de5d1497f2175be5a7e3701

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length
5463
Content-Type
application/javascript
ed2945fc-45f3-4520-8dd4-648a02d3ebc4manifest-ios.m3u8
dp8hsntg6do36.cloudfront.net/5c74019c40f94807b9000000/ Frame A164 		918 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5c74019c40f94807b9000000/ed2945fc-45f3-4520-8dd4-648a02d3ebc4manifest-ios.m3u8?videoIndex=0&requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.82 Seattle, United States, ASN (),
Reverse DNS
server-13-35-253-82.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a58fe84f39cc5f886751461a855297d43a3909ae323d4a0064c0a9ffbf1803c3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

Date
Thu, 07 Mar 2019 19:01:02 GMT
Via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
Vary
Origin
Age
76462
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
918
Last-Modified
Mon, 25 Feb 2019 23:44:00 GMT
Server
AmazonS3
ETag
"59f7cf78ad2c92218911c28ad165a692"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Amz-Cf-Id
RQQe9TNVc1_vHFMgFPpBbxeBTKe-i4E6vpSK81aAxP0NBMQf1cVK0w==
1663130473914833
connect.facebook.net/signals/config/ Frame A164 		186 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1663130473914833?v=2.8.42&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 , Ireland, ASN (),
Reverse DNS
Software
/
Resource Hash
eff461c78fc1534cb3117febd1aa549ea250df165c1276f95b560e50a8ba0d0a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
vary
Origin, Accept-Encoding
content-length
45967
x-xss-protection
0
pragma
public
x-fb-debug
N3E1Jrq34ZPS4HyKGiPcP3Wf5M82ONHxfm1IxCQKhPRM2dT3iLA95oro7zoF6kVTr/8pgddGfiJz0Dnqt0vKIg==
date
Fri, 08 Mar 2019 16:15:24 GMT
x-frame-options
DENY
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
headerstats
as-sec.casalemedia.com/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=175689&u=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/htw-condenast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.69.96 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-69-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:24 GMT
Server
Apache
Content-Type
text/plain
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Fri, 08 Mar 2019 16:15:24 GMT
headerstats
as-sec.casalemedia.com/ 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=175689&u=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/htw-condenast.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.69.96 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-69-96.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:24 GMT
Server
Apache
Content-Type
text/plain
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Fri, 08 Mar 2019 16:15:24 GMT
arstechnica_war-stories-c-and-c-tiberian-sun.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1551193450/ Frame A164 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1551193450/arstechnica_war-stories-c-and-c-tiberian-sun.jpg
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.168 Seattle, United States, ASN (),
Reverse DNS
server-13-35-254-168.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
2720e6e8e7f3ae84079b8e84afdc637805a8886e610db0b29217947057a3a0e4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

Date
Tue, 26 Feb 2019 16:05:55 GMT
Via
1.1 varnish, 1.1 7ce1191b390045e05b9cc74f7514b77b.cloudfront.net (CloudFront)
Age
864570
Edge-Cache-Tag
313687566273846460968749706722669918033,316951410886732526360935603098811400471,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
66605
X-Request-Id
d05453b4de442a1f
X-Served-By
cache-fra19134-FRA
Last-Modified
Tue, 26 Feb 2019 16:01:05 GMT
Server
cloudinary
X-Timer
S1551197155.084973,VS0,VE468
ETag
"88b0913f1937b6d9267d1b2ef5ebdae4"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
GJGeCSjbaqtwYnTOdN7tLIpxD2XHElrFaGiLXeIDzYvME8L5wOpoow==
X-Cache-Hits
0
arstechnica_war-stories-c-and-c-tiberian-sun.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1551193450/ Frame A164 		65 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1551193450/arstechnica_war-stories-c-and-c-tiberian-sun.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.254.194 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-35-254-194.fra6.r.cloudfront.net
Software
cloudinary /
Resource Hash
2720e6e8e7f3ae84079b8e84afdc637805a8886e610db0b29217947057a3a0e4

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Feb 2019 16:05:55 GMT
Via
1.1 varnish, 1.1 c05282a87474a55ae2a8dd2aa77d1233.cloudfront.net (CloudFront)
Age
864569
Edge-Cache-Tag
313687566273846460968749706722669918033,316951410886732526360935603098811400471,bd072c9835b885d44d7447102f8695ad
Status
200 OK
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
66605
X-Request-Id
d05453b4de442a1f
X-Served-By
cache-fra19134-FRA
Last-Modified
Tue, 26 Feb 2019 16:01:05 GMT
Server
cloudinary
X-Timer
S1551197155.084973,VS0,VE468
ETag
"88b0913f1937b6d9267d1b2ef5ebdae4"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Amz-Cf-Id
s43CQEw8qT5KnBB0c6MKkQH0jqPlFDnJ4GZwWLTetIu_nw2DaB3XSA==
X-Cache-Hits
0
ed2945fc-45f3-4520-8dd4-648a02d3ebc4file-1422k-128-48000-768.m3u8
dp8hsntg6do36.cloudfront.net/5c74019c40f94807b9000000/ Frame A164 		11 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5c74019c40f94807b9000000/ed2945fc-45f3-4520-8dd4-648a02d3ebc4file-1422k-128-48000-768.m3u8?requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.82 Seattle, United States, ASN (),
Reverse DNS
server-13-35-253-82.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
262d54dfcec7eb70a2671aeec60cd38113508e74659558fc200dd1daa9acf04b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

Date
Thu, 07 Mar 2019 19:01:03 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Feb 2019 23:48:41 GMT
Server
AmazonS3
Age
76461
Vary
Origin
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
oX1uGAe6SWcuqp5RHqlQvS8iIcTR-iY68_77mY2ox3rw_5NJm4oPFw==
Via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
cc1caf8a-e532-42c6-ad05-09de987dc730
https://arstechnica.com/ Frame A164 		64 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://arstechnica.com/cc1caf8a-e532-42c6-ad05-09de987dc730
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3445bd22374e7449265ec9c8ae91ba255148fb1583701f636792dc933befa73b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Length
65790
Content-Type
application/javascript
ed2945fc-45f3-4520-8dd4-648a02d3ebc4file-1422k-128-48000-768-00001.ts
dp8hsntg6do36.cloudfront.net/5c74019c40f94807b9000000/ Frame A164 		484 KB
468 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5c74019c40f94807b9000000/ed2945fc-45f3-4520-8dd4-648a02d3ebc4file-1422k-128-48000-768-00001.ts?requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.35.253.82 Seattle, United States, ASN (),
Reverse DNS
server-13-35-253-82.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ca6fd08300ee5329565fbb6937f74ce4f52a7de2e7c690e04548e90144545e9b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

Date
Tue, 26 Feb 2019 16:14:21 GMT
Content-Encoding
gzip
Last-Modified
Mon, 25 Feb 2019 23:48:29 GMT
Server
AmazonS3
Age
76461
Vary
Accept-Encoding,Origin
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3000
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
dBjUK7Ws8bNmkfh0VuSZcqu46u_sUfuZvbBX3qZk9iHssMP7-jpTsg==
Via
1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
m_window_focus_non_hydra.js
tpc.googlesyndication.com/pagead/js/r20190304/r20190304/client/ext/ Frame E8FB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20190304/r20190304/client/ext/m_window_focus_non_hydra.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_318.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::2001 , Ireland, ASN (),
Reverse DNS
Software
cafe /
Resource Hash
4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 15:09:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3933
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1049
x-xss-protection
1; mode=block
server
cafe
etag
9573447915536422037
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 22 Mar 2019 15:09:51 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame E8FB 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_318.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0cefd04b0620126cc85dec115db169f5e5aa1993a11b8ef277d7984f8685d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1551269762062339"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
29186
x-xss-protection
1; mode=block
expires
Fri, 08 Mar 2019 16:15:24 GMT
moatad.js
z.moatads.com/condenastdfp9588492144/ Frame E8FB 		289 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastdfp9588492144/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_318.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.70.50 , European Union, ASN (),
Reverse DNS
a2-18-70-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5197891d1dd7cf6299ccb3bbdab8e3b4105c65c118d35713dae3981d1f17ccf6

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Feb 2019 16:56:09 GMT
Server
AmazonS3
x-amz-request-id
29508319E400A029
ETag
"d682da980f78d5e325c2fb106dc1127d"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=38071
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90869
x-amz-id-2
5O4ZDhJMo5dMbiAQnYxafIRDRMFRbgS5MRzikg4XTbTGwj+DXeGCjbV9ACINV857QyrQDj7+WjQ=
778489797820282430
tpc.googlesyndication.com/simgad/ Frame E8FB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/778489797820282430
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_318.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::2001 , Ireland, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a8776cd5d9b452db19ebf8c02c4eaabe3dbfa40731a5f0385884650861d457a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 12 Feb 2019 11:41:46 GMT
x-content-type-options
nosniff
age
2090018
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1093
x-xss-protection
1; mode=block
last-modified
Tue, 16 Oct 2018 19:26:10 GMT
server
sffe
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2020 11:41:46 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_318.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
1d56c4a8196ffea388207309d9f9fe87d933a2838008ebfeb003cb0c12faaced
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1551269762062339"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
28006
x-xss-protection
1; mode=block
expires
Fri, 08 Mar 2019 16:15:24 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ Frame A138 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_318.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::2001 , Ireland, ASN (),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-32/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
timing-allow-origin
*
content-length
3971
date
Thu, 07 Feb 2019 15:37:49 GMT
expires
Fri, 07 Feb 2020 15:37:49 GMT
last-modified
Wed, 06 Feb 2019 20:59:52 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
1; mode=block
cache-control
public, immutable, max-age=31536000
age
2507855
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
creative.js
static.polarcdn.com/creative/ Frame 25DE 		286 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.polarcdn.com/creative/creative.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_318.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:f77e , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
5688c8e654e5b9f3d849be36bad2c5b88e7dc009d5c6ecb795cacd3d35e26777

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:24 GMT
content-encoding
gzip
cf-cache-status
HIT
status
200
content-length
111091
via
1.1 varnish
timing-allow-origin
*
x-varnish
1134621512 1134621509
last-modified
Wed, 06 Mar 2019 14:06:08 GMT
server
cloudflare
cache-control
max-age=10800
etag
W/"5c7fd3d0-4764b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
CF-IPCountry
cf-ipcountry
DE
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
4b461b91da0263d3-FRA
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 08 Mar 2019 17:06:25 GMT
osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 25DE 		80 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_318.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8f0cefd04b0620126cc85dec115db169f5e5aa1993a11b8ef277d7984f8685d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1551269762062339"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
29186
x-xss-protection
1; mode=block
expires
Fri, 08 Mar 2019 16:15:24 GMT
moatad.js
z.moatads.com/condenastdfp9588492144/ Frame 25DE 		289 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastdfp9588492144/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_318.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.70.50 , European Union, ASN (),
Reverse DNS
a2-18-70-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5197891d1dd7cf6299ccb3bbdab8e3b4105c65c118d35713dae3981d1f17ccf6

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 12 Feb 2019 16:56:09 GMT
Server
AmazonS3
x-amz-request-id
29508319E400A029
ETag
"d682da980f78d5e325c2fb106dc1127d"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=38071
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
90869
x-amz-id-2
5O4ZDhJMo5dMbiAQnYxafIRDRMFRbgS5MRzikg4XTbTGwj+DXeGCjbV9ACINV857QyrQDj7+WjQ=
track
capture.condenastdigital.com/ Frame A164 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2019-03-08T16%3A15%3A24.315Z&_c=gptError&_t=gptData&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&dim1=%7B%22adBlocked%22%3Afalse%2C%22embedLocation%22%3A%22arstechnica%22%2C%22error%22%3A%22Cannot%20read%20property%20%270%27%20of%20undefined%22%2C%22publicaEnabled%22%3Afalse%2C%22videoId%22%3A%225c74019c40f94807b9000000%22%7D
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:24 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame E8FB 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukU5jZB1G4x96dfKB2zar2bukNGZFmA6IwlEXJxGn0KzjvMeUxPthaiDvaUp0cAOKGfJa4tvDtNMjMSA00YkjAuXuZx0d4V6-iz48cEomh40cty4coG8trU2gHbHqmlsBMmnw8lZesBNVNjJ2pknRI2bbrcaL9vWpAJz8UlOKWsi7YjkvNHD4Z8RKIm6vvK8ApWhROlVBGDD2EmSaXQ133HPc6YUUN3VNWJIfn2XNEFleyOwHzemDHd12rpCJ1acCK67m_Cc1-IZ3OsnoXMtLeuPaSfyU7faX742kSig&sai=AMfl-YRzMYPBGPJ-Ri1TPnnqK1KNZgHGjFEy78AI09M7qGestfXvD7WgOpQJ2qeUyLszOhR7D9JeE5LIZ6-nAvpnfmS70WFf33qw3eXW7djm&sig=Cg0ArKJSzPe0xXz0BCWJEAE&adurl=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:24 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
1; mode=block
view
securepubads.g.doubleclick.net/pcs/ Frame 25DE 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYmWNZBjhOo_Dl31w3MRvyCeE2SsH3Zn9vlIGpPRNMbnv3g4hAE_LCoQrelTO8ACmSkNDdGJru6GG7KewW5yc0eh1hyh16RTMJEAUfX9vzi6vjB_ulDPsS6V6IoSkEHZBQGoMY3VZw934oHZ_4NFI8ejLQ2nVUYO9czgNJhFjiJ2aqvkHHkjJAhPdlhwl1Ex23KSRbu7H-dbanEQczG1MGnxFpWnOZdzEzE1ynUkD8GyOYKzUMLELNT0tQhszhDiR_BcF_sfNOX8r5QYsXdnWdXcrGO-5wxWru0avchw&sai=AMfl-YQRSPOZ8i4GsXsH_dGRjLSokTj-xJmPJxfYNSSlJ8Anodnibc8FcHfSOhv4SIhVUVU1nmh9TKcsdZ1lRfWo53ZXkyEf7LOf_eHHQC_n&sig=Cg0ArKJSzE_IE5BxpkSGEAE&urlfix=1&adurl=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:24 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
1; mode=block
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A24.302Z&_t=slot_rendered&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4500&pSw=1600&pSh=1200&uID=5ff3cc6f-e2ed-4ce6-8711-016c45bf2d65&sID=d5919389-1062-4eb8-b4ad-81c5e9c2b32b&pID=5909252c-689a-4d39-8fc5-761c57a23948&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&xID=b46e5211-aacf-447a-ade9-1e56027804c5&content_uri=information_technology&image_avg_surface=29581.11111111111&image_count=27&image_surface=798690&server=production&vp_height=1200&vp_width=1585&created=2186.640001833439&staged=2248.850002884865&pageload_to_staged=2248.850002884865&channel=information_technology&ctx_template=article&id=1552061722577baan7yap8hugdpj3r1koeh0wcq4q73&instance=0&name=out_of_page_0&out_of_page=true&position_fold=atf&position_xy=0x0&request_number=1&tags=browsers_chrome_2_exploits_zeroday_google_2_microsoft_windows_vulnerabilities&template=article&type=out_of_page&CNS_init=756.2699988484383&suffix=dart&CNS_init_to_staged=1492.5800040364265&inViewport=2257.7650025486946&pageLoad_to_in_viewport=1501.4950037002563&isRefresh=true&requested=3553.175002336502&pageLoad_to_requested=3553.175002336502&CNS_init_to_requested=2796.905003488064&rendered=3911.439999938011&creative_type=sized&is_empty=true&request_to_rendered=358.2649976015091&is_first_rendered=true&pageLoad_to_rendered=3911.439999938011&CNS_init_to_rendered=3155.170001089573&ver_cns_ads=2_18_5&device=desktop&cns=2_25_6&_logType=info&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.240.97 Ashburn, United States, ASN (),
Reverse DNS
ec2-34-235-240-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:24 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A24.307Z&_t=unfriendly_iframe&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4500&pSw=1600&pSh=1200&uID=5ff3cc6f-e2ed-4ce6-8711-016c45bf2d65&sID=d5919389-1062-4eb8-b4ad-81c5e9c2b32b&pID=5909252c-689a-4d39-8fc5-761c57a23948&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&xID=b46e5211-aacf-447a-ade9-1e56027804c5&content_uri=information_technology&image_avg_surface=29581.11111111111&image_count=27&image_surface=798690&server=production&vp_height=1200&vp_width=1585&created=2186.640001833439&staged=2248.850002884865&pageload_to_staged=2248.850002884865&channel=information_technology&ctx_template=article&id=1552061722577baan7yap8hugdpj3r1koeh0wcq4q73&instance=0&name=out_of_page_0&out_of_page=true&position_fold=atf&position_xy=0x0&request_number=1&tags=browsers_chrome_2_exploits_zeroday_google_2_microsoft_windows_vulnerabilities&template=article&type=out_of_page&CNS_init=756.2699988484383&suffix=dart&CNS_init_to_staged=1492.5800040364265&inViewport=2257.7650025486946&pageLoad_to_in_viewport=1501.4950037002563&isRefresh=true&requested=3553.175002336502&pageLoad_to_requested=3553.175002336502&CNS_init_to_requested=2796.905003488064&rendered=3911.439999938011&creative_type=sized&is_empty=true&request_to_rendered=358.2649976015091&is_first_rendered=true&pageLoad_to_rendered=3911.439999938011&CNS_init_to_rendered=3155.170001089573&ver_cns_ads=2_18_5&device=desktop&cns=2_25_6&_logType=info&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:24 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A24.329Z&_t=slot_rendered&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4500&pSw=1600&pSh=1200&uID=5ff3cc6f-e2ed-4ce6-8711-016c45bf2d65&sID=d5919389-1062-4eb8-b4ad-81c5e9c2b32b&pID=5909252c-689a-4d39-8fc5-761c57a23948&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&xID=b46e5211-aacf-447a-ade9-1e56027804c5&content_uri=information_technology&image_avg_surface=29581.11111111111&image_count=27&image_surface=798690&server=production&vp_height=1200&vp_width=1585&created=2179.4100031256676&staged=2198.4999999403954&pageload_to_staged=2198.4999999403954&channel=information_technology&ctx_template=article&id=1552061722570dzgv69jn2fxixrzdnrajlb0r1kzy8c&instance=0&name=post_nav_0&position_fold=atf&position_xy=125x193&request_number=1&tags=browsers_chrome_2_exploits_zeroday_google_2_microsoft_windows_vulnerabilities&template=article&type=post_nav&CNS_init=756.2699988484383&suffix=dart&CNS_init_to_staged=1442.230001091957&inViewport=2212.3600021004677&pageLoad_to_in_viewport=1456.0900032520294&isRefresh=true&is_first_Request=true&requested=3500.150002539158&pageLoad_to_requested=3500.150002539158&CNS_init_to_requested=2743.8800036907196&rendered=3938.2949993014336&advertiser_id=4552798968&creative_id=138247271585&creative_type=sized&line_item_id=4830169578&order_id=2409944368&rendered_size=1x1&request_to_rendered=438.1449967622757&pageLoad_to_rendered=3938.2949993014336&CNS_init_to_rendered=3182.0250004529953&ver_cns_ads=2_18_5&device=desktop&cns=2_25_6&_logType=info&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:24 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A24.344Z&_t=slot_rendered&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4500&pSw=1600&pSh=1200&uID=5ff3cc6f-e2ed-4ce6-8711-016c45bf2d65&sID=d5919389-1062-4eb8-b4ad-81c5e9c2b32b&pID=5909252c-689a-4d39-8fc5-761c57a23948&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&xID=b46e5211-aacf-447a-ade9-1e56027804c5&content_uri=information_technology&image_avg_surface=29581.11111111111&image_count=27&image_surface=798690&server=production&vp_height=1200&vp_width=1585&created=2182.190001010895&staged=2226.3550013303757&pageload_to_staged=2226.3550013303757&channel=information_technology&ctx_template=article&id=15520617225733mk9eydpvpy7xlwbkjgohjlg1c5qhb&instance=0&name=siderail_0&position_fold=atf&position_xy=20x0&request_number=1&tags=browsers_chrome_2_exploits_zeroday_google_2_microsoft_windows_vulnerabilities&template=article&type=siderail&CNS_init=756.2699988484383&suffix=dart&CNS_init_to_staged=1470.0850024819374&inViewport=2234.875001013279&pageLoad_to_in_viewport=1478.6050021648407&isRefresh=true&requested=3519.725002348423&pageLoad_to_requested=3519.725002348423&CNS_init_to_requested=2763.4550034999847&rendered=3953.5100013017654&advertiser_id=4660981638&creative_id=programmatic&creative_type=sized&line_item_id=programmatic&order_id=2443012271&rendered_size=300x600&request_to_rendered=433.78499895334244&pageLoad_to_rendered=3953.5100013017654&CNS_init_to_rendered=3197.240002453327&ver_cns_ads=2_18_5&device=desktop&cns=2_25_6&_logType=info&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.240.97 Ashburn, United States, ASN (),
Reverse DNS
ec2-34-235-240-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:24 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A24.407Z&_t=slot_rendered&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4500&pSw=1600&pSh=1200&uID=5ff3cc6f-e2ed-4ce6-8711-016c45bf2d65&sID=d5919389-1062-4eb8-b4ad-81c5e9c2b32b&pID=5909252c-689a-4d39-8fc5-761c57a23948&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&xID=b46e5211-aacf-447a-ade9-1e56027804c5&content_uri=information_technology&image_avg_surface=29581.11111111111&image_count=27&image_surface=798690&server=production&vp_height=1200&vp_width=1585&created=2185.7200041413307&staged=2240.345001220703&pageload_to_staged=2240.345001220703&channel=information_technology&ctx_template=article&id=native_xrail300x140_frame&instance=0&name=native_xrail_0&position_fold=atf&position_xy=786x0&request_number=1&tags=browsers_chrome_2_exploits_zeroday_google_2_microsoft_windows_vulnerabilities&template=article&type=native_xrail&CNS_init=756.2699988484383&suffix=dart&CNS_init_to_staged=1484.0750023722649&inViewport=2247.7200031280518&pageLoad_to_in_viewport=1491.4500042796135&isRefresh=true&requested=3535.8950048685074&pageLoad_to_requested=3535.8950048685074&CNS_init_to_requested=2779.625006020069&rendered=4016.55500382185&advertiser_id=1454517775&creative_id=138237302059&creative_type=sized&line_item_id=4736014287&order_id=2338761482&rendered_size=300x140&request_to_rendered=480.65999895334244&pageLoad_to_rendered=4016.55500382185&CNS_init_to_rendered=3260.2850049734116&ver_cns_ads=2_18_5&device=desktop&cns=2_25_6&_logType=info&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:24 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
truncated
/ Frame E8FB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43523ba06647c06c57234c0f78debd67189f7b50b9902aedebf351abe44173e2

Request headers

Response headers

Content-Type
image/png
wt
polarcdn-pentos.com/ Frame 25DE 		3 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://polarcdn-pentos.com/wt?e=1&n=3&p=UNKNOWN&s=1&u=43c42fc1-4e37-49db-b1db-4f8f0ef83013&v=2%2F8d0a02b&w=1.128.1&y=w&z=v1.6.27&pas=asa-web&pag2=%2F3379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F2&pai=942ba&d=arstechnica.com&l=&pajs=&pepm=gdpr-eu&pepc=n&mepc=1&cu=98b7fdff8a311bc987001fd6b103228b&t=arx&parcid=2d94d&parid=293da&parin=1&partm=0&par=s&maxts=0.036&pvhref=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&_=1552061724534
Requested by
Host: static.polarcdn.com
URL: https://static.polarcdn.com/creative/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.192.78 San Francisco, United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:24 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
x-amz-request-id
DB783A05C3FEE54D
status
200
content-length
3
x-amz-id-2
HR6fi+cOwrsUo+aPPrhwEkXGglWgyYRjfSoOWmHXK7CYt3cuTeIZsmO8mrEyano/N3YhGjUNDr0=
last-modified
Mon, 09 Jul 2018 17:31:51 GMT
server
cloudflare
etag
"28e4477bb454eb35226fe56082545e13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4b461b931c3b9d2c-AMS
wt
polarcdn-pentos.com/ Frame 25DE 		3 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://polarcdn-pentos.com/wt?e=2&n=3&p=UNKNOWN&s=1&u=43c42fc1-4e37-49db-b1db-4f8f0ef83013&v=2%2F8d0a02b&w=1.128.1&y=w&z=v1.6.27&pas=asa-web-polarpmp&pag1=conde_customcontent_market&pag2=brand_arstechnica&paenb=u&pai=942ba&d=arstechnica.com&l=&pajs=&pepm=gdpr-eu&pepc=n&mepc=1&cu=98b7fdff8a311bc987001fd6b103228b&t=atx&parcid=2d94d&parid=89130&parin=2&pvhref=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&_=1552061724535
Requested by
Host: static.polarcdn.com
URL: https://static.polarcdn.com/creative/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.192.78 San Francisco, United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:24 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
x-amz-request-id
DB783A05C3FEE54D
status
200
content-length
3
x-amz-id-2
HR6fi+cOwrsUo+aPPrhwEkXGglWgyYRjfSoOWmHXK7CYt3cuTeIZsmO8mrEyano/N3YhGjUNDr0=
last-modified
Mon, 09 Jul 2018 17:31:51 GMT
server
cloudflare
etag
"28e4477bb454eb35226fe56082545e13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4b461b931c3c9d2c-AMS
pl
bw-prod.plrsrvcs.com/bid/ Frame 25DE 		0
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw-prod.plrsrvcs.com/bid/pl
Requested by
Host: static.polarcdn.com
URL: https://static.polarcdn.com/creative/creative.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:dd0f , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method
POST
Origin
https://arstechnica.com
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type,x-openrtb-version

Response headers

date
Fri, 08 Mar 2019 16:15:24 GMT
server
cloudflare
access-control-allow-origin
*
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
status
204
cf-ray
4b461b92f8a96487-FRA
access-control-allow-headers
Content-Type, x-openrtb-version
truncated
/ Frame 25DE 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aff8299844f20b3cff588e2f91c8809671cd069e034bd3e26e3dfc42ab5f6ddb

Request headers

Response headers

Content-Type
image/png
pl
bw-prod.plrsrvcs.com/bid/ Frame 25DE 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw-prod.plrsrvcs.com/bid/pl
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:dd0f , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
50ff1196e03a191e4ee4a384b6f46841ef8c7ea0960815a5453aa13278d86573

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
x-openrtb-version
2.3
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://arstechnica.com
Content-Type
application/json

Response headers

date
Fri, 08 Mar 2019 16:15:24 GMT
content-encoding
gzip
x-polar-trace-id
x-polar-response-id
7cc319e564e1411682810fb38e14feb4
status
200
x-polar-h
ddf0e-31
x-polar-t
0.209
pragma
no-cache
server
cloudflare
cache-control
no-cache, no-store, must-revalidate
x-polar-misses
tq
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CF-IPCountry
cf-ipcountry
DE
cf-ray
4b461b9318c36487-FRA
expires
0
wt
polarcdn-pentos.com/ Frame 25DE 		3 B
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://polarcdn-pentos.com/wt?e=3&n=3&p=UNKNOWN&s=1&u=43c42fc1-4e37-49db-b1db-4f8f0ef83013&v=2%2F8d0a02b&w=1.128.1&y=w&z=v1.6.27&pas=asa-web-polarpmp&pag1=conde_customcontent_market&pag2=brand_arstechnica&paenb=y&paena=a.5b27a33e-0775-468f-a04b-c296492b0fea.7cc319&paensm=n&pai=942ba&d=arstechnica.com&l=&pajs=&pepm=gdpr-eu&pepc=n&mepc=1&cu=98b7fdff8a311bc987001fd6b103228b&t=arx&parcid=2d94d&parid=89130&parin=2&partm=1&par=s&maxts=0.367&pvhref=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&_=1552061724536
Requested by
Host: static.polarcdn.com
URL: https://static.polarcdn.com/creative/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.192.78 San Francisco, United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:24 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
x-amz-request-id
DB783A05C3FEE54D
status
200
content-length
3
x-amz-id-2
HR6fi+cOwrsUo+aPPrhwEkXGglWgyYRjfSoOWmHXK7CYt3cuTeIZsmO8mrEyano/N3YhGjUNDr0=
last-modified
Mon, 09 Jul 2018 17:31:51 GMT
server
cloudflare
etag
"28e4477bb454eb35226fe56082545e13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4b461b950e209d2c-AMS
2f09d327e77f44a4b0fba101c65687a5
polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/creative/ Frame 25DE 		16 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/creative/2f09d327e77f44a4b0fba101c65687a5?order=32e8eaf35ec444469397a2cecbab968b
Requested by
Host: static.polarcdn.com
URL: https://static.polarcdn.com/creative/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
16c65cc81a500bed4c5b12329e639c8036fa17da0544b6ce8eebf5b1b28cf28b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 08 Mar 2019 16:15:24 GMT
content-encoding
gzip
server
cloudflare
status
200
etag
W/"6e25ceebb6901c0430bbf1edd77557d1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Country
cache-control
max-age=900
x-country
DE
cf-ray
4b461b9508b8c2dd-FRA
wt
polarcdn-pentos.com/ Frame 25DE 		3 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://polarcdn-pentos.com/wt?e=4&n=3&p=NA-ARSTECH-11238837&s=1&u=43c42fc1-4e37-49db-b1db-4f8f0ef83013&v=2%2F8d0a02b&w=1.128.1&y=w&z=v1.6.27&pas=asa-web-polarpmp&pag1=conde_customcontent_market&pag2=brand_arstechnica&paenb=y&paena=a.5b27a33e-0775-468f-a04b-c296492b0fea.7cc319&paenli=48910aaf551a4cba80f709591069abc8&paenlip=f86e791fd89f402694735eec36d6ee63&paeno=32e8eaf35ec444469397a2cecbab968b&paenop=be796de2b26447b1836bc50039a4efb2&paes=fd9a1a7c3cf24f9fb674bbc3a4ebe163&paensm=n&pai=942ba&d=arstechnica.com&l=Key-native_xrail+%5BXrail%5D&pajs=body&pepm=gdpr-eu&pepc=n&mepc=1&pecy=DE&c=fc8f67cdf95c4686a1875046c263e30e&pacexp=a4dcf5e320de4bcdb15e3950f1d028d7&t=i&pasp=6fe1dded4b5f4d1a8a01dfa8492cbdab&pvhref=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&_=1552061724537
Requested by
Host: static.polarcdn.com
URL: https://static.polarcdn.com/creative/creative.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.192.78 San Francisco, United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7

Request headers

Accept
text/plain, */*; q=0.01
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:25 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
x-amz-request-id
DB783A05C3FEE54D
status
200
content-length
3
x-amz-id-2
HR6fi+cOwrsUo+aPPrhwEkXGglWgyYRjfSoOWmHXK7CYt3cuTeIZsmO8mrEyano/N3YhGjUNDr0=
last-modified
Mon, 09 Jul 2018 17:31:51 GMT
server
cloudflare
etag
"28e4477bb454eb35226fe56082545e13"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3600
access-control-allow-methods
GET
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
4b461b955e739d2c-AMS
5c8018cf48e3edcb230f0fa1
polarcdn-terrax.com/image/v1.0.0/bin/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://polarcdn-terrax.com/image/v1.0.0/bin/5c8018cf48e3edcb230f0fa1?v=caa46&w=300
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4032 , United States, ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
69bbbc9a9476877d61a5eefb20231a473a8d44b69478e177b6723167158cc32e

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:25 GMT
via
1.1 varnish
cf-cache-status
HIT
cf-ray
4b461b959fd664ab-FRA
status
200
access-control-max-age
432000
content-length
94094
x-varnish
1085253017 1085237538
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=432000
accept-ranges
bytes
timing-allow-origin
*
ADTECH;apid=1A62564892-41bd-11e9-b880-0ec83b91fe34;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks._KGPeRKZS
adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/ADTECH;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks....
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/ADTECH;apid=1A62564892-41bd-11e9-b880-0ec83b91fe34;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/ADTECH;apid=1A62564892-41bd-11e9-b880-0ec83b91fe34;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks._KGPeRKZS
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
nginx
access-control-allow-origin
https://arstechnica.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/ADTECH;apid=1A62564892-41bd-11e9-b880-0ec83b91fe34;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks._KGPeRKZS
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/ADTECH;apid=1A62564892-41bd-11e9-b880-0ec83b91fe34;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks._KGPeRKZS
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A6257636c-41bd-11e9-b2da-0efd2af68b76;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._5yhyt3RC
adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/ADTECH;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks....
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/ADTECH;apid=1A6257636c-41bd-11e9-b2da-0efd2af68b76;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/ADTECH;apid=1A6257636c-41bd-11e9-b2da-0efd2af68b76;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._5yhyt3RC
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
nginx
access-control-allow-origin
https://arstechnica.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/ADTECH;apid=1A6257636c-41bd-11e9-b2da-0efd2af68b76;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._5yhyt3RC
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/ADTECH;apid=1A6257636c-41bd-11e9-b2da-0efd2af68b76;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._5yhyt3RC
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A62575d0e-41bd-11e9-8f8a-0ee260c63e88;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._klkLM909
adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/ADTECH;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks....
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/ADTECH;apid=1A62575d0e-41bd-11e9-8f8a-0ee260c63e88;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/ADTECH;apid=1A62575d0e-41bd-11e9-8f8a-0ee260c63e88;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._klkLM909
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
nginx
access-control-allow-origin
https://arstechnica.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/ADTECH;apid=1A62575d0e-41bd-11e9-8f8a-0ee260c63e88;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._klkLM909
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/ADTECH;apid=1A62575d0e-41bd-11e9-8f8a-0ee260c63e88;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._klkLM909
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A62588fa8-41bd-11e9-a821-0eb56199d91a;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks._Ljxu4CM4
adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/
Redirect Chain
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/ADTECH;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks....
  • https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/ADTECH;apid=1A62588fa8-41bd-11e9-a821-0eb56199d91a;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=...
0
-1 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/ADTECH;apid=1A62588fa8-41bd-11e9-a821-0eb56199d91a;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks._Ljxu4CM4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
nginx
access-control-allow-origin
https://arstechnica.com
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/ADTECH;apid=1A62588fa8-41bd-11e9-a821-0eb56199d91a;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks._Ljxu4CM4
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
status
302
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
nginx
status
302
location
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/ADTECH;apid=1A62588fa8-41bd-11e9-a821-0eb56199d91a;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks._Ljxu4CM4
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-length
0
expires
Mon, 15 Jun 1998 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame A164 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x480|480x70&iu=/3379/conde.ars/player/biz-andamp-it&ciu_szs=300x60&gdfp_req=1&env=vp&output=vmap&unviewed_position_start=1&cust_params=height%3D304%26muted%3D1%26width%3D540&correlator=undefined&description_url=https%3A%2F%2Fthescene.com%2Fwatch%2Farstechnica%2Fwar-stories-c-and-c-tiberian-sun&vid=5c74019c40f94807b9000000&cmsid=1495&ppid=a48aa5a7c3244b8392a974e472daef35
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
aea9d38365ba4de33b7280f70c18f7d66d59dea245ac3fd3312680173a712d91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com

Response headers

date
Fri, 08 Mar 2019 16:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
635
x-xss-protection
1; mode=block
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
capture.condenastdigital.com/ Frame A164 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2019-03-08T16%3A15%3A26.635Z&_c=timedOut&_t=gptData&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&dim1=%7B%22adBlocked%22%3Afalse%2C%22embedLocation%22%3A%22arstechnica%22%2C%22error%22%3A%22Cannot%20read%20property%20%270%27%20of%20undefined%22%2C%22publicaEnabled%22%3Afalse%2C%22videoId%22%3A%225c74019c40f94807b9000000%22%7D
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:26 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
ADTECH;apid=1A62564892-41bd-11e9-b880-0ec83b91fe34;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks._KGPeRKZS
adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/ 		495 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704187/0/-1/ADTECH;apid=1A62564892-41bd-11e9-b880-0ec83b91fe34;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722615;callback=window.headertag.AolHtb.adResponseCallbacks._KGPeRKZS
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
303b0d7e0e332709e871ef41d691ae850435284a539d8cbfb7027621523cb444

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
text/javascript
content-length
495
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A62575d0e-41bd-11e9-8f8a-0ee260c63e88;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._klkLM909
adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/ 		495 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704180/0/-1/ADTECH;apid=1A62575d0e-41bd-11e9-8f8a-0ee260c63e88;cfp=1;rndc=1552061725;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._klkLM909
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
9fbf8629762fc602d5b2497945691093e20e0e3c5dbcd5667f91387484f661ec

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
text/javascript
content-length
495
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A6257636c-41bd-11e9-b2da-0efd2af68b76;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._5yhyt3RC
adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/ 		494 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704186/0/-1/ADTECH;apid=1A6257636c-41bd-11e9-b2da-0efd2af68b76;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722627;callback=window.headertag.AolHtb.adResponseCallbacks._5yhyt3RC
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
538f942b2f2641984484c009ac021e11b7962ae6feed30494c9bfc5173e0d218

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
text/javascript
content-length
494
expires
Mon, 15 Jun 1998 00:00:00 GMT
ADTECH;apid=1A62588fa8-41bd-11e9-a821-0eb56199d91a;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks._Ljxu4CM4
adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/ 		495 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10920.1/4704190/0/-1/ADTECH;apid=1A62588fa8-41bd-11e9-a821-0eb56199d91a;cfp=1;rndc=1552061726;cmd=bid;cors=yes;v=2;misc=1552061722616;callback=window.headertag.AolHtb.adResponseCallbacks._Ljxu4CM4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.195.15.114 Ashburn, United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
Adtech Adserver /
Resource Hash
fecc76575602843bd1e8c25001267473ae6f40885323a99b168ea4f4d7a7c7d7

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:26 GMT
server
Adtech Adserver
status
200
access-control-allow-methods
POST,GET,HEAD,OPTIONS
p3p
CP="NOI DSP DEVa OUR BUS UNI COM NAV INT"
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache
access-control-allow-credentials
true
content-type
text/javascript
content-length
495
expires
Mon, 15 Jun 1998 00:00:00 GMT
pixel.gif
v4.moatads.com/ 		43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v4.moatads.com/pixel.gif?e=17&i=CONDECW3&hp=1&cm=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=0&f=0&j=&o=3&t=1552061727531&de=425404975709&m=0&ar=ab37179-clean&q=5&cb=0&cu=1552061727531&ll=2&lm=0&ln=1&em=0&en=0&d=1454517775%3A2338761482%3A4736014287%3A138237302059&zMoatPS=native_xrail_0&zMoatPT=article&zMoatST=native_xrail&zMoatCNS=2_25_6&zMoatSZ=300x140&zMoatKWPos=Undefined&qs=1&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&zMoatPlacID=21711241785&bo=21698048816&bp=21711241785&bd=Undefined&zMoatLL=Lazy%20Load%20Not%20Defined&zMoatRFSH=Refresh%20Not%20Defined&zMoatNoRFSH=true&dfp=0%2C1&la=21711241785&zMoatAltSL=bo%3AzMoatAdUnit2%3AzMoatAdUnit3&zMoatOrigSlicer1=21698048816&zMoatOrigSlicer2=21711241785&gw=condenastdfp9588492144&fd=1&ac=1&it=500&fs=159716&na=695146735&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.175.204.148 Ashburn, United States, ASN (),
Reverse DNS
ec2-54-175-204-148.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:27 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:01 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A27.674Z&_t=slot_impression_viewable&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4500&pSw=1600&pSh=1200&uID=e4c8d8ad-8b0e-41b4-819b-65978290a465&uNw=1&uUq=1&pID=5faba888-9a73-4d22-9e31-1221434a6abe&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=cns_ads&xID=b46e5211-aacf-447a-ade9-1e56027804c5&content_uri=information_technology&image_avg_surface=30131.785714285714&image_count=28&image_surface=843690&server=production&vp_height=1200&vp_width=1585&created=2182.190001010895&staged=2226.3550013303757&pageload_to_staged=2226.3550013303757&channel=information_technology&ctx_template=article&id=15520617225733mk9eydpvpy7xlwbkjgohjlg1c5qhb&instance=0&name=siderail_0&position_fold=atf&position_xy=20x0&request_number=1&tags=browsers_chrome_2_exploits_zeroday_google_2_microsoft_windows_vulnerabilities&template=article&type=siderail&CNS_init=756.2699988484383&suffix=dart&CNS_init_to_staged=1470.0850024819374&inViewport=2234.875001013279&pageLoad_to_in_viewport=1478.6050021648407&isRefresh=true&requested=3519.725002348423&pageLoad_to_requested=3519.725002348423&CNS_init_to_requested=2763.4550034999847&rendered=3953.5100013017654&advertiser_id=4660981638&creative_id=programmatic&creative_type=sized&line_item_id=programmatic&order_id=2443012271&rendered_size=300x600&request_to_rendered=433.78499895334244&pageLoad_to_rendered=3953.5100013017654&CNS_init_to_rendered=3197.240002453327&is_first_impression_viewable=true&impression_Viewable=7282.9350009560585&in_viewport_to_visible_change=5048.0599999427795&pageLoad_to_gpt_viewable=7282.9350009560585&CNS_init_to_impression_Viewable=6526.66500210762&request_to_impression_Viewable=3763.2099986076355&ver_cns_ads=2_18_5&device=desktop&cns=2_25_6&_logType=info&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.165.0.24 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-165-0-24.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:28 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2019-03-08T16%3A15%3A27.719Z&_t=timespent&cBr=Ars%20Technica&cKe=browsers%7Cchrome%7Cexploits%20zeroday%7Cgoogle%7Cmicrosoft%20windows%20vulnerabilities&cCh=information%20technology&cTi=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&cTy=article%7Creport&cTp=ALLBRANDS_70%2C%20ALLBRANDS_7%2C%20ALLBRANDS_63%2C%20ALLBRANDS_38%2C%20ALLBRANDS_31%2C%20ALLBRANDS_283%2C%20ALLBRANDS_274%2C%20ALLBRANDS_258%2C%20ALLBRANDS_167%2C%20ALLBRANDS_134%2C%20ALLBRANDS_64%2C%20ALLBRANDS_57%2C%20ALLBRANDS_28%2C%20ALLBRANDS_244%2C%20ALLBRANDS_21%2C%20ALLBRANDS_192&cTpw=0.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.36449373524178913%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294%2C%200.3303682024074294&cEnt=windows%2C%20chrome%2C%20microsoft%2C%20google%2C%20page%20layout%2C%20zeroday%2C%20security%20sandbox%2C%20justin%20schuh%2C%20privilege%20escalation%2C%20clement%20lecigne%2C%20operating%20system%2C%20dan%20goodin%2C%20utc%2C%20use-after-free%2C%20cond%C3%A9%20nast%2C%20microsoft.%2C%20post%2C%20ars%20orbital%20transmission%2C%20threat%20analysis%20group%2C%20jeff%20jones&cEnw=1%2C%200.8747121402560297%2C%200.8567897402574511%2C%200.8100877428057475%2C%200.6660943105546828%2C%200.5843780773092034%2C%200.5462448150102216%2C%200.5445767820667076%2C%200.47182473679159576%2C%200.43899052895372104%2C%200.43413688302871667%2C%200.41468205884677967%2C%200.38494362819262024%2C%200.3458045236845908%2C%200.3342018205734761%2C%200.32363817831813835%2C%200.30472620535079054%2C%200.2991889344877834%2C%200.2940067052600753%2C%200.2755070984827381&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&cCl=669&cId=1470461&cPd=2019-03-08T02%3A02%3A29.000%2B00%3A00&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRt=direct&pHp=%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pRr=direct&pWw=1600&pWh=1200&pPw=1600&pPh=4500&pSw=1600&pSh=1200&uID=e4c8d8ad-8b0e-41b4-819b-65978290a465&sID=f2848cd0-daa1-4452-8fa9-494deb907c7d&pID=5faba888-9a73-4d22-9e31-1221434a6abe&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=general&xID=b46e5211-aacf-447a-ade9-1e56027804c5&_v=5000&cKh=windows%2Cvulnerability%2Cchrome%2Cmicrosoft%2Cgoogle%2Cpage%20layout%2Cattacker
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.117.76 Ashburn, United States, ASN (),
Reverse DNS
ec2-52-2-117-76.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:28 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
collect
www.google-analytics.com/r/ 		35 B
111 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/r/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://arstechnica.com
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
moatvideo.js
z.moatads.com/condenastjsvideocontent160527792519/ Frame A164 		280 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastjsvideocontent160527792519/moatvideo.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.70.50 , European Union, ASN (),
Reverse DNS
a2-18-70-50.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
82e8ba95aa1cacb713e907bfd0c3beff3f2a6a9fe8dc2abf0a024654386ea0d2

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 05 Mar 2019 23:37:44 GMT
Server
AmazonS3
x-amz-request-id
59803E7C650182D0
ETag
"75db201363cf0351f5d89a49c827e12a"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=7171
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
87852
x-amz-id-2
HqzRGUtLlu0akb4r8WXIXlJmwJcoXPxrJRiHckjmKZhGNiMiaTRRbq55wVkpVvo2EXJZQXRP7YU=
track
capture.condenastdigital.com/ Frame A164 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2019-03-08T16%3A15%3A27.746Z&_c=Video%20Ad&_t=Ad%20Call%20Made&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=http%3A%2F%2Fvideo.arstechnica.com%2Fwatch%2Fwar-stories-c-and-c-tiberian-sun&cId=5c74019c40f94807b9000000&cKe=&cPd=2019-02-26T16%3A00%3A00%2B00%3A00&cTi=War%20Stories%20%7C%20Command%20%26%20Conquer%3A%20Tiberian%20Sun&cTy=%2F3379%2Fconde.ars%2Fplayer%2Fbiz-andamp-it&mDu=782&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&pWw=540&pWh=303.75&xid=a48aa5a7-c324-4b83-92a9-74e472daef35&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22guid%22%3A%2210302bb2-3b20-77b3-b15b-e554dbd51c57%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22manual%22%2C%22persistent%22%3Afalse%2C%22playerDepth%22%3A3100.640625%2C%22playerType%22%3A%22video-continuous%22%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3Anull%2C%22recStrategy%22%3Anull%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22OUT_OF_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%7D&videoViews=1&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.235.240.97 Ashburn, United States, ASN (),
Reverse DNS
ec2-34-235-240-97.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 08 Mar 2019 16:15:28 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
pixel.gif
px.moatads.com/ 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CONDEVIDEOCONTENT1&hp=1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=8&f=0&j=&o=3&t=1552061727789&de=241082156854&m=0&ar=bd19db5-clean&q=8&cb=0&cu=1552061727789&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=War%20Stories%20%7C%20Command%20%26%20Conquer_%20Tiberian%20Sun%3A%2F3379%2Fconde.ars%2Fplayer%2Fbiz-andamp-it%3Aundefined%3Aundefined&zMoatVideoId=5c74019c40f94807b9000000&zMoatAP=-&qs=1&bo=arstechnica.com&bd=arstechnica.com&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&zMoatOrigSlicer2=N%2FA&gw=condenastjsvideocontent160527792519&fd=1&ac=1&it=500&fs=160816&na=1566279099&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.18.70.50 , European Union, ASN (),
Reverse DNS
a2-18-70-50.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:29 GMT
Last-Modified
Fri, 20 May 2016 15:16:00 GMT
Server
Apache
ETag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Fri, 08 Mar 2019 16:15:29 GMT
bk-coretag.js
tags.bkrtx.com/js/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.bkrtx.com/js/bk-coretag.js
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/passive/63cc73a3ea43f44ca40ea0af8e9602be/4651a76b-1656-43c7-9309-9b9867f6b737/57
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.3.166.144 Cambridge, United States, ASN (),
Reverse DNS
a23-3-166-144.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2c7b95e516f24a2da447755f07b107bd8566745dc36322a1419ef92662019cf6

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 23 Jul 2018 20:07:28 GMT
Server
Apache
ETag
"3160052-7a94-571b031e6f476"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10358
Expires
Fri, 15 Mar 2019 16:15:30 GMT
getpixels
pixels.ad.gt/api/v1/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=63cc73a3ea43f44ca40ea0af8e9602be&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&code=LU6O0M
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/passive/63cc73a3ea43f44ca40ea0af8e9602be/4651a76b-1656-43c7-9309-9b9867f6b737/57
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.33.126.96 Boardman, United States, ASN (),
Reverse DNS
ec2-52-33-126-96.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
746e702acf29abec0770d991897634ddec9bd2d3a1c5bc39c08e7d93a9636bcc

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:30 GMT
Content-Encoding
gzip
Server
nginx/1.12.1
Connection
keep-alive
Content-Length
1465
Content-Type
text/html; charset=utf-8
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 15:59:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
957
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
735
x-xss-protection
1; mode=block
expires
Fri, 08 Mar 2019 16:59:33 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 15:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
2302
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
1296
x-xss-protection
1; mode=block
expires
Fri, 08 Mar 2019 16:37:08 GMT
tr
www.facebook.com/ 		44 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=1853083501571805&ev=PageView
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 08 Mar 2019 16:15:30 GMT
tr
www.facebook.com/ 		44 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr?id=1853083501571805&ev=Audience&cd[audience_id]=LU6O0M&cd[audigent_id]=4651a76b-1656-43c7-9309-9b9867f6b737&cd[type]=passive&cd[partner_id]=57&cd[short_url_id]=&cd[engagement_type]=&cd[content_type]=&cd[conversion_pixels]=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 08 Mar 2019 16:15:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Fri, 08 Mar 2019 16:15:30 GMT
conde_nast_xid
ids.ad.gt/api/v1/put/ 		43 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/put/conde_nast_xid?conde_nast_xid=75665ec2-eb2f-4598-9071-a1b3f2c6038e
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.215.123.63 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-215-123-63.us-west-2.compute.amazonaws.com
Software
nginx/1.8.1 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:30 GMT
Cache-Control
public, max-age=43200
Server
nginx/1.8.1
Connection
keep-alive
Content-Type
image/gif
transfer-encoding
chunked
Expires
Sat, 09 Mar 2019 04:15:30 GMT
63cc73a3ea43f44ca40ea0af8e9602be
p.ad.gt/api/v1/p/tid/dec/s/ 		0
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.ad.gt/api/v1/p/tid/dec/s/63cc73a3ea43f44ca40ea0af8e9602be?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&title=A%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild&image=https%3A%2F%2Fcdn.arstechnica.net%2Fwp-content%2Fuploads%2F2014%2F10%2Fwin7-start-640x215.png&type=article&tags=&sn=1&description=Unpatched%20flaw%20used%20in%20combination%20with%20Chrome%20exploit%20doesn%27t%20work%20against%20Win%2010.
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.10.81.221 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-10-81-221.us-west-2.compute.amazonaws.com
Software
nginx/1.10.1 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:30 GMT
Server
nginx/1.10.1
X-Powered-By
Express
ETag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Length
0
/
srv-2019-03-08-16.pixel.parsely.com/plogger/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-2019-03-08-16.pixel.parsely.com/plogger/?rand=1552061730256&plid=61516463&idsite=arstechnica.com&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely_uuid%22%3A%22365c2c51-1fda-4a93-aa3d-b7af4cc90315%22%2C%22parsely_site_uuid%22%3A%228a59d6c6-87ec-46c7-8ec4-467e3c885927%22%7D&sid=1&surl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&sref=&sts=1552061730252&slts=0&title=A+%E2%80%9Cserious%E2%80%9D+Windows+0-day+is+being+actively+exploited+in+the+wild+%7C+Ars+Technica&date=Fri+Mar+08+2019+16%3A15%3A30+GMT%2B0000+(Coordinated+Universal+Time)&action=pageview&pvid=95762843&u=8a59d6c6-87ec-46c7-8ec4-467e3c885927
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.196.95.160 Ashburn, United States, ASN (),
Reverse DNS
ec2-34-196-95-160.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:30 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=868087577&t=pageview&_s=1&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-87198801-1&cid=1735068556.1552061724&jid=23912811&_gid=825587831.1552061730&gjid=1213651408&_v=j73&z=296648446
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87198801-1&cid=1735068556.1552061724&jid=23912811&_v=j73&z=296648446
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87198801-1&cid=1735068556.1552061724&jid=23912811&_v=j73&z=296648446&slf_rd=1&random=668204584
42 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87198801-1&cid=1735068556.1552061724&jid=23912811&_v=j73&z=296648446&slf_rd=1&random=668204584
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:30 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-87198801-1&cid=1735068556.1552061724&jid=23912811&_v=j73&z=296648446&slf_rd=1&random=668204584
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
51219
stags.bluekai.com/site/ Frame A377 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://stags.bluekai.com/site/51219?ret=html&phint=AudigentSegmentID%3D&phint=__bk_t%3DA%20%E2%80%9Cserious%E2%80%9D%20Windows%200-day%20is%20being%20actively%20exploited%20in%20the%20wild%20%7C%20Ars%20Technica&phint=__bk_k%3D&phint=__bk_l%3Dhttps%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&limit=10&r=51894889
Requested by
Host: tags.bkrtx.com
URL: https://tags.bkrtx.com/js/bk-coretag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.66.106.214 Amsterdam, Netherlands, ASN (),
Reverse DNS
a104-66-106-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Host
stags.bluekai.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/

Response headers

Content-Type
text/html
Content-Length
71
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
BK-Server
9257
Date
Fri, 08 Mar 2019 16:15:30 GMT
Connection
keep-alive
X-N
S
cs.js
sb.scorecardresearch.com/c2/6035094/ 		0
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/c2/6035094/cs.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.103.89.123 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-103-89-123.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 Apr 2011 23:11:26 GMT
ETag
"d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
private, no-transform, max-age=259200
Connection
keep-alive
Content-Length
20
Expires
Mon, 11 Mar 2019 16:15:33 GMT
dest4.html
condenast.demdex.net/ Frame EEC6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://condenast.demdex.net/dest4.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/6372cf21ef88ee60bc2977a4898dcb5c7945a212/s-code-contents-566dcf5046f148f38d0aa32bf73df40db7ae7768.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.130.155 Dublin, Ireland, ASN (),
Reverse DNS
ec2-54-77-130-155.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Host
condenast.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 06 Mar 2019 12:38:24 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Vary
Accept-Encoding, User-Agent
X-TID
i90But1iSvo=
Content-Length
2415
Connection
keep-alive
collect
www.google-analytics.com/r/ 		35 B
111 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/r/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 16:15:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://arstechnica.com
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
cdb
bidder.criteo.com/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=65&profileId=154&cb=14627918885
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
178.250.0.93 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://arstechnica.com
Date
Fri, 08 Mar 2019 16:15:34 GMT
Access-Control-Allow-Credentials
true
Server
Finatra
Timing-Allow-Origin
*
Vary
Origin
cdb
bidder.criteo.com/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=65&profileId=154&cb=9942925018
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
178.250.0.93 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
https://arstechnica.com
Date
Fri, 08 Mar 2019 16:15:34 GMT
Access-Control-Allow-Credentials
true
Server
Finatra
Timing-Allow-Origin
*
Vary
Origin
pixel.gif
v4.moatads.com/ 		43 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v4.moatads.com/pixel.gif?e=11&i=CONDECW3&hp=1&cm=8&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&k=&bq=0&f=0&j=&o=3&t=1552061727531&de=425404975709&m=0&ar=ab37179-clean&q=10&cb=0&cu=1552061727531&ll=2&lm=0&ln=1&em=0&en=0&d=1454517775%3A2338761482%3A4736014287%3A138237302059&zMoatPS=native_xrail_0&zMoatPT=article&zMoatST=native_xrail&zMoatCNS=2_25_6&zMoatSZ=300x140&zMoatKWPos=Undefined&qs=1&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&zMoatPlacID=21711241785&bo=21698048816&bp=21711241785&bd=Undefined&zMoatLL=Lazy%20Load%20Not%20Defined&zMoatRFSH=Refresh%20Not%20Defined&zMoatNoRFSH=true&dfp=0%2C1&la=21711241785&zMoatAltSL=bo%3AzMoatAdUnit2%3AzMoatAdUnit3&zMoatOrigSlicer1=21698048816&zMoatOrigSlicer2=21711241785&gw=condenastdfp9588492144&fd=1&ac=1&it=500&fs=159716&na=554479013&cs=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
54.175.204.148 Ashburn, United States, ASN (),
Reverse DNS
ec2-54-175-204-148.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 08 Mar 2019 16:15:37 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
srv-2019-03-08-16.pixel.parsely.com/plogger/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-2019-03-08-16.pixel.parsely.com/plogger/?rand=1552061740755&plid=61516463&idsite=arstechnica.com&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22parsely_uuid%22%3A%22365c2c51-1fda-4a93-aa3d-b7af4cc90315%22%2C%22parsely_site_uuid%22%3A%228a59d6c6-87ec-46c7-8ec4-467e3c885927%22%7D&sid=1&surl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2019%2F03%2Fattackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild%2F&sref=&sts=1552061740755&slts=0&date=Fri+Mar+08+2019+16%3A15%3A40+GMT%2B0000+(Coordinated+Universal+Time)&action=heartbeat&inc=5&tt=4900&pvid=95762843&u=8a59d6c6-87ec-46c7-8ec4-467e3c885927
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.200.171.196 Ashburn, United States, ASN (),
Reverse DNS
ec2-34-200-171-196.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://arstechnica.com/information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 08 Mar 2019 16:15:41 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| ars object| digitalData object| cns object| dataLayer object| google_tag_manager object| BOOMR_mq object| urlParams object| myParam string| GoogleAnalyticsObject function| ga object| _qevents object| __adIq_Config string| b object| h function| getVisitNumCustom number| d string| _linkedin_partner_id object| _linkedin_data_partner_ids object| SparrowCache function| Sparrow object| google_tag_data object| gaplugins boolean| sparrowInitialize object| _4d object| _sparrow object| Twig object| Arrive function| FPCountdown function| $ function| jQuery function| moment function| UAParser function| purl function| twig function| EvEmitter function| imagesLoaded function| easydropdown function| m function| transitionEnd string| $queryString function| arsVideoModulePlayerReady63488780 function| __cmp function| quantserve function| __qc object| ezt object| _qoptions object| gaGlobal object| gaData function| Visitor object| _satellite object| s_c_il number| s_c_in object| PARSELY object| __SKIM_JS_GLOBAL__ function| skimlinksBeaconCallback function| skimlinksBeaconSecondaryCallback function| skimlinksBeaconAuxCallback object| googletag function| moatCondeListener object| apstag object| headertag object| CN function| arsData object| _cne object| PolarConde object| bouncex function| _bizo_local_logger function| _bizo_fire_partners boolean| _bizo_main_already_called string| hash function| s_doPlugins function| s_getLoadTime boolean| _scObj object| scDil boolean| sc undefined| prop function| AppMeasurement function| s_gi function| s_pgicq object| s string| s_loadT function| DIL number| s_objectID number| s_giq object| evidon number| vb object| OBR string| OB_releaseVer function| OBR$ object| outbrain object| outbrain_rater object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_js_reporting_queue function| processGoogleToken object| Criteo function| headertag_render object| rubicontag object| __core-js_shared__ object| core object| Sailthru object| NATIVEADS object| NATIVEADS_QUEUE object| __twttrll object| twttr object| __twttr function| AppMeasurement_Module_DIL object| s_i_conde-arstechnica function| demdexRequestCallback_0_1552061721928 object| GPT_jstiming undefined| google_measure_js_timing function| docReady boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id object| NATIVEADS_STORE function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_show_companion_ad function| google_show_companion_ad_in_slot function| google_get_companion_slot_params function| google_companion_error function| google_companion_loaded function| google_increment_num_ad_mouseovers string| google_ad_output string| google_ad_client string| google_flash_version boolean| google_webgl_support string| google_ad_section string| google_country function| mb object| closure_lm_78351 object| google number| google_unique_id object| google_reactive_ads_global_state object| closure_lm_35208 object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| criteo_pubtag string| key object| Moat#G26 boolean| Moat#EVA object| MoatSuperV26 number| google_global_correlator function| bk_async string| au_audience_code string| audigent_visitor_id object| tags object| BKTAG function| bk_addUserCtx function| bk_addPageCtx function| bk_addEmailHash function| bk_addPhoneHash function| bk_doJSTag function| bk_doJSTag2 function| bk_doCarsJSTag function| bk_doPartnerAltTag function| bk_doCallbackTag function| bk_doCallbackTagWithTimeOut object| aupixels function| arrive function| unbindArrive function| leave function| unbindLeave

0 Cookies

12 Console Messages

Source Level URL
Text
console-api warning URL: https://player.cnevids.com/interlude/arstechnica.js(Line 2)
Message:
CNE Player: no interlude for "information-technology/2019/03/attackers-are-actively-exploiting-a-serious-windows-zeroday-in-the-wild" ("No available slot found.")
console-api log URL: https://c.evidon.com/sitenotice/evidon-sitenotice-tag.js(Line 1)
Message:
Evidon -- evidon-notice-link not found on page, cant display the consent link.
console-api log URL: https://js-sec.indexww.com/ht/htw-condenast.js(Line 3)
Message:
digiTrustUser not defined
console-api log URL: https://js-sec.indexww.com/ht/htw-condenast.js(Line 3)
Message:
digiTrustUser not defined
console-api log URL: https://js-sec.indexww.com/ht/htw-condenast.js(Line 3)
Message:
digiTrustUser not defined
console-api log URL: https://js-sec.indexww.com/ht/htw-condenast.js(Line 3)
Message:
digiTrustUser not defined
console-api log URL: https://js-sec.indexww.com/ht/htw-condenast.js(Line 3)
Message:
digiTrustUser not defined
console-api log URL: https://js-sec.indexww.com/ht/htw-condenast.js(Line 3)
Message:
digiTrustUser not defined
console-api warning URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js(Line 12)
Message:
TypeError: Cannot read property 'getItem' of null
console-api warning URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js(Line 12)
Message:
PLAYER lineItem error?:
console-api warning URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js(Line 12)
Message:
PLAYER lineItem error?:
console-api warning URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-a0f3daf0649193ef3409.js(Line 12)
Message:
PLAYER lineItem error?:

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4d.condenastdigital.com
a.ad.gt
aax.amazon-adsystem.com
abs.twimg.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
ak.sail-horizon.com
ampcid.google.com
ampcid.google.de
api.cnevids.com
api.rlcdn.com
api.skimlinks.mgr.consensu.org
arstechnica.com
as-sec.casalemedia.com
assets.adobedtm.com
assets.bounceexchange.com
bidder.criteo.com
bw-prod.plrsrvcs.com
c.amazon-adsystem.com
c.evidon.com
capture.condenastdigital.com
cdn.accelerator.arsdev.net
cdn.arstechnica.net
cdn.mediavoice.com
cdn.syndication.twimg.com
cm.everesttech.net
cm.g.doubleclick.net
condenast.demdex.net
connect.facebook.net
d.turn.com
d1z2jf7jlzjs58.cloudfront.net
d2c8v52ll5s99u.cloudfront.net
dp8hsntg6do36.cloudfront.net
dpm.demdex.net
dwgyu36up6iuz.cloudfront.net
evidon.mgr.consensu.org
fastlane.rubiconproject.com
iabmap.evidon.com
ids.ad.gt
image2.pubmatic.com
images.outbrainimg.com
imasdk.googleapis.com
infinityid.condenastdigital.com
js-sec.indexww.com
l.betrad.com
log.outbrainimg.com
match.adsrvr.org
mid.rkdms.com
odb.outbrain.com
p.ad.gt
p.rfihub.com
p.skimresources.com
pagead2.googlesyndication.com
pbs.twimg.com
pixel.condenastdigital.com
pixels.ad.gt
platform.twitter.com
player.cnevids.com
plugin.mediavoice.com
polarcdn-pentos.com
polarcdn-terrax.com
pubads.g.doubleclick.net
px.ads.linkedin.com
px.moatads.com
r.skimresources.com
rules.quantcount.com
s.skimresources.com
s0.2mdn.net
sb.scorecardresearch.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
segment-data.zqtk.net
snap.licdn.com
srv-2019-03-08-16.config.parsely.com
srv-2019-03-08-16.pixel.parsely.com
sstats.arstechnica.com
stags.bluekai.com
static.criteo.net
static.polarcdn.com
stats.g.doubleclick.net
syndication.twitter.com
t.skimresources.com
tag.bounceexchange.com
tags.bkrtx.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
v4.moatads.com
vendorlist.consensu.org
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
z.moatads.com
104.103.102.169
104.103.89.123
104.17.192.78
104.244.42.72
104.66.106.214
13.35.253.129
13.35.253.40
13.35.253.81
13.35.253.82
13.35.253.9
13.35.253.99
13.35.254.100
13.35.254.168
13.35.254.194
13.35.254.26
13.35.254.37
13.35.254.94
151.101.0.239
151.101.2.2
151.139.128.10
152.195.15.114
172.217.21.194
176.34.134.126
178.250.0.130
178.250.0.93
185.31.128.129
185.64.189.110
2.18.69.225
2.18.69.88
2.18.69.96
2.18.70.50
2.18.70.82
205.234.175.175
213.19.162.41
216.58.210.2
23.220.34.169
23.3.166.144
23.53.174.16
2600:9000:200c:2800:10:27b4:f500:93a1
2600:9000:200c:4000:1:af78:4c0:93a1
2600:9000:200c:da00:6:44e3:f8c0:93a1
2606:2800:134:1a0d:1429:742:782:b6
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700::6811:4032
2606:4700::6811:4132
2606:4700::6811:dd0f
2606:4700::6813:d983
2606:4700::6813:f77e
2620:109:c002::6cae:a0a
2620:109:c00c:104::b93f:9005
2a00:1450:4001:808::2008
2a00:1450:4001:815::2001
2a00:1450:4001:816::2002
2a00:1450:4001:816::200e
2a00:1450:4001:81c::200e
2a00:1450:4001:820::2002
2a00:1450:4001:820::2003
2a00:1450:4001:820::200a
2a00:1450:4001:821::2006
2a00:1450:4001:824::2004
2a00:1450:4001:825::2002
2a00:1450:400c:c0a::9d
2a02:26f0:6c00:28c::25ea
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.8.83.125
34.196.95.160
34.199.66.245
34.200.171.196
34.215.123.63
34.232.160.106
34.235.240.97
35.161.216.48
35.190.40.172
35.190.59.101
35.190.92.63
35.201.67.47
37.252.172.40
46.228.164.13
50.31.169.131
52.0.77.209
52.10.81.221
52.2.117.76
52.206.32.35
52.30.183.205
52.33.126.96
52.4.204.57
52.51.131.19
52.94.216.48
54.165.0.24
54.174.217.231
54.175.204.148
54.210.157.45
54.236.94.210
54.77.130.155
63.140.41.50
63.32.166.115
64.74.236.51
66.117.28.86
99.86.1.198
99.86.3.46
0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c
030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06
0341a4478ce861ef85c819b913fa0a2501836a6a2ffda8643e95e39f4a2a7de0
039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
06042f6ac2063c8e23fcce2c7c64449bae470d34c4d46f97e145242158ef15f3
08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e
0cfdd05004584b708f134ae6492e2f5062fed1848f40a0d50321c47bf0f4b788
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83
16c65cc81a500bed4c5b12329e639c8036fa17da0544b6ce8eebf5b1b28cf28b
16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8
17374005456b65e6898fc61e57ec1cd134b72cf59d2114a4c36ec8b62cac8958
179f9d198f75c2c596ca5f5106c272c924e4dd59012c0624568612eb11f9763b
1d56c4a8196ffea388207309d9f9fe87d933a2838008ebfeb003cb0c12faaced
1f984105fa8d01eee607c197a2b918604aa4c0d608f1cbf8a0f15f6502d2318d
1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378
2287b2f9f62c564184c0c0f86c59bad3eed2bbdc7259c82840cd28bc0a439ee6
2468e7cbee8db61a3406be6e331bd58e83cb8e64dd62ed4d5dd40e70f5e3e0cd
248e1405685687dcdde4650d3dc566d95c218108cc8677e419d3d33c5db6dab2
25c26304d8ffe02bedcddf818f97e3cbb186f86eb5b119a9274a50e6acf0df3f
262d54dfcec7eb70a2671aeec60cd38113508e74659558fc200dd1daa9acf04b
26e9588f101e2d6e4e66cee70b9cc964f796b42f173dcf62f494f6a30a465ed6
2720e6e8e7f3ae84079b8e84afdc637805a8886e610db0b29217947057a3a0e4
27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5
2c7b95e516f24a2da447755f07b107bd8566745dc36322a1419ef92662019cf6
2e5f6d282905384667c9ed88ca5b18dbe6bc45a9eacfdb9fc993db35fe47ee9c
2ed1e03fed787a162c3415d70cb50c1905809b1603ed964de8c0a100237f8a46
2f0e2d95e318789b840f67b7004cb30985ce2e0ef3ece7507b2b15e8441811a7
303b0d7e0e332709e871ef41d691ae850435284a539d8cbfb7027621523cb444
338e5578a7b3021caec1db415b93b214c378029d3cd8d19adc833d8b85ea7d29
3445bd22374e7449265ec9c8ae91ba255148fb1583701f636792dc933befa73b
344fc83ee040ebe9934481e6612f9034adba51287c997605aa97a8cd08e1c910
35f6540173a26af4e63d4efd93cdd0805c2d06196e34f1687ceb11761c2fe50e
3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
3fddddc4ef61779d4ee404b977efb8e7e7d8e0689fe9fbc71e628a2243e376aa
404a9b0ffbcc813e8ddbb8d8510a24a69c09079282f8083ee94f4adc5d627176
420004c433cee057c8f96aaca84e43462e63af631e5f282127cff4dff4fac815
423d51d2668cc4d1c35dd0557c3e67f8a67dd5040f702f5da69144f48421386f
43523ba06647c06c57234c0f78debd67189f7b50b9902aedebf351abe44173e2
4468e35646c229b518e5f398c5a3d6b15ba1351a71ef22692129bb32f5030ac0
460c112ca18e517ef1a6c6abb2ba5ae55187138503a10177bf1908d9261c3a19
4620483c3660f7ba753a841a2b165598e01d866d4cf58e5af711c347978d3d44
47ecf8e24654258186de2aabeeb592dc0c1f3d071b0f5b48622be67a9fd60c98
4868ca91bcd0d492c501ec5b8d44ac78d3e1226977ae14ff598f5efe78751951
4898c2b9f8c2f931ef6a819d36e0019867931d9519af933ab4bd5edce724b2a8
49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39
4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd
4b51cad50779921c134fe5f8a46df29da7bdedf5f643c331d192b6057af97992
4cc07db5e979ec8fc492f1cd9d88391360460adc0d8ce6ae568d50cc084da3e0
4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a
4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8
4fcbb793912dadc86707ace5d2c2c0bfa56d80b4b4299d46da367ee4eb440670
50ce00ed072a39317bfd698cff66f0233eb061cf02d57e07f3daa273e0effd7e
50ff1196e03a191e4ee4a384b6f46841ef8c7ea0960815a5453aa13278d86573
5197891d1dd7cf6299ccb3bbdab8e3b4105c65c118d35713dae3981d1f17ccf6
51b1a54cfb4232c26cf1e79e731f7a221a997a07bbc667df1467308c3fe84ec8
5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b
538f942b2f2641984484c009ac021e11b7962ae6feed30494c9bfc5173e0d218
5485c2db1069486409d899ca3ca2226cc23791a96a90bc0ddb5b34ef09ca8d62
5688c8e654e5b9f3d849be36bad2c5b88e7dc009d5c6ecb795cacd3d35e26777
56cf1565404f9c1926e44455a40f276f8748a3667fb7376e111ff544c39aa3d5
5905ac60b7ab6149a165229f0b22b4c85645f55a4b0eae6083da9eb7e48e463e
59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c
5bb7d60993b9cf91b64eb70de99f52cb31af5a0fad0bc655401f448f4816bffa
5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba
5ecce433fdd65965f4acae00993b06c37d0f4960c18b36312efbf96471f95474
5fba85d99192860858d3534bad3ab2350dfa191b563c52d83b6f41fd92b046ce
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
62bb6746267fe1df0dd37b00f8d6200f6bf7da0835f4df9de6e4f3ed30ccee64
62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
64230599a9383ecbe698e348ca55b33096869b8b8ffd6a8923918488629f325c
66bb845b12e6e0f06c19b336978e63dce937e08aa37d66baa5c3b40d5dc8648a
6740713340261d414578aa9ddb0154faa89b87cfdfe271f286c0431739681ecb
69bbbc9a9476877d61a5eefb20231a473a8d44b69478e177b6723167158cc32e
69df9c207667c2ef7940a78d951cda72d599be4e843d8bc43cc3b0ff2c08e280
6bb981959d783d83df88b9aa48738948c9a8a22c1a31b8cb5305d3e338ebf9a7
6bd131d59efb6aa6a2d98ce4af498a811c84f74148129e140ff5a76904ca9f74
6d018fea6749b205f0a18c8c3000b2e9d0a69810f88eeb79ce878dad54665ff6
6d6f482982f8f1a1814e279ff50df4ccc301533ca9655e4d080d6b90ec69d69e
6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a
6fffe3cffc09afa88cbc0aba9b3e9376b980a29011ba15fca117d2cdfb09ae36
725913eab3460e2955a8ac4ec176f902c7d8d2db60757248b735cbf8698b0749
725c7bc55a612ac24f0381c6f089d535113081cab5b492b540c0911ea36945ad
7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3
746e702acf29abec0770d991897634ddec9bd2d3a1c5bc39c08e7d93a9636bcc
75b5cf7bd068e50f15b143e303f0722743ae2024f107433a36fb92e67768c300
7713f8cd92d4d6de8f561a9974209f8532e11b1db64d9a20efb50cf995609db0
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207
7a6e237dfa5dce8f6dc4a3ae9f3688fc6b49d697988d9ca4ed238fc1a0c30a6a
7d04fd8c29a304afd75c2cb3e00860fdb73653a0eec57ccc12f4922d581ecbe0
7e3b9033f4ca4eb837497a36031a4c27e6905bd8a0554f81a43faaa63981ec1f
7e8d9c376f9c2619e8812440b680d6b28c3ed51cb6e7e71ea877fe5441aa9215
7f33b408bb432a25329b099b791cea12ed1f0d320e5ee40780c233507251e4f2
807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752
825614864dd2332974044ff99c9661f05f9500150b5f3339b683e28ed353c3bd
82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391
82e8ba95aa1cacb713e907bfd0c3beff3f2a6a9fe8dc2abf0a024654386ea0d2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377
844c37a72e87bef80e24829f54a4b824c29424cc89e2de915eb8b5f18342bcb2
852e636040ee34d67eb8b11fff1015f762b261a95f58e29771d7c2f63c795a8b
86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a
89509d0e523f21696446882850e90f9d5919a16c7aba2ee3848b9dea33c3b0f0
89d1f7ea9f5180ecaeb9026a9f22d66e7cb4a7f6842dee215980c5d2d14a94bc
8b5e23b2d300b18635623a11dce1f91fcbb4dea92d9b7d24a13a709102bf9737
8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69
8c6f01011ba9fb737c9c9a7ad1aa841dfd740f20f858dd556458ad8f839fccf0
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
8f0cefd04b0620126cc85dec115db169f5e5aa1993a11b8ef277d7984f8685d8
8f18d2dbb06d9b6e11f1ce534033538ed1d2fd36eeb72661a8f57099608987b2
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab
9a425fc348afedf03100a9a5cccb756c1a00818d57e4a2bbb1c032111f0ac454
9b133863146a5f391e8cee0842cafc7498ae89b6f79edbecfc842055342c1fe2
9c6ea1ab4588c0be7dc9cb629aa641415dd91acaea7084de6921a7ffa2299bfb
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9fbf8629762fc602d5b2497945691093e20e0e3c5dbcd5667f91387484f661ec
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a364d999a39b6964fa5ffba9801ae2d00111af45d45b910d1b412990cfdf4370
a5144eac32861f3e0d84fb1d85d9be7292605043decaf4ea95bda26bdf66cc0b
a58fe84f39cc5f886751461a855297d43a3909ae323d4a0064c0a9ffbf1803c3
a742cd3ac0f18dba9a942bd971db58414bdc23c3845af4474213e7b5913917c2
a8776cd5d9b452db19ebf8c02c4eaabe3dbfa40731a5f0385884650861d457a6
a940c62e737f5df02b1e71325c0d63006de29074dbd1641181b8d5ca6b0cc155
a9e8a6bef7b0d2d7843c8d96d5c3828c935c86fa264f2097e5e0ddd72cef209b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aea9d38365ba4de33b7280f70c18f7d66d59dea245ac3fd3312680173a712d91
afc8fd115dd98ebd6904f54467adda649f1bdd808429d4809076963c0496555b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
aff8299844f20b3cff588e2f91c8809671cd069e034bd3e26e3dfc42ab5f6ddb
b0e82f9ce6c1510f32a8e18c9581ba6573b6988dabdd3f2ed6c1ba08eff85cb9
b19dd5778845b9f9854149a207a7a220a12c66c5b862917b1d02436f9007103d
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b953349d4a251b552db4844bbe7e5e99b193288ae05a174795845da11855f478
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
c0868291bf7ee06819a5d6f492858dfafb3d8ef15deae431f054017a9088d3c3
c139b8dd7b1ccda2813ae79d127d1c0256f91a71fce5581887a1d5fbbca81bde
c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34
c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2
c3531ed2c934e5daee80955db42a0245d666131e6322c6ec6985992922520ab4
c46974d8f6030e4888708b18a5d9a32b25eb765a5708896e1899df449d87aab7
c7f2558d7005dc61e343b6abb61a63da8ace760a0fdd45cb0cc124b0de5b4c2f
c9c3a2accaad3854ce020c900848c590510dafe4e60936de86454cd31e5f9eb7
ca35b31db046f7bc4c92ef1c5df3a92eb6a8a4fcc5e3e736064f6c2a05a718c4
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca6fd08300ee5329565fbb6937f74ce4f52a7de2e7c690e04548e90144545e9b
caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfcdfbf144964c03b23e6e63abfeeeb923eedda0c421f6279bad5040ef5a3dd1
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3
d5f3418a3fa657175d5341b5e032be036cb4d5818de5d1497f2175be5a7e3701
d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa
db743eb52236d80e2d05734949cf9d6236637a0470228e1b62e812cfbf8f947c
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd261883873740a78bac0e65e1cef85b5fcc28635db0ec6c77fdedc60dc88862
dd7bf70750dd60e2e47ef30369b2dec0f0c0d1f0fa27d5d819a51389cc2ebd73
de7e987b13a516c3c85e56d6b661929539d01906f8bd15f4440af2c6ed93d6ab
ded8aafe08adcc23835de89f62fbee0b98184f32296c7679ab5b5a358f044f63
def8b1b4acb8af33768482c30df84198d8586642bb9012441a4733eb806d5db7
dfd408b32e7b286626d2dc64ad58c94fedc6abd121b9d838c6fc1482ad93ed1c
e014974a17d0f6e6775b4fcf5e53e2b0f3570edc070104c75d34a07d8dac4cc5
e26fdccb214e020f70cf2aede7b77d5dc51854e23b3acbb4bcff0018773a636f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53759cbefbca7ac3585c5a7586b03a20b664142fa2bb668ba1d11213c97f423
e5f875cc88451316617f5ce12096acd0702cacbfe87dd741838151e2a1dc74e6
e6b7af9cebec6e08f0d84046a51912d2e7dac2070a46d3d4ecf42673432f76ac
ed86af54b875e74d1f45f0e835237ecb7f8d1bd3f06d51c9586576ef756a372e
ee0b073a6e108bae553cefc4977268d998facd834934bb9888f34c80198f34e6
eecb8397baf04b7717d3b03dcda1d287218ae1d25ddedc662497f61b044d7ce8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdbd8582066a12cf45115f1e150d2a8de06bf6b14db3feca98b116efeb9e0bb
eff461c78fc1534cb3117febd1aa549ea250df165c1276f95b560e50a8ba0d0a
f0dbb63f9fc23558751866752892d2b1cf2c488744ce3a63a8ee53ee980adf69
f6ad658b40a08500387fc7704d972148f6626f3c3d243f55b87a65be62f85e6b
f77676385ed899908297ac3d793b6f79b7a342438ba59b9878678c42a8a7ffa1
f7e36a47d749d3ceca7e6b363f781302c1bda76fa09b141ea274549913cd061d
f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d
f9784f57729f84391b084eed9e944e048f771129d65e9b58f34095fdfba86473
f9c96666149eee7854565396eafd702e0aa3cfa26f7c0f889517fa01e8ce2398
fafacd939f169a4c75c357d1644184138e4c9b770dc6ccbf2cdc5a175fbf3e0b
fc0d336903df48aa21dd94a29e7f69c14e6f996d04f2df9291811429ff970cac
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fecc76575602843bd1e8c25001267473ae6f40885323a99b168ea4f4d7a7c7d7
ffcd9849c2aefdce1104fa3e285d9d8ffd2d7caf0e0f4cbe2b3955e3a3059271