urlscan.io logo urlscan.io
SecurityTrails logo

arstechnica.com Open in urlscan Pro
3.14.94.35  Public Scan

Go To Rescan Add Verdict Report
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-sin...
Submission: On March 11 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 160 IPs in 9 countries across 150 domains to perform 790 HTTP transactions. The main IP is 3.14.94.35, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is arstechnica.com. The Cisco Umbrella rank of the primary domain is 34982.
TLS certificate: Issued by Amazon on November 29th 2021. Valid for: a year.
This is the only time arstechnica.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 3.14.94.35 16509 (AMAZON-02)
18 205.234.175.175 23352 (SERVERCEN...)
6 2606:4700::68... 13335 (CLOUDFLAR...)
10 2607:f8b0:400... 15169 (GOOGLE)
4 143.204.137.197 16509 (AMAZON-02)
4 45 23.52.162.21 16625 (AKAMAI-AS)
35 23.52.163.40 16625 (AKAMAI-AS)
9 23.52.162.190 16625 (AKAMAI-AS)
5 99.84.42.58 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 151.139.128.11 20446 (STACKPATH...)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 34.226.51.171 14618 (AMAZON-AES)
2 52.3.57.166 14618 (AMAZON-AES)
1 99.84.125.75 16509 (AMAZON-02)
2 151.101.192.239 54113 (FASTLY)
1 35.190.59.101 15169 (GOOGLE)
3 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
3 23.52.164.28 16625 (AKAMAI-AS)
37 142.250.176.194 15169 (GOOGLE)
1 151.101.128.239 54113 (FASTLY)
1 2606:4700::68... 13335 (CLOUDFLAR...)
13 2607:f8b0:400... 15169 (GOOGLE)
1 13.33.86.49 16509 (AMAZON-02)
1 18.223.55.244 16509 (AMAZON-02)
45 99.84.120.215 16509 (AMAZON-02)
2 52.202.90.162 14618 (AMAZON-AES)
1 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
16 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 72.21.195.65 16509 (AMAZON-02)
1 25 52.43.199.141 16509 (AMAZON-02)
2 7 2620:116:800b... 14618 (AMAZON-AES)
1 146.75.28.157 54113 (FASTLY)
1 99.84.42.94 16509 (AMAZON-02)
1 34.120.253.250 15169 (GOOGLE)
3 7 2620:112:f002... 6336 (TURN-US-ASN)
1 35.84.228.30 16509 (AMAZON-02)
1 2600:141b:13:... 20940 (AKAMAI-ASN1)
6 2a03:2880:f01... 32934 (FACEBOOK)
1 99.84.42.90 16509 (AMAZON-02)
4 23.216.132.60 20940 (AKAMAI-ASN1)
1 2600:9000:212... 16509 (AMAZON-02)
4 13 13.33.60.43 16509 (AMAZON-02)
8 21 35.190.60.146 15169 (GOOGLE)
2 2 107.178.254.65 15169 (GOOGLE)
25 37 142.251.40.194 15169 (GOOGLE)
1 1 34.98.67.3 15169 (GOOGLE)
10 13 107.178.246.49 15169 (GOOGLE)
15 16 3.33.220.150 16509 (AMAZON-02)
1 146.75.30.132 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
1 54.164.187.255 14618 (AMAZON-AES)
2 52.2.129.5 14618 (AMAZON-AES)
31 34.232.146.139 14618 (AMAZON-AES)
5 2602:803:c002... 26667 (RUBICONPR...)
3 23.66.229.102 16625 (AKAMAI-AS)
6 18 68.67.161.212 29990 (ASN-APPNEX)
5 34.236.83.94 14618 (AMAZON-AES)
5 26 35.244.159.8 15169 (GOOGLE)
3 34.107.148.139 15169 (GOOGLE)
2 35.81.86.185 16509 (AMAZON-02)
1 1 54.205.17.116 14618 (AMAZON-AES)
6 2607:f8b0:400... 15169 (GOOGLE)
8 13.33.81.81 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
4 5 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 13.107.42.14 8068 (MICROSOFT...)
1 3 104.18.102.194 13335 (CLOUDFLAR...)
2 99.83.154.140 16509 (AMAZON-02)
1 34.213.88.197 16509 (AMAZON-02)
1 44.235.32.190 16509 (AMAZON-02)
4 4 68.67.161.210 29990 (ASN-APPNEX)
1 11 44.240.184.96 16509 (AMAZON-02)
7 30 104.36.115.109 62713 (AS-PUBMATIC)
3 3 50.19.69.187 14618 (AMAZON-AES)
13 13 199.127.204.142 26120 (RHYTHMONE)
12 12 74.121.140.14 30419 (MEDIAMATH...)
2 34.98.72.95 15169 (GOOGLE)
1 2600:9000:214... 16509 (AMAZON-02)
1 143.204.146.92 16509 (AMAZON-02)
1 13.33.60.107 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 15 209.54.180.144 16509 (AMAZON-02)
1 66.225.223.127 3949 (NTTA-3946)
2 104.244.42.67 13414 (TWITTER)
1 104.244.42.69 13414 (TWITTER)
1 143.204.146.2 16509 (AMAZON-02)
1 18.232.14.164 14618 (AMAZON-AES)
5 7 184.85.195.135 16625 (AKAMAI-AS)
8 8 64.74.236.127 19024 (INTERNAP-...)
19 70.42.32.159 22075 (AS-OUTBRAIN)
1 18.176.120.50 16509 (AMAZON-02)
1 3.210.148.149 14618 (AMAZON-AES)
4 6 44.238.176.75 16509 (AMAZON-02)
6 6 35.207.24.140 15169 (GOOGLE)
14 17 35.211.178.172 15169 (GOOGLE)
4 5 74.119.119.150 19750 (AS-CRITEO)
1 2 35.211.168.6 19527 (GOOGLE-2)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 2 3.233.22.19 14618 (AMAZON-AES)
1 52.6.194.164 14618 (AMAZON-AES)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
2 7 8.43.72.97 26667 (RUBICONPR...)
1 192.132.33.46 18568 (BIDTELLECT)
2 4 52.206.174.18 14618 (AMAZON-AES)
2 2 52.0.156.250 14618 (AMAZON-AES)
2 3 192.35.249.120 11742 (SPOTX-IAD)
3 4 8.28.7.82 62713 (AS-PUBMATIC)
4 4 52.116.221.248 36351 (SOFTLAYER)
3 3 54.158.197.5 14618 (AMAZON-AES)
6 11 54.175.87.114 14618 (AMAZON-AES)
1 1 52.54.42.45 14618 (AMAZON-AES)
1 2 2600:9000:214... 16509 (AMAZON-02)
2 2 199.187.193.181 47043 (SMARTADSE...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
3 3 129.159.70.95 31898 (ORACLE-BM...)
1 1 44.200.208.73 14618 (AMAZON-AES)
1 52.7.157.94 14618 (AMAZON-AES)
1 52.11.239.202 16509 (AMAZON-02)
9 2607:f8b0:400... 15169 (GOOGLE)
3 99.84.125.95 16509 (AMAZON-02)
6 2a03:2880:f11... 32934 (FACEBOOK)
1 54.224.102.47 14618 (AMAZON-AES)
1 34.226.175.205 14618 (AMAZON-AES)
22 2607:f8b0:400... 15169 (GOOGLE)
12 99.84.125.99 16509 (AMAZON-02)
1 99.84.125.103 16509 (AMAZON-02)
2 13.33.60.29 16509 (AMAZON-02)
1 34.120.155.137 15169 (GOOGLE)
3 23.52.160.130 16625 (AKAMAI-AS)
4 23.73.244.44 16625 (AKAMAI-AS)
4 51 23.52.167.93 16625 (AKAMAI-AS)
1 18.215.24.252 14618 (AMAZON-AES)
2 3 34.229.3.43 14618 (AMAZON-AES)
1 2a02:6ea0:c40... 60068 (CDN77 ^_^)
1 5 198.148.27.140 19189 (PULSEPOINT)
2 2 35.71.139.29 16509 (AMAZON-02)
5 9 2620:112:f002... 6336 (TURN-US-ASN)
12 12 151.101.66.49 54113 (FASTLY)
2 9 2600:1f18:4e9... 14618 (AMAZON-AES)
4 4 207.198.113.178 13768 (COGECO-PEER1)
1 99.80.161.153 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 23.198.216.120 16625 (AKAMAI-AS)
3 2620:100:a001::c 19750 (AS-CRITEO)
5 5 199.38.167.128 54312 (ROCKETFUEL)
12 12 2606:ae80:145... 25751 (VALUECLICK)
5 5 3.211.35.116 14618 (AMAZON-AES)
1 1 198.24.171.51 19437 (SS-ASH)
4 34.199.73.116 14618 (AMAZON-AES)
9 9 35.190.90.30 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
2 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 75.101.138.186 14618 (AMAZON-AES)
4 5 54.156.48.24 14618 (AMAZON-AES)
1 2 35.227.252.103 15169 (GOOGLE)
2 2 52.203.60.58 14618 (AMAZON-AES)
7 34.111.8.32 15169 (GOOGLE)
4 4 8.43.72.98 26667 (RUBICONPR...)
1 52.94.223.37 16509 (AMAZON-02)
4 142.251.40.226 15169 (GOOGLE)
8 8 54.236.214.209 14618 (AMAZON-AES)
6 6 51.161.117.180 16276 (OVH)
1 2 169.197.150.8 398989 (DEEPINTENT)
3 4 185.167.164.37 198622 (ADFORM)
1 1 174.129.136.41 14618 (AMAZON-AES)
3 23.50.53.184 20940 (AKAMAI-ASN1)
1 2 34.199.214.21 14618 (AMAZON-AES)
2 23.52.161.180 16625 (AKAMAI-AS)
2 2 35.207.10.239 15169 (GOOGLE)
1 1 67.202.105.21 32748 (STEADFAST)
3 2607:f8b0:400... 15169 (GOOGLE)
2 34.199.124.234 14618 (AMAZON-AES)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
1 8.28.7.81 62713 (AS-PUBMATIC)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.250.64.102 15169 (GOOGLE)
1 1 54.85.186.77 14618 (AMAZON-AES)
2 2 173.231.178.82 29791 (VOXEL-DOT...)
1 2 54.234.215.67 14618 (AMAZON-AES)
1 1 69.90.254.78 13768 (COGECO-PEER1)
2 2 52.5.237.191 14618 (AMAZON-AES)
3 3 38.27.122.101 174 (COGENT-174)
1 1 104.45.178.220 8075 (MICROSOFT...)
3 3 104.107.15.75 16625 (AKAMAI-AS)
1 1 172.105.221.29 63949 (LINODE-AP...)
1 1 2a04:4e42:200... 54113 (FASTLY)
1 151.101.129.44 54113 (FASTLY)
3 104.36.115.114 62713 (AS-PUBMATIC)
1 2 38.67.14.233 174 (COGENT-174)
2 3 35.190.52.204 15169 (GOOGLE)
2 2607:f8b0:401... 15169 (GOOGLE)
3 4 2600:1901:0:8... 15169 (GOOGLE)
7 7 2600:1f18:1c9... 14618 (AMAZON-AES)
1 1 104.16.109.154 13335 (CLOUDFLAR...)
1 199.187.193.185 47043 (SMARTADSE...)
1 63.251.28.219 13789 (INTERNAP-...)
1 34.232.5.62 14618 (AMAZON-AES)
1 23.195.109.72 16625 (AKAMAI-AS)
1 3.211.82.118 14618 (AMAZON-AES)
1 1 38.67.14.224 174 (COGENT-174)
1 1 54.209.12.215 14618 (AMAZON-AES)
1 1 3.216.55.148 14618 (AMAZON-AES)
1 2600:1f16:e61... 16509 (AMAZON-02)
1 1 51.210.112.63 16276 (OVH)
2 2 64.58.232.176 13649 (ASN-VINS)
1 2 64.58.232.180 13649 (ASN-VINS)
1 142.251.40.162 15169 (GOOGLE)
790 160
3    3.14.94.35 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-14-94-35.us-east-2.compute.amazonaws.com
arstechnica.com
18    205.234.175.175 (Leesburg, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
cdn.arstechnica.net
6    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
10    2607:f8b0:4006:80d::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagservices.com
adservice.google.ca
googleads.g.doubleclick.net
4    143.204.137.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-137-197.ewr52.r.cloudfront.net
c.amazon-adsystem.com
45    23.52.162.21 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-21.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
as-sec.casalemedia.com
dsum.casalemedia.com
35    23.52.163.40 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-163-40.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
9    23.52.162.190 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-162-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
5    99.84.42.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-58.ewr52.r.cloudfront.net
player.cnevids.com
2    2606:4700::6813:da83 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.mediavoice.com
plugin.mediavoice.com
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
s.skimresources.com
2    2607:f8b0:4006:80c::2008 (Queens, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2606:4700:10::6814:b844 (United States)

ASN13335 (CLOUDFLARENET, US)
geolocation.onetrust.com
1    34.226.51.171 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-51-171.compute-1.amazonaws.com
segment-data.zqtk.net
2    52.3.57.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-57-166.compute-1.amazonaws.com
api.cnevids.com
1    99.84.125.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-125-75.ewr52.r.cloudfront.net
cdn.memo.co
2    151.101.192.239 (United States)

ASN54113 (FASTLY, US)
pixel.condenastdigital.com
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
3    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
3    23.52.164.28 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-164-28.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
37    142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net
securepubads.g.doubleclick.net
pubads.g.doubleclick.net
1    151.101.128.239 (United States)

ASN54113 (FASTLY, US)
api.condenast.io
1    2606:4700::6811:4132 (United States)

ASN13335 (CLOUDFLARENET, US)
polarcdn-terrax.com
13    2607:f8b0:4006:81d::200e (Queens, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.33.86.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-86-49.ewr52.r.cloudfront.net
z-na.associates-amazon.com
1    18.223.55.244 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-223-55-244.us-east-2.compute.amazonaws.com
mb.moatads.com
45    99.84.120.215 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-120-215.ewr52.r.cloudfront.net
dwgyu36up6iuz.cloudfront.net
2    52.202.90.162 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-90-162.compute-1.amazonaws.com
elsa.memoinsights.com
1    2607:f8b0:4006:823::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.ca
4    2607:f8b0:4006:81c::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
adservice.google.com
16    2607:f8b0:4006:817::2001 (Queens, United States)

ASN15169 (GOOGLE, US)
56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
tpc.googlesyndication.com
1    2607:f8b0:4006:821::200e (Queens, United States)

ASN15169 (GOOGLE, US)
ampcid.google.com
2    72.21.195.65 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
assoc-na.associates-amazon.com
25    52.43.199.141 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-199-141.us-west-2.compute.amazonaws.com
dpm.demdex.net
7    2620:116:800b:21:f716:921a:893c:c3d8 (United States)

ASN14618 (AMAZON-AES, US)
secure.quantserve.com
pixel.quantserve.com
1    146.75.28.157 (Ashburn, United States)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    99.84.42.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-94.ewr52.r.cloudfront.net
ak.sail-horizon.com
1    34.120.253.250 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com
tag.bounceexchange.com
7    2620:112:f002:bbbb::23 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
1    35.84.228.30 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-84-228-30.us-west-2.compute.amazonaws.com
a.ad.gt
1    2600:141b:13::17d7:82d1 (New York, United States)

ASN20940 (AKAMAI-ASN1, NL)
snap.licdn.com
6    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    99.84.42.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-90.ewr52.r.cloudfront.net
static.hotjar.com
4    23.216.132.60 (Piscataway, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-132-60.deploy.static.akamaitechnologies.com
analytics.tiktok.com
1    2600:9000:2120:9000:1d:8c8c:47c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-magiclinks.trackonomics.net
13    13.33.60.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-43.ewr52.r.cloudfront.net
sb.scorecardresearch.com
ads.scorecardresearch.com
21    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
id.rlcdn.com
2    107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
37    142.251.40.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f2.1e100.net
cm.g.doubleclick.net
1    34.98.67.3 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com
tags.rd.linksynergy.com
13    107.178.246.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com
pixel.tapad.com
16    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    146.75.30.132 (Ashburn, United States)

ASN54113 (FASTLY, US)
odb.outbrain.com
1    2607:f8b0:4006:822::200e (Queens, United States)

ASN15169 (GOOGLE, US)
ampcid.google.ca
1    54.164.187.255 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-187-255.compute-1.amazonaws.com
infinityid.condenastdigital.com
2    52.2.129.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-129-5.compute-1.amazonaws.com
4d.condenastdigital.com
31    34.232.146.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-146-139.compute-1.amazonaws.com
capture.condenastdigital.com
5    2602:803:c002:200::62 (United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    23.66.229.102 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-66-229-102.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
18    68.67.161.212 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
5    34.236.83.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-83-94.compute-1.amazonaws.com
c2shb.ssp.yahoo.com
26    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
condenastus-d.openx.net
us-u.openx.net
u.openx.net
3    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    35.81.86.185 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-86-185.us-west-2.compute.amazonaws.com
condenast.demdex.net
1    54.205.17.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-17-116.compute-1.amazonaws.com
cm.everesttech.net
6    2607:f8b0:4006:820::200a (Queens, United States)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
fonts.googleapis.com
8    13.33.81.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-81-81.ewr52.r.cloudfront.net
d2c8v52ll5s99u.cloudfront.net
2    2607:f8b0:4004:c0b::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
5    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px4.ads.linkedin.com
3    104.18.102.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
1    34.213.88.197 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-88-197.us-west-2.compute.amazonaws.com
aufp.io
1    44.235.32.190 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-235-32-190.us-west-2.compute.amazonaws.com
p.ad.gt
4    68.67.161.210 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 805.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
11    44.240.184.96 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-184-96.us-west-2.compute.amazonaws.com
ids.ad.gt
30    104.36.115.109 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
3    50.19.69.187 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-69-187.compute-1.amazonaws.com
ad.360yield.com
ice.360yield.com
13    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
12    74.121.140.14 (Reston, United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    34.98.72.95 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com
assets.bounceexchange.com
1    2600:9000:2140:2000:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    143.204.146.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-92.ewr52.r.cloudfront.net
script.hotjar.com
1    13.33.60.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-107.ewr52.r.cloudfront.net
fpa-cdn.arstechnica.com
4    2607:f8b0:4006:80b::2004 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.com
2    2607:f8b0:4006:80c::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
www.google.ca
15    209.54.180.144 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    66.225.223.127 (United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com
mcdp-sadc1.outbrain.com
2    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    143.204.146.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-146-2.ewr52.r.cloudfront.net
vars.hotjar.com
1    18.232.14.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-232-14-164.compute-1.amazonaws.com
pbs.getpublica.com
7    184.85.195.135 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-85-195-135.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
x.dlx.addthis.com
8    64.74.236.127 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
19    70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    18.176.120.50 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-120-50.ap-northeast-1.compute.amazonaws.com
sync-jp.im-apps.net
1    3.210.148.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-148-149.compute-1.amazonaws.com
beacon.krxd.net
6    44.238.176.75 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-176-75.us-west-2.compute.amazonaws.com
aa.agkn.com
6    35.207.24.140 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 140.24.207.35.bc.googleusercontent.com
rtb.mfadsrvr.com
17    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
5    74.119.119.150 (United States)

ASN19750 (AS-CRITEO, US)
dis.criteo.com
2    35.211.168.6 (North Charleston, United States)

ASN19527 (GOOGLE-2, US)
PTR: 6.168.211.35.bc.googleusercontent.com
sofia.trustx.org
1    85.114.159.93 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    3.233.22.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-22-19.compute-1.amazonaws.com
ps.eyeota.net
1    52.6.194.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-194-164.compute-1.amazonaws.com
id.geistm.com
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
7    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
4    52.206.174.18 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-174-18.compute-1.amazonaws.com
sync.crwdcntrl.net
2    52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com
loadus.exelator.com
3    192.35.249.120 (Ashburn, United States)

ASN11742 (SPOTX-IAD, US)
sync.search.spotxchange.com
4    8.28.7.82 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
4    52.116.221.248 (United States)

ASN36351 (SOFTLAYER, US)
PTR: f8.dd.7434.ip4.static.sl-reverse.com
um.simpli.fi
3    54.158.197.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-197-5.compute-1.amazonaws.com
pixel.advertising.com
11    54.175.87.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-87-114.compute-1.amazonaws.com
ups.analytics.yahoo.com
1    52.54.42.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-42-45.compute-1.amazonaws.com
cs.emxdgt.com
2    2600:9000:2140:6400:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    199.187.193.181 (Canada)

ASN47043 (SMARTADSERVER, CA)
ssbsync.smartadserver.com
ssbsync-us.smartadserver.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
3    129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
1    44.200.208.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-200-208-73.compute-1.amazonaws.com
sync.hgrtb.com
1    52.7.157.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-157-94.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
1    52.11.239.202 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-239-202.us-west-2.compute.amazonaws.com
pixels.ad.gt
9    2607:f8b0:4006:808::2006 (Queens, United States)

ASN15169 (GOOGLE, US)
s0.2mdn.net
3    99.84.125.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-125-95.ewr52.r.cloudfront.net
check.analytics.rlcdn.com
6    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    54.224.102.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-102-47.compute-1.amazonaws.com
srv-1970-01-01-00.pixel.parsely.com
1    34.226.175.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-226-175-205.compute-1.amazonaws.com
fpa-events.arstechnica.com
22    2607:f8b0:4006:820::2002 (Queens, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
12    99.84.125.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-125-99.ewr52.r.cloudfront.net
dp8hsntg6do36.cloudfront.net
1    99.84.125.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-125-103.ewr52.r.cloudfront.net
fr-actions.trackonomics.net
2    13.33.60.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-29.ewr52.r.cloudfront.net
trx-hub.com
1    34.120.155.137 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 137.155.120.34.bc.googleusercontent.com
api.rlcdn.com
3    23.52.160.130 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-160-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
4    23.73.244.44 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-244-44.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
51    23.52.167.93 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-167-93.deploy.static.akamaitechnologies.com
contextual.media.net
hbx.media.net
cs.media.net
c21lg-d.media.net
warp.media.net
hblg.media.net
1    18.215.24.252 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-24-252.compute-1.amazonaws.com
id.sv.rkdms.com
3    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadm.exelator.com
1    2a02:6ea0:c400::12 (New York, United States)

ASN60068 (CDN77 ^_^, GB)
load77.exelator.com
5    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
9    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
presentation-atl1.turn.com
r.turn.com
12    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
9    2600:1f18:4e9:5a02:46a:34b7:83ca:e02c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
pr-bh.ybp.yahoo.com
4    207.198.113.178 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    99.80.161.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-161-153.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    23.198.216.120 (Piscataway, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-198-216-120.deploy.static.akamaitechnologies.com
su.addthis.com
3    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
5    199.38.167.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
12    2606:ae80:1450:16::2040 (United States)

ASN25751 (VALUECLICK, US)
medianet-match.dotomi.com
pulsepoint-match.dotomi.com
casale-match.dotomi.com
pubmatic-match.dotomi.com
5    3.211.35.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-35-116.compute-1.amazonaws.com
pm.w55c.net
1    198.24.171.51 (Ashburn, United States)

ASN19437 (SS-ASH, US)
server.cpmstar.com
4    34.199.73.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-73-116.compute-1.amazonaws.com
dmp.adblade.com
9    35.190.90.30 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 30.90.190.35.bc.googleusercontent.com
odr.mookie1.com
3    2607:f8b0:4006:817::200e (Queens, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
3    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    75.101.138.186 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-75-101-138-186.compute-1.amazonaws.com
d.adroll.com
5    54.156.48.24 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-48-24.compute-1.amazonaws.com
i.liadm.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    52.203.60.58 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-60-58.compute-1.amazonaws.com
sync.ipredictive.com
7    34.111.8.32 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 32.8.111.34.bc.googleusercontent.com
api.bounceexchange.com
events.bouncex.net
dfp.bouncex.net
4    8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    52.94.223.37 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    142.251.40.226 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net
googleads4.g.doubleclick.net
8    54.236.214.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-214-209.compute-1.amazonaws.com
match.prod.bidr.io
6    51.161.117.180 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns572508.ip-51-161-117.net
gu.dyntrk.com
2    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
4    185.167.164.37 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    174.129.136.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-174-129-136-41.compute-1.amazonaws.com
nep.advangelists.com
3    23.50.53.184 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-53-184.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
rogersadops-a.akamaihd.net
2    34.199.214.21 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-214-21.compute-1.amazonaws.com
um2.eqads.com
2    23.52.161.180 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-52-161-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    35.207.10.239 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 239.10.207.35.bc.googleusercontent.com
ssp.behave.com
1    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
dp2.33across.com
3    2607:f8b0:4006:808::2003 (Queens, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    34.199.124.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-124-234.compute-1.amazonaws.com
rtb.adentifi.com
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
1    8.28.7.81 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    2606:4700::6812:b4f (United States)

ASN13335 (CLOUDFLARENET, US)
idpix.media6degrees.com
1    142.250.64.102 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f6.1e100.net
ad.doubleclick.net
1    54.85.186.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-186-77.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    173.231.178.82 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
2    54.234.215.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-234-215-67.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    69.90.254.78 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
ums.acuityplatform.com
2    52.5.237.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-237-191.compute-1.amazonaws.com
ads.creative-serving.com
3    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
1    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
3    104.107.15.75 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-107-15-75.deploy.static.akamaitechnologies.com
px.owneriq.net
1    172.105.221.29 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1875-29.members.linode.com
gocm.c.appier.net
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
3    104.36.115.114 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    38.67.14.233 (Fredericksburg, United States)

ASN174 (COGENT-174, US)
pmp.mxptint.net
3    35.190.52.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.52.190.35.bc.googleusercontent.com
tag.yieldoptimizer.com
2    2607:f8b0:4012:814::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
4    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
pbid.pro-market.net
7    2600:1f18:1c96:4103:8c46:e608:3238:e5d3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
sync.tidaltv.com
1    104.16.109.154 (None, )

ASN13335 (CLOUDFLARENET, US)
dmp.truoptik.com
1    199.187.193.185 (Canada)

ASN47043 (SMARTADSERVER, CA)
rtb-csync.smartadserver.com
1    63.251.28.219 (United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
1    34.232.5.62 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-5-62.compute-1.amazonaws.com
match.sharethrough.com
1    23.195.109.72 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-109-72.deploy.static.akamaitechnologies.com
sync.teads.tv
1    3.211.82.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-211-82-118.compute-1.amazonaws.com
bpi.rtactivate.com
1    38.67.14.224 (Fredericksburg, United States)

ASN174 (COGENT-174, US)
abp.mxptint.net
1    54.209.12.215 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-12-215.compute-1.amazonaws.com
aorta.clickagy.com
1    3.216.55.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-216-55-148.compute-1.amazonaws.com
usermatch.krxd.net
1    2600:1f16:e61:3f01:a4e3:c039:b71b:e458 (Columbus, United States)

ASN16509 (AMAZON-02, US)
dmp.v.fwmrm.net
1    51.210.112.63 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-3.cloudy.ovh
pixel.onaudience.com
2    64.58.232.176 (United States)

ASN13649 (ASN-VINS, US)
global.ib-ibi.com
2    64.58.232.180 (United States)

ASN13649 (ASN-VINS, US)
ib.mookie1.com
1    142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
83 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
pubads.g.doubleclick.net — Cisco Umbrella Rank: 494
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
ad.doubleclick.net — Cisco Umbrella Rank: 181
234 KB
65 cloudfront.net
dwgyu36up6iuz.cloudfront.net
d2c8v52ll5s99u.cloudfront.net
dp8hsntg6do36.cloudfront.net
3 MB
54 media.net
prebid.media.net — Cisco Umbrella Rank: 1081
contextual.media.net — Cisco Umbrella Rank: 469
hbx.media.net — Cisco Umbrella Rank: 1208
cs.media.net — Cisco Umbrella Rank: 1593
c21lg-d.media.net — Cisco Umbrella Rank: 1504
warp.media.net — Cisco Umbrella Rank: 1895
hblg.media.net — Cisco Umbrella Rank: 1367
188 KB
41 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 409
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 476
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
as-sec.casalemedia.com — Cisco Umbrella Rank: 1068
dsum.casalemedia.com — Cisco Umbrella Rank: 1197
56 KB
40 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 774
image8.pubmatic.com — Cisco Umbrella Rank: 570
ads.pubmatic.com — Cisco Umbrella Rank: 419
image6.pubmatic.com — Cisco Umbrella Rank: 571
simage2.pubmatic.com — Cisco Umbrella Rank: 554
image4.pubmatic.com — Cisco Umbrella Rank: 765
simage4.pubmatic.com — Cisco Umbrella Rank: 1012
39 KB
39 googlesyndication.com
56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
ade.googlesyndication.com — Cisco Umbrella Rank: 263
364 KB
36 condenastdigital.com
pixel.condenastdigital.com — Cisco Umbrella Rank: 13748
infinityid.condenastdigital.com — Cisco Umbrella Rank: 18911
4d.condenastdigital.com — Cisco Umbrella Rank: 14301
capture.condenastdigital.com — Cisco Umbrella Rank: 11566
20 KB
36 moatads.com
z.moatads.com — Cisco Umbrella Rank: 329
mb.moatads.com — Cisco Umbrella Rank: 587
px.moatads.com — Cisco Umbrella Rank: 392
621 KB
30 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1147
widget-pixels.outbrain.com — Cisco Umbrella Rank: 1428
odb.outbrain.com — Cisco Umbrella Rank: 1329
mcdp-sadc1.outbrain.com — Cisco Umbrella Rank: 2236
sync.outbrain.com — Cisco Umbrella Rank: 720
104 KB
28 openx.net
condenastus-d.openx.net — Cisco Umbrella Rank: 23184
us-u.openx.net — Cisco Umbrella Rank: 323
u.openx.net — Cisco Umbrella Rank: 621
rtb.openx.net — Cisco Umbrella Rank: 1359
5 KB
27 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 184
condenast.demdex.net — Cisco Umbrella Rank: 20639
31 KB
25 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 682
ups.analytics.yahoo.com — Cisco Umbrella Rank: 268
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
14 KB
25 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
secure.adnxs.com — Cisco Umbrella Rank: 359
acdn.adnxs.com — Cisco Umbrella Rank: 523
76 KB
25 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 281
id.rlcdn.com — Cisco Umbrella Rank: 565
check.analytics.rlcdn.com — Cisco Umbrella Rank: 3425
api.rlcdn.com — Cisco Umbrella Rank: 713
3 KB
20 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 412
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 942
eus.rubiconproject.com — Cisco Umbrella Rank: 503
pixel.rubiconproject.com — Cisco Umbrella Rank: 289
token.rubiconproject.com — Cisco Umbrella Rank: 595
33 KB
20 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 275
s.amazon-adsystem.com — Cisco Umbrella Rank: 260
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1352
54 KB
18 arstechnica.net
cdn.arstechnica.net — Cisco Umbrella Rank: 45436
874 KB
17 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 257
7 KB
16 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 293
9 KB
16 turn.com
d.turn.com — Cisco Umbrella Rank: 652
ad.turn.com — Cisco Umbrella Rank: 690
presentation-atl1.turn.com — Cisco Umbrella Rank: 4545
r.turn.com — Cisco Umbrella Rank: 2672
10 KB
14 ad.gt
a.ad.gt — Cisco Umbrella Rank: 4610
p.ad.gt — Cisco Umbrella Rank: 5220
ids.ad.gt — Cisco Umbrella Rank: 4157
pixels.ad.gt — Cisco Umbrella Rank: 5088
19 KB
13 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 878
sync-tm.everesttech.net — Cisco Umbrella Rank: 490
2 KB
13 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 365
5 KB
13 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 125
ads.scorecardresearch.com — Cisco Umbrella Rank: 1731
5 KB
13 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
23 KB
12 dotomi.com
medianet-match.dotomi.com — Cisco Umbrella Rank: 8241
pulsepoint-match.dotomi.com — Cisco Umbrella Rank: 3936
casale-match.dotomi.com — Cisco Umbrella Rank: 2423
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 2572
4 KB
12 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 384
7 KB
12 google.com
adservice.google.com — Cisco Umbrella Rank: 57
ampcid.google.com — Cisco Umbrella Rank: 1737
www.google.com — Cisco Umbrella Rank: 2
analytics.google.com — Cisco Umbrella Rank: 785
3 KB
11 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 794
ib.mookie1.com — Cisco Umbrella Rank: 1553
6 KB
9 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
383 KB
8 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 462
4 KB
8 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 617
gum.criteo.com — Cisco Umbrella Rank: 347
3 KB
8 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 528
6 KB
8 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 491
5 KB
7 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1032
3 KB
7 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 839
pixel.quantserve.com — Cisco Umbrella Rank: 381
12 KB
7 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 2789
r.skimresources.com — Cisco Umbrella Rank: 2662
t.skimresources.com — Cisco Umbrella Rank: 2825
p.skimresources.com — Cisco Umbrella Rank: 3627
15 KB
7 cnevids.com
player.cnevids.com — Cisco Umbrella Rank: 17396
api.cnevids.com — Cisco Umbrella Rank: 94022
99 KB
7 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 604
21 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
192 KB
6 dyntrk.com
gu.dyntrk.com — Cisco Umbrella Rank: 1112
3 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
760 B
6 exelator.com
loadus.exelator.com — Cisco Umbrella Rank: 1202
loadm.exelator.com — Cisco Umbrella Rank: 950
load77.exelator.com — Cisco Umbrella Rank: 3015
5 KB
6 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 744
2 KB
6 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 393
3 KB
6 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 404
stags.bluekai.com — Cisco Umbrella Rank: 437
5 KB
6 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 434
www.linkedin.com — Cisco Umbrella Rank: 609
px4.ads.linkedin.com — Cisco Umbrella Rank: 5153
4 KB
6 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 399
fonts.googleapis.com — Cisco Umbrella Rank: 35
656 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
341 KB
6 cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 450
115 KB
5 gstatic.com
fonts.gstatic.com
csi.gstatic.com
47 KB
5 bouncex.net
events.bouncex.net — Cisco Umbrella Rank: 1611
dfp.bouncex.net — Cisco Umbrella Rank: 2940
665 B
5 liadm.com
i.liadm.com — Cisco Umbrella Rank: 467
3 KB
5 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 730
4 KB
5 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 631
4 KB
5 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 517
4 KB
5 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 829
3 KB
5 bounceexchange.com
tag.bounceexchange.com — Cisco Umbrella Rank: 1907
assets.bounceexchange.com — Cisco Umbrella Rank: 1725
api.bounceexchange.com — Cisco Umbrella Rank: 2211
217 KB
5 google.ca
adservice.google.ca — Cisco Umbrella Rank: 13075
ampcid.google.ca — Cisco Umbrella Rank: 70825
www.google.ca — Cisco Umbrella Rank: 8822
2 KB
5 arstechnica.com
arstechnica.com — Cisco Umbrella Rank: 34982
sstats.arstechnica.com Failed
fpa-cdn.arstechnica.com — Cisco Umbrella Rank: 132279
fpa-events.arstechnica.com — Cisco Umbrella Rank: 77919
35 KB
4 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 2308
pbid.pro-market.net — Cisco Umbrella Rank: 5444
763 B
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 524
2 KB
4 adblade.com
dmp.adblade.com — Cisco Umbrella Rank: 5754
916 B
4 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 557
3 KB
4 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 707
2 KB
4 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 628
1 KB
4 tiktok.com
analytics.tiktok.com — Cisco Umbrella Rank: 1084
71 KB
4 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 573
script.hotjar.com — Cisco Umbrella Rank: 719
vars.hotjar.com — Cisco Umbrella Rank: 874
in.hotjar.com — Cisco Umbrella Rank: 1636
66 KB
3 yieldoptimizer.com
tag.yieldoptimizer.com — Cisco Umbrella Rank: 4322
1 KB
3 mxptint.net
pmp.mxptint.net — Cisco Umbrella Rank: 3751
abp.mxptint.net — Cisco Umbrella Rank: 17044
2 KB
3 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 825
2 KB
3 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 1498
2 KB
3 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1404
rogersadops-a.akamaihd.net — Cisco Umbrella Rank: 656551
2 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 697
s.tribalfusion.com — Cisco Umbrella Rank: 1995
2 KB
3 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1024
2 KB
3 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1266
ssbsync-us.smartadserver.com — Cisco Umbrella Rank: 6983
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 603
1011 B
3 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
1 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 480
2 KB
3 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 630
ice.360yield.com — Cisco Umbrella Rank: 1381
952 B
3 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 499
540 B
3 associates-amazon.com
z-na.associates-amazon.com — Cisco Umbrella Rank: 5223
assoc-na.associates-amazon.com — Cisco Umbrella Rank: 2941
4 KB
3 outbrainimg.com
tcheck.outbrainimg.com — Cisco Umbrella Rank: 3759
images.outbrainimg.com — Cisco Umbrella Rank: 1845
1 MB
2 ib-ibi.com
global.ib-ibi.com — Cisco Umbrella Rank: 1360
941 B
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 562
match.taboola.com — Cisco Umbrella Rank: 1843
656 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 3287
1 KB
2 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1190
576 B
2 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1282
1 KB
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5026
964 B
2 adentifi.com
rtb.adentifi.com — Cisco Umbrella Rank: 956
93 B
2 behave.com
ssp.behave.com — Cisco Umbrella Rank: 2357
1018 B
2 eqads.com
um2.eqads.com — Cisco Umbrella Rank: 2981
564 B
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 813
590 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 880
959 B
2 addthis.com
su.addthis.com — Cisco Umbrella Rank: 2256
x.dlx.addthis.com — Cisco Umbrella Rank: 980
692 B
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 346
739 B
2 trx-hub.com
trx-hub.com — Cisco Umbrella Rank: 6811
889 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 698
683 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 614
712 B
2 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 899
1 KB
2 trustx.org
sofia.trustx.org — Cisco Umbrella Rank: 2294
1 KB
2 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 375
usermatch.krxd.net — Cisco Umbrella Rank: 975
522 B
2 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 464
576 B
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 2409
496 B
2 pippio.com
pippio.com — Cisco Umbrella Rank: 663
849 B
2 trackonomics.net
cdn-magiclinks.trackonomics.net — Cisco Umbrella Rank: 5689
fr-actions.trackonomics.net — Cisco Umbrella Rank: 10349
29 KB
2 memoinsights.com
elsa.memoinsights.com — Cisco Umbrella Rank: 26833
1 KB
2 onetrust.com
geolocation.onetrust.com — Cisco Umbrella Rank: 727
808 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
183 KB
2 mediavoice.com
cdn.mediavoice.com — Cisco Umbrella Rank: 36282
plugin.mediavoice.com — Cisco Umbrella Rank: 28103
139 KB
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 1868
248 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 10111
411 B
1 clickagy.com
aorta.clickagy.com — Cisco Umbrella Rank: 2039
663 B
1 rtactivate.com
bpi.rtactivate.com — Cisco Umbrella Rank: 1667
109 B
1 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 870
287 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
263 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 626
672 B
1 truoptik.com
dmp.truoptik.com — Cisco Umbrella Rank: 1905
660 B
1 appier.net
gocm.c.appier.net — Cisco Umbrella Rank: 1880
395 B
1 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3039
348 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 970
674 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 781
613 B
1 media6degrees.com
idpix.media6degrees.com — Cisco Umbrella Rank: 1824
626 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 3771
487 B
1 33across.com
dp2.33across.com — Cisco Umbrella Rank: 7948
500 B
1 advangelists.com
nep.advangelists.com — Cisco Umbrella Rank: 1943
232 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1396
206 B
1 cpmstar.com
server.cpmstar.com — Cisco Umbrella Rank: 3355
612 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403
9 KB
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 3832
348 B
1 parsely.com
srv-1970-01-01-00.pixel.parsely.com
257 B
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 3721
1 hgrtb.com
sync.hgrtb.com — Cisco Umbrella Rank: 1641
324 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 193
667 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 806
485 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 659
574 B
1 geistm.com
id.geistm.com — Cisco Umbrella Rank: 4206
157 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1438
452 B
1 im-apps.net
sync-jp.im-apps.net — Cisco Umbrella Rank: 2566
203 B
1 getpublica.com
pbs.getpublica.com — Cisco Umbrella Rank: 12777
390 B
1 t.co
t.co — Cisco Umbrella Rank: 448
336 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 792
2 KB
1 aufp.io
aufp.io — Cisco Umbrella Rank: 5789
3 KB
1 linksynergy.com
tags.rd.linksynergy.com — Cisco Umbrella Rank: 3796
358 B
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 799
3 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 2526
43 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 531
6 KB
1 polarcdn-terrax.com
polarcdn-terrax.com — Cisco Umbrella Rank: 7913
502 B
1 condenast.io
api.condenast.io — Cisco Umbrella Rank: 20188
6 KB
1 memo.co
cdn.memo.co — Cisco Umbrella Rank: 31896
5 KB
1 zqtk.net
segment-data.zqtk.net — Cisco Umbrella Rank: 8284
396 B
790 150
Domain Requested by
45 dwgyu36up6iuz.cloudfront.net arstechnica.com
d2c8v52ll5s99u.cloudfront.net
37 cm.g.doubleclick.net 25 redirects arstechnica.com
us-u.openx.net
googleads.g.doubleclick.net
eus.rubiconproject.com
56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
31 capture.condenastdigital.com arstechnica.com
29 px.moatads.com arstechnica.com
28 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
googleads.g.doubleclick.net
um2.eqads.com
presentation-atl1.turn.com
arstechnica.com
28 contextual.media.net cdn.arstechnica.net
contextual.media.net
56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
presentation-atl1.turn.com
25 dpm.demdex.net 1 redirects arstechnica.com
widgets.outbrain.com
23 pubads.g.doubleclick.net d2c8v52ll5s99u.cloudfront.net
imasdk.googleapis.com
arstechnica.com
22 pagead2.googlesyndication.com srcdoc
56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
s0.2mdn.net
tpc.googlesyndication.com
ad.doubleclick.net
arstechnica.com
securepubads.g.doubleclick.net
20 us-u.openx.net 3 redirects cdn.arstechnica.net
us-u.openx.net
u.openx.net
presentation-atl1.turn.com
arstechnica.com
19 sync.outbrain.com widgets.outbrain.com
18 ib.adnxs.com 6 redirects cdn.arstechnica.net
widgets.outbrain.com
acdn.adnxs.com
googleads.g.doubleclick.net
arstechnica.com
18 cdn.arstechnica.net arstechnica.com
cdn.arstechnica.net
17 simage2.pubmatic.com 2 redirects ads.pubmatic.com
arstechnica.com
17 x.bidswitch.net 14 redirects contextual.media.net
arstechnica.com
16 match.adsrvr.org 15 redirects cdn.arstechnica.net
15 s.amazon-adsystem.com 2 redirects c.amazon-adsystem.com
s.amazon-adsystem.com
us-u.openx.net
ssum-sec.casalemedia.com
u.openx.net
bh.contextweb.com
eus.rubiconproject.com
presentation-atl1.turn.com
14 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
arstechnica.com
56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
tpc.googlesyndication.com
s0.2mdn.net
ad.doubleclick.net
13 image2.pubmatic.com 5 redirects ads.pubmatic.com
arstechnica.com
13 pixel.tapad.com 10 redirects arstechnica.com
us-u.openx.net
13 idsync.rlcdn.com 6 redirects arstechnica.com
widgets.outbrain.com
us-u.openx.net
condenast.demdex.net
presentation-atl1.turn.com
13 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
arstechnica.com
12 sync-tm.everesttech.net 12 redirects
12 dp8hsntg6do36.cloudfront.net arstechnica.com
d2c8v52ll5s99u.cloudfront.net
12 sync.mathtag.com 12 redirects
12 sb.scorecardresearch.com 3 redirects arstechnica.com
11 ups.analytics.yahoo.com 6 redirects us-u.openx.net
contextual.media.net
11 ids.ad.gt 1 redirects arstechnica.com
10 cs.media.net 4 redirects contextual.media.net
9 odr.mookie1.com 9 redirects
9 pr-bh.ybp.yahoo.com 2 redirects us-u.openx.net
ssum-sec.casalemedia.com
arstechnica.com
9 s0.2mdn.net imasdk.googleapis.com
arstechnica.com
s0.2mdn.net
56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
8 match.prod.bidr.io 8 redirects
8 id.rlcdn.com 2 redirects contextual.media.net
u.openx.net
eus.rubiconproject.com
8 ssum-sec.casalemedia.com 2 redirects s.amazon-adsystem.com
ssum-sec.casalemedia.com
js-sec.indexww.com
8 b1sync.zemanta.com 8 redirects
8 sync.1rx.io 8 redirects
8 d2c8v52ll5s99u.cloudfront.net player.cnevids.com
d2c8v52ll5s99u.cloudfront.net
8 widgets.outbrain.com arstechnica.com
widgets.outbrain.com
7 sync.tidaltv.com 7 redirects
7 d.turn.com 3 redirects arstechnica.com
presentation-atl1.turn.com
7 js-sec.indexww.com arstechnica.com
cdn.arstechnica.net
ssum-sec.casalemedia.com
7 www.googletagservices.com arstechnica.com
securepubads.g.doubleclick.net
56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
presentation-atl1.turn.com
www.googletagservices.com
ad.doubleclick.net
6 gu.dyntrk.com 6 redirects
6 c21lg-d.media.net contextual.media.net
6 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
presentation-atl1.turn.com
arstechnica.com
6 medianet-match.dotomi.com 6 redirects
6 www.facebook.com arstechnica.com
6 pixel.quantserve.com 2 redirects arstechnica.com
6 rtb.mfadsrvr.com 6 redirects
6 aa.agkn.com 4 redirects widgets.outbrain.com
presentation-atl1.turn.com
6 connect.facebook.net arstechnica.com
connect.facebook.net
d2c8v52ll5s99u.cloudfront.net
6 z.moatads.com arstechnica.com
securepubads.g.doubleclick.net
56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
d2c8v52ll5s99u.cloudfront.net
6 cdn.cookielaw.org arstechnica.com
cdn.cookielaw.org
5 i.liadm.com 4 redirects u.openx.net
5 pm.w55c.net 5 redirects
5 p.rfihub.com 5 redirects
5 ad.turn.com 5 redirects
5 bh.contextweb.com 1 redirects s.amazon-adsystem.com
bh.contextweb.com
5 dis.criteo.com 4 redirects widgets.outbrain.com
5 sync.targeting.unrulymedia.com 5 redirects
5 imasdk.googleapis.com player.cnevids.com
imasdk.googleapis.com
5 c2shb.ssp.yahoo.com cdn.arstechnica.net
5 fastlane.rubiconproject.com cdn.arstechnica.net
5 player.cnevids.com arstechnica.com
cdn.arstechnica.net
player.cnevids.com
4 events.bouncex.net arstechnica.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 googleads4.g.doubleclick.net arstechnica.com
ad.doubleclick.net
4 token.rubiconproject.com 4 redirects
4 dmp.adblade.com contextual.media.net
4 pixel-sync.sitescout.com 4 redirects
4 eus.rubiconproject.com cdn.arstechnica.net
s.amazon-adsystem.com
eus.rubiconproject.com
4 um.simpli.fi 4 redirects
4 image8.pubmatic.com 3 redirects widgets.outbrain.com
4 sync.crwdcntrl.net 2 redirects widgets.outbrain.com
ssum-sec.casalemedia.com
4 www.google.com arstechnica.com
securepubads.g.doubleclick.net
56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
tpc.googlesyndication.com
4 secure.adnxs.com 4 redirects
4 px.ads.linkedin.com 3 redirects eus.rubiconproject.com
4 analytics.tiktok.com arstechnica.com
analytics.tiktok.com
4 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
4 c.amazon-adsystem.com arstechnica.com
c.amazon-adsystem.com
3 fei.pro-market.net 3 redirects
3 tag.yieldoptimizer.com 2 redirects 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
3 px.owneriq.net 3 redirects
3 match.bnmla.com 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 hblg.media.net 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
3 presentation-atl1.turn.com arstechnica.com
56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
3 analytics.google.com www.googletagmanager.com
3 stags.bluekai.com 3 redirects
3 gum.criteo.com contextual.media.net
3 hbx.media.net contextual.media.net
3 loadm.exelator.com 2 redirects presentation-atl1.turn.com
3 acdn.adnxs.com cdn.arstechnica.net
3 check.analytics.rlcdn.com cdn.arstechnica.net
3 sync.technoratimedia.com 3 redirects
3 pixel.advertising.com 3 redirects
3 u.openx.net 2 redirects s.amazon-adsystem.com
3 sync.search.spotxchange.com 2 redirects arstechnica.com
3 tags.bluekai.com 1 redirects widgets.outbrain.com
presentation-atl1.turn.com
3 p.adsymptotic.com 1 redirects arstechnica.com
3 prebid.media.net cdn.arstechnica.net
3 condenastus-d.openx.net cdn.arstechnica.net
3 htlb.casalemedia.com cdn.arstechnica.net
3 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 t.skimresources.com arstechnica.com
s.skimresources.com
3 arstechnica.com cdn.arstechnica.net
pixel.condenastdigital.com
2 ib.mookie1.com 1 redirects arstechnica.com
2 global.ib-ibi.com 2 redirects
2 csi.gstatic.com imasdk.googleapis.com
2 pmp.mxptint.net 1 redirects arstechnica.com
2 pubmatic-match.dotomi.com 2 redirects
2 image4.pubmatic.com arstechnica.com
2 ads.creative-serving.com 2 redirects
2 beacon.lynx.cognitivlabs.com 1 redirects ads.pubmatic.com
2 cm.adgrx.com 2 redirects
2 rtb2-useast.e-volution.ai 2 redirects
2 rtb.adentifi.com 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
arstechnica.com
2 ssp.behave.com 2 redirects
2 ads.pubmatic.com assets.bounceexchange.com
arstechnica.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 qsearch-a.akamaihd.net arstechnica.com
2 casale-match.dotomi.com 2 redirects
2 match.deepintent.com 1 redirects ssum-sec.casalemedia.com
2 api.bounceexchange.com assets.bounceexchange.com
2 pulsepoint-match.dotomi.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 rtb.openx.net 1 redirects u.openx.net
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 googleads.g.doubleclick.net 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
arstechnica.com
2 eb2.3lift.com 2 redirects
2 trx-hub.com arstechnica.com
2 s.ad.smaato.net 1 redirects widgets.outbrain.com
2 loadus.exelator.com 2 redirects
2 creativecdn.com 2 redirects
2 ps.eyeota.net 1 redirects widgets.outbrain.com
2 sofia.trustx.org 1 redirects widgets.outbrain.com
2 analytics.twitter.com static.ads-twitter.com
arstechnica.com
2 images.outbrainimg.com arstechnica.com
2 www.google.ca arstechnica.com
2 assets.bounceexchange.com tag.bounceexchange.com
assets.bounceexchange.com
2 ad.360yield.com 2 redirects
2 api.sail-personalize.com ak.sail-horizon.com
2 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
2 condenast.demdex.net arstechnica.com
2 4d.condenastdigital.com pixel.condenastdigital.com
2 pippio.com 2 redirects
2 assoc-na.associates-amazon.com z-na.associates-amazon.com
2 adservice.google.ca securepubads.g.doubleclick.net
2 elsa.memoinsights.com cdn.memo.co
2 p.skimresources.com arstechnica.com
2 pixel.condenastdigital.com arstechnica.com
2 api.cnevids.com cdn.arstechnica.net
2 geolocation.onetrust.com cdn.cookielaw.org
2 www.googletagmanager.com arstechnica.com
www.googletagmanager.com
1 ade.googlesyndication.com
1 pixel.onaudience.com 1 redirects
1 dmp.v.fwmrm.net arstechnica.com
1 usermatch.krxd.net 1 redirects
1 aorta.clickagy.com 1 redirects
1 abp.mxptint.net 1 redirects
1 ads.scorecardresearch.com 1 redirects
1 pbid.pro-market.net presentation-atl1.turn.com
1 bpi.rtactivate.com presentation-atl1.turn.com
1 sync.teads.tv presentation-atl1.turn.com
1 r.turn.com presentation-atl1.turn.com
1 match.sharethrough.com presentation-atl1.turn.com
1 ads.stickyadstv.com presentation-atl1.turn.com
1 rtb-csync.smartadserver.com presentation-atl1.turn.com
1 dmp.truoptik.com 1 redirects
1 rogersadops-a.akamaihd.net arstechnica.com
1 simage4.pubmatic.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 gocm.c.appier.net 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 ad.doubleclick.net www.googletagservices.com
1 idpix.media6degrees.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 dsp.adkernel.com 1 redirects
1 dp2.33across.com 1 redirects
1 x.dlx.addthis.com 1 redirects
1 fonts.googleapis.com s0.2mdn.net
1 dfp.bouncex.net cdn.arstechnica.net
1 warp.media.net cdn.jsdelivr.net
1 nep.advangelists.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 aax-eu.amazon-adsystem.com eus.rubiconproject.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 d.adroll.com 1 redirects
1 s.tribalfusion.com 1 redirects
1 server.cpmstar.com 1 redirects
1 su.addthis.com 1 redirects
1 cdn.jsdelivr.net 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
1 in.hotjar.com script.hotjar.com
1 ssbsync-us.smartadserver.com 1 redirects
1 load77.exelator.com arstechnica.com
1 id.sv.rkdms.com js-sec.indexww.com
1 api.rlcdn.com cdn.arstechnica.net
1 fr-actions.trackonomics.net cdn-magiclinks.trackonomics.net
1 fpa-events.arstechnica.com arstechnica.com
1 srv-1970-01-01-00.pixel.parsely.com arstechnica.com
1 pixels.ad.gt p.ad.gt
1 cs-server-s2s.yellowblue.io widgets.outbrain.com
1 sync.hgrtb.com 1 redirects
1 c.bing.com widgets.outbrain.com
1 ssbsync.smartadserver.com 1 redirects
1 ice.360yield.com 1 redirects
1 cs.emxdgt.com 1 redirects
1 bttrack.com widgets.outbrain.com
1 pixel-us-east.rubiconproject.com 1 redirects
1 id.geistm.com widgets.outbrain.com
1 dsp.adfarm1.adition.com 1 redirects
1 beacon.krxd.net widgets.outbrain.com
1 sync-jp.im-apps.net widgets.outbrain.com
1 pbs.getpublica.com player.cnevids.com
1 vars.hotjar.com static.hotjar.com
1 t.co arstechnica.com
1 mcdp-sadc1.outbrain.com widgets.outbrain.com
1 fpa-cdn.arstechnica.com cdn.cookielaw.org
1 script.hotjar.com static.hotjar.com
1 rules.quantcount.com secure.quantserve.com
1 p.ad.gt a.ad.gt
1 aufp.io a.ad.gt
1 px4.ads.linkedin.com 1 redirects
1 www.linkedin.com 1 redirects
1 cm.everesttech.net 1 redirects
1 infinityid.condenastdigital.com pixel.condenastdigital.com
1 ampcid.google.ca www.google-analytics.com
1 odb.outbrain.com widgets.outbrain.com
1 tags.rd.linksynergy.com 1 redirects
1 cdn-magiclinks.trackonomics.net arstechnica.com
1 static.hotjar.com arstechnica.com
1 snap.licdn.com arstechnica.com
1 a.ad.gt www.googletagmanager.com
1 tag.bounceexchange.com arstechnica.com
1 ak.sail-horizon.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 ampcid.google.com www.google-analytics.com
1 mb.moatads.com z.moatads.com
1 z-na.associates-amazon.com www.googletagmanager.com
1 polarcdn-terrax.com cdn.mediavoice.com
1 plugin.mediavoice.com cdn.mediavoice.com
1 api.condenast.io player.cnevids.com
1 widget-pixels.outbrain.com arstechnica.com
1 tcheck.outbrainimg.com widgets.outbrain.com
1 r.skimresources.com s.skimresources.com
1 cdn.memo.co arstechnica.com
1 segment-data.zqtk.net cdn.arstechnica.net
1 s.skimresources.com arstechnica.com
1 cdn.mediavoice.com arstechnica.com
0 sstats.arstechnica.com Failed arstechnica.com
790 256
Subject Issuer Validity Valid
*.arstechnica.com
Amazon		 2021-11-29 -
2022-12-27		 a year crt.sh
*.cachefly.net
GlobalSign RSA OV SSL CA 2018		 2021-10-18 -
2022-11-19		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.cnevids.com
Amazon		 2021-09-18 -
2022-10-17		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-16 -
2022-07-15		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
onetrust.com
Cloudflare Inc ECC CA-3		 2022-01-12 -
2023-01-12		 a year crt.sh
*.zqtk.net
Amazon		 2021-08-17 -
2022-09-15		 a year crt.sh
cnevideos.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
memo.co
Amazon		 2021-05-27 -
2022-06-25		 a year crt.sh
*.admagazine.fr
GlobalSign Atlas R3 DV TLS CA 2020		 2021-07-22 -
2022-08-23		 a year crt.sh
*.outbrainimg.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-11 -
2023-03-15		 a year crt.sh
z-na.associates-amazon.com
Amazon		 2021-05-21 -
2022-06-19		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
memoinsights.com
Amazon		 2021-05-27 -
2022-06-25		 a year crt.sh
*.google.ca
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
assoc-na.associates-amazon.com
Amazon		 2021-10-25 -
2022-09-30		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
ak.sail-horizon.com
Amazon		 2022-01-06 -
2023-02-02		 a year crt.sh
tag.bounceexchange.com
R3		 2022-01-22 -
2022-04-22		 3 months crt.sh
*.turn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-02 -
2023-04-01		 a year crt.sh
*.ad.gt
Amazon		 2021-06-09 -
2022-07-08		 a year crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-12-18 -
2022-03-18		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.tiktok.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-13 -
2023-01-13		 a year crt.sh
*.trackonomics.net
Go Daddy Secure Certificate Authority - G2		 2021-12-22 -
2023-01-23		 a year crt.sh
conde.io
Amazon		 2021-06-30 -
2022-07-29		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
api.sail-personalize.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
aufp.io
Amazon		 2021-11-26 -
2022-12-24		 a year crt.sh
assets.bounceexchange.com
GTS CA 1D4		 2022-02-16 -
2022-05-17		 3 months crt.sh
fpa-events.arstechnica.com
Amazon		 2021-05-26 -
2022-06-24		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-22 -
2023-02-22		 a year crt.sh
*.getpublica.com
Amazon		 2021-07-01 -
2022-07-30		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-26 -
2023-03-01		 a year crt.sh
*.im-apps.net
Amazon		 2021-05-25 -
2022-06-23		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh
*.geistm.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
s.ad.smaato.net
Amazon		 2021-09-21 -
2022-10-20		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
*.yellowblue.io
Amazon		 2021-05-23 -
2022-06-21		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
analytics.rlcdn.com
Amazon		 2021-08-26 -
2022-09-24		 a year crt.sh
*.pixel.parsely.com
R3		 2022-01-22 -
2022-04-22		 3 months crt.sh
*.trx-hub.com
Amazon		 2022-02-20 -
2023-03-21		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
securedvisit.com
Amazon		 2021-11-30 -
2022-12-27		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2020-05-07 -
2022-05-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
dmp.adblade.com
R3		 2022-03-06 -
2022-06-04		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.wunderkind.co
R3		 2022-02-14 -
2022-05-15		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2022-01-30 -
2022-12-31		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
a248.e.akamai.net
DigiCert SHA2 Secure Server CA		 2021-07-15 -
2022-07-20		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-02-17 -
2022-05-12		 3 months crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
beacon.lynx.cognitivlabs.com
Amazon		 2021-04-28 -
2022-05-27		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-12 -
2023-02-12		 a year crt.sh
teads.tv
R3		 2022-01-03 -
2022-04-03		 3 months crt.sh
rtactivate.com
Amazon		 2021-05-13 -
2022-06-11		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh

This page contains 80 frames:

Primary Page: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Frame ID: 7D6FC6A7CAA75A57F8FB26D5F6A353B5
Requests: 301 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.00041571765848136266
Frame ID: D0DAD834C156144F7289F8D7DA8859E9
Requests: 1 HTTP requests in this frame

Frame: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EDDCC152F3703C27B528F35A0C654F03
Requests: 1 HTTP requests in this frame

Frame: https://condenast.demdex.net/dest5.html?d_nsid=0
Frame ID: 83DFDB3D4A470767DA5D29EEEACA898C
Requests: 36 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: 8A4E46ABB1AE0FF2AAA11C7490C9DF12
Requests: 52 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: A5A1131E4254BA506A135C09FA6DC5AE
Requests: 26 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Frame ID: 1B2AC57427CB8AF56830A889D5CCAD39
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=e8062a03-abd0-4179-9237-bc017ff4576d
Frame ID: BEA7645D436962224226AD39BDD7D60F
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 0278F970E0825D9C3621A3856715C410
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 38AFA0656CDB482B1CF3086BE5B47D66
Requests: 38 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Frame ID: 7BE46643D5085A4BA60D2D1A961EBA05
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Frame ID: FD6AAC02DDD63326824A0D0EA28F1AAE
Requests: 1 HTTP requests in this frame

Frame: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F4E3D0A94CA40C0EABC730E9277E7B00
Requests: 18 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.503.0_en.html
Frame ID: FFB5AA7C112B64EB3B0F52B46BEF16D4
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.503.0_en.html
Frame ID: B849A2E458485F498232674E112CBBAA
Requests: 28 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Frame ID: 52ED35BB2F9F6116F14EAEB1FD7D205A
Requests: 1 HTTP requests in this frame

Frame: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FEB51483C7E9FCF75D0DF39229F02B35
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEwK8EbYWdWgzVUbFAcfQ5JppKoc8ygkwWbxLDvdEsQqHEH5v9g1JIsownJrFTbaLjZm_XM46dnV5WVpmUI7vntSjeupiJvDPvy26FHjEOpTKhHyoFtbR4y83KELDoQnCTrIsG8-2sdbFSTgRAJ9FsJBrPdSO1GMMep5_ZCGXrHy0_BPf3tOcmBMCguIXQDv4VK6aeW9CWAAiZTVtKMHINVInwmLUJQFOJeVzFM39VI10Ul9f2Wm0jVh9Gl9zA2dV_LYbo3--dd9ILLnV_OQnnE0ap1eNPo6faGE6PXeKfGMuyXcTyuC7gbrl_E7lDCzfmG-Qt7m0KEMlQKY1H_kjQvSUCSC2MXsKNMak&sig=Cg0ArKJSzOh2-Vqajh8dEAE&uach_m=[UACH]&adurl=
Frame ID: 01A69E2BBAFB2EBF99BC54FA453B1E45
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: F2699CBACD3009635643B6525311AB0E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F3528864BCD836FA2A969898085AA509
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Frame ID: 14BC42AC03F216BF1AD37799CE5413FE
Requests: 7 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 95A9C3F8C1A241D0EF78510698B526FB
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Frame ID: 4BFD93F3524723CC69B3E04EE858E0EE
Requests: 10 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Frame ID: BBDFDDF89E59DD2C34AC438513358D68
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Frame ID: 36A0D33E89ACA214C715E79D084C6331
Requests: 17 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 893BD68CD650D00B1E8311DDEF647B26
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 87820D1DC92E16FE2A0129E7CE6D51F0
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8D192A1C540065B1E1457624CF7CEC7E
Requests: 3 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Frame ID: 322874471F814C7385E0B341C2C6D600
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Frame ID: 9BA9A30E9AEA235BB8139B625C5D95C2
Requests: 17 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4D33D9F7231083C22E177BD5C1EB017D
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Frame ID: 99AA89133A3F64A8B8EF8D57DCEA67E0
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E0008417885038F1E9096768CD0AAC9A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: ED5B6764F3D37BE4556B73DDC2644899
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Frame ID: 296F7B362705563ED549E751591DF134
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Frame ID: 87B096CF8BFE9D84D533F3670933EEF8
Requests: 2 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Frame ID: FD7271548CBF83B8E917EE887E704ABD
Requests: 5 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1ielZIVTVwRTJ1TEI1UktRc2czSkd5YjlXbGdnSldtbH5B
Frame ID: 3586C6DD58526AD787698084E3B139DF
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Frame ID: 30D540BF7D6A086029C2EB27563FB1EF
Requests: 7 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=489781436322581848&gdpr=0&gdpr_consent=
Frame ID: 9C809A0E73DF4036CB0C51E43FFE1FDA
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?id=7380764466701486637&ex=appnexus.com
Frame ID: 0F4A3A7B3C323BCB6EC3C27C8FE2EE79
Requests: 1 HTTP requests in this frame

Frame: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3712844220807655623468
Frame ID: 5FC362B0DB7CAC32EFC7FC00D62C1156
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYsJi0wwEwAQ&v=APEucNUz35vu33dz8oxirZ6aj7GD2fh08sLFmqYHJruoCKHp1aZ_E7FJQqDvMCKYOEhGe5u_n_nzQvweEleaqmqNqxGSeePuEg
Frame ID: 4C40E204997307593E4CE15E3BC36F46
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2899975901454749000V10&type=rkt&refUrl=&vid=69959927362899975901454749000V10&ovsid=1813050710406837267
Frame ID: 5A5C42BDD42B1671A622ACDB54D062EF
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2899975901454749000V10&type=rkt&refUrl=&vid=69959928482899975901454749000V10&ovsid=1791377137828703288
Frame ID: 568DC94B590067C198E55C163689E84D
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2899975901454749000V10&type=rkt&refUrl=&vid=69959930072899975901454749000V10&ovsid=1791377137828703288
Frame ID: 85111382A6442D6EE13FBA3B3D7703DB
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 0DA37B61B455A8B9C50130FA1624071C
Requests: 9 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: F9F825517BCDC3FDF90083B3A0DB6E11
Requests: 10 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: DB69B6CEF3672296FE5C467BB01E60F7
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13230765150597808128/CR_popcornews.com_BL_CA_PC_Nongoogle_creative.html
Frame ID: 24416354F21F65B41F0A2F066EF4000E
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 14D7201F696ED3CD67BA147A789B0BA4
Requests: 2 HTTP requests in this frame

Frame: https://presentation-atl1.turn.com/server/ads.js?code=181621418&aid=52361067&tuid=3333326546105296117&duid=2540974486664799477&uimpd=1-e0wV8KO7_6OpDUsrFHkFImqC2Mq6iijWw-q5J_b9_AoavTxZxc3-FRoPAbRARuGhzmXRNAsUGCV2SRhiWXBJQVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiPH8aNlM8Mg0HcjiYdfEhoO8K0XGVTAg2AHN5sPe8leOswD9bP6BDOMs3U90ToOThit5LDa5AzomEr7Vp98inouTNZdACyFHTyx7ymaICVaUaEcLK7AsKBSjzDi_-b69IVnr6v1HrATFo0W-HabdiuQKPneOyWL79xqGFgw5I59gIgJqIglsM1r52PvRQE7x6E_1rTYHileDcSEp9i2oWw3iZilkvx4S2Cbyb1aMiA9F7mavDOFe_vDZKj_smRTbZr1yCA20upKigXe2kHNY2tlq1bwWl57NhRm-8GgzvVh_ZM9nsHFzegwuqKuUdD2wuc_bGfkzy1aGMcshAut-SZSuiJt7Qv_kLWZbnCJLYkrcKNzZEkI3DQvqeQdfNgdyucWD8T6TdEdNNiqAaHS7A6IPoVU1A18zIbbfV545S3zTpUfAzA35TgmHnjB4IxBplp4Cis0LGAJvkHxk0Wo3iEEvj-E6JfnC1Z_junwiDVJ5RpvrsgCgO6i-RM03HMiXSs6ieHdpHqi8fHOXrxms5y5tOCN0LerxR5PvvtzVEpAbF91DgYK07eqYO8zC--3zX-568vzPAkyGYJeBaH4GIUZjtUZzeY2lZpTcqb4U2zn4k8KJRqPEYtbDOJ3mzd-UOnrNN28D_RQenYik--OyFyi5yEc7BPqQl-9vRqtJ-gIcVbGL5CW6FRKhIzXplIU338BQfBjuTuu25DmenG5yZ1iBSe8TYepIvn4kLjwLtzqThmgveRQJhVd2T3MdJEGvLsJf_ukC3905z5Ioh7dGFz6SJI7QdQSBzXD7LPTM7CV39HlchXohJLSmW1H-UtlkfNVnxFU4jH5dGJisS5JZX6U&acp=1.279
Frame ID: 84BC8533FF00588087D0D8026F7820C8
Requests: 14 HTTP requests in this frame

Frame: https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Frame ID: 73DC8FD7711871D80E6F859C37A5F045
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 661AC894228AEA1B9D42CADE73258DEC
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Frame ID: 0975D2ECADC7E9F51C007B066036412B
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4EBB825512D8C266412F2728AF218D56
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=8763B6A3-D1B4-4E71-AF29-58D268671E50
Frame ID: BB437655437B51BBEE6BAC5A7C94F5E3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YisqEAAAAByHOAQr&gdpr=0&gdpr_consent=
Frame ID: 3AEA0F7DB3249075029B8F6BC29CDD22
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4f1b622b-2a11-4300-89bc-81aa7c7a5721&gdpr=0&gdpr_consent=
Frame ID: 550F253C490FAA230E4386EC9C19E77B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADDLE7EVlQAACtnjd2l6Q
Frame ID: 21063BA1C56B2C79B71A1CC3CC9AFAB4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 1A83385E3D6B4E0859A28ECA8C2CEB7F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_d8ea72eaab5e46e287f5a
Frame ID: 3C75C1A19C91906B534C59C20677CD37
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T4MRBqprSD9zkcsEDgDw1ZU4mbM
Frame ID: 1EC373A7AAC7DF4D06D6704C1ABC4AAB
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=763c50f8-a129-11ec-ba1d-13cc640753b5
Frame ID: 1A7704E64EAD267688167CE4CEEAE7DC
Requests: 1 HTTP requests in this frame

Frame: https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=8763B6A3-D1B4-4E71-AF29-58D268671E50
Frame ID: 1B877B5D798A74F4A189F33BC0591400
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 122B932F6F3B48BEA2F63E5E799CEF1D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:WmVnYQcI1NsCTu5&gdpr=0&gdpr_consent=
Frame ID: 7166328D6743F7C24161CC93565C2724
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=654219918252
Frame ID: 984E48F8A5E6AF3FF7EDA84F59822729
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005
Frame ID: 1BD41914D624A632B19A17411C0DB609
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=4b015e21-91d7-4216-ac8f-018a39260d41
Frame ID: B19DBD415B6359BCC8257BDC5570A100
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6ca62cbf-06fe-4d09-904c-455965eae6d8
Frame ID: FB197DCBD0000459C04674E6B3637528
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7002823991353312790
Frame ID: 0E3E1CA457A04C68999EEB8DE5A1C670
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HzIO2IQ6BCiPRPFEHyorYg
Frame ID: E7215B2671E90080E31EB8D83780E453
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e608c96d-793e-4b06-b808-da3dae17fadc-tuct924af9f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 7091A26BFFF1801FB4F9A8062F5D21E2
Requests: 1 HTTP requests in this frame

Frame: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Frame ID: 9F92C1AC25D663B7900ACBC85B3B669E
Requests: 20 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Frame ID: 7FC7A22C8B27124FF4D998394FCB8A42
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js
Frame ID: 50CA7C0728C0AA4F132D542E761556CB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 18369A3A52B4CDED3E810D330C9DDBE5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CC35A6046E2DC60326690214847A3DDF
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D1F32F0A96BD1E7983E2CF08C8D07CE1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Feds extradite ransomware suspects from 2 prolific gangs in a single week | Ars Technica

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • cdn\.cookielaw\.org
  • otSDKStub\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • widgets\.outbrain\.com/outbrain\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

790
Requests

75 %
HTTPS

21 %
IPv6

150
Domains

256
Subdomains

160
IPs

9
Countries

9528 kB
Transfer

24068 kB
Size

337
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 130
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035094&ns__t=1646995983452&ns_c=UTF-8&c8=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week%20%7C%20Ars%20Technica&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1646995983452&ns_c=UTF-8&c8=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week%20%7C%20Ars%20Technica&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&c9=
Request Chain 131
  • https://idsync.rlcdn.com/709387.gif?partner_uid=undefined&gtmcb=956312924 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIumKxIVChEIARCFvQkaCXVuZGVmaW5lZBAAGg0Ij9SskQYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=2fa2336a93f585f55edaa22db8af7573fe3ce9a2ec8c59106bf9f28f930b4038791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyZmEyMzM2YTkzZjU4NWY1NWVkYWEyMmRiOGFmNzU3M2ZlM2NlOWEyZWM4YzU5MTA2YmY5ZjI4ZjkzMGI0MDM4NzkxNDI2YjU0MTdkY2UyMRAAGgwIkNSskQYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyZmEyMzM2YTkzZjU4NWY1NWVkYWEyMmRiOGFmNzU3M2ZlM2NlOWEyZWM4YzU5MTA2YmY5ZjI4ZjkzMGI0MDM4NzkxNDI2YjU0MTdkY2UyMRAAGgwIkNSskQYSBAgCEABCAEoA&google_error=3 HTTP 307
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3= HTTP 303
  • https://idsync.rlcdn.com/458249.gif?partner_uid=4272d87a-7960-4846-b0cb-40ae05801c78
Request Chain 132
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=undefined HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_device_id=undefined
Request Chain 133
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=648&partner_device_id=undefined HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=648&partner_device_id=undefined HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5%252C&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6e0633dc-a403-42d4-8fdd-03bcf8268488&ttd_puid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5%2C
Request Chain 158
  • https://cm.everesttech.net/cm/dd?d_uuid=68547252942253779170798061318171033219 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YisqEAAAAByHOAQr
Request Chain 183
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1646995984677&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1646995984677&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D434737%26time%3D1646995984677%26url%3Dhttps%253A%252F%252Farstechnica.com%252Finformation-technology%252F2022%252F03%252Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1646995984677&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&cookiesTest=true&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1646995984677&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&cookiesTest=true&liSync=true&e_ipv6=AQK5EGejzcKBQAAAAX94nFk67ofass2Uer5Res3ilSXuvG9RZTC7efA4GVb9tEwA7cw9zNg6 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=58c2fef9-6a1c-41eb-9ebf-6bd475714fa3 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=58c2fef9-6a1c-41eb-9ebf-6bd475714fa3&_expected_cookie=133206bfc57dc84a527e3ac88db634d0
Request Chain 188
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&adnxs_id=$UID HTTP 302
  • https://ids.ad.gt/api/v1/match?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&adnxs_id=7380764466701486637
Request Chain 189
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9 HTTP 302
  • https://ids.ad.gt/api/v1/t_match?tdid=6e0633dc-a403-42d4-8fdd-03bcf8268488&id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
Request Chain 190
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9 HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9 HTTP 302
  • https://ids.ad.gt/api/v1/pbm_match?pbm=8763B6A3-D1B4-4E71-AF29-58D268671E50&id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
Request Chain 191
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9 HTTP 302
  • https://ids.ad.gt/api/v1/g_match?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&google_gid=CAESEHAGhIqFq0JL46uIHrnDrno&google_cver=1&google_ula=450542624,0
Request Chain 192
  • https://ids.ad.gt/api/v1/g_hosted?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZDA3MjAyZGQtZGJmOC00ZDVkLWExM2EtYjBmYjdlNTIwMmY5
Request Chain 193
  • https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9%26impr_uid%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ids.ad.gt/api/v1/impr_match?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&impr_uid=731aab81-526e-449a-8b81-5fa14fdcea13
Request Chain 194
  • https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9%26unruly_id%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9%26unruly_id%3D%5BRX_UUID%5D&cb=1646995984972 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9%26unruly_id%3DRX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005 HTTP 302
  • https://ids.ad.gt/api/v1/unruly?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&unruly_id=RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005
Request Chain 195
  • https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9 HTTP 302
  • https://ids.ad.gt/api/v1/mediamath_match?user_id=4f1b622b-2a11-4300-89bc-81aa7c7a5721&id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
Request Chain 205
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Request Chain 226
  • https://idsync.rlcdn.com/420046.gif?partner_uid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu HTTP 307
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D HTTP 302
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=d3ce87b7-fbdf-4e6f-9415-cfe04ac18554
Request Chain 228
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&s=2&us_privacy=1--- HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=M2AFWxq8fWs1QCyO1OUy&gdpr=0&us_privacy=1---
Request Chain 229
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7380764466701486637&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Request Chain 232
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=6e0633dc-a403-42d4-8fdd-03bcf8268488
Request Chain 235
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=59125365-6b70-4daa-8987-45b896b15e4d
Request Chain 236
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Doutbrain%26bsw_param%3D82063e31-d895-4c78-815b-e5685b556304&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=4f1b622b-2a11-4300-89bc-81aa7c7a5721&expires=30&ssp=outbrain&bsw_param=82063e31-d895-4c78-815b-e5685b556304&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=82063e31-d895-4c78-815b-e5685b556304&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKhjo6mkPirEYY_MuSQBSqg&google_cver=1 HTTP 302
  • https://sofia.trustx.org/sync?tp_id=1&tp_uid=82063e31-d895-4c78-815b-e5685b556304&ssp_custom_data= HTTP 302
  • https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=82063e31-d895-4c78-815b-e5685b556304&ssp_custom_data=
Request Chain 239
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7073793900810664086
Request Chain 240
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Request Chain 242
  • https://creativecdn.com/cm-notify?pi=outbrain HTTP 302
  • https://creativecdn.com/cm-notify?pi=outbrain&tc=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=g71zTyS3JrJ1a7exnX6p&pi=outbrain&tc=1
Request Chain 243
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L0MAVUNK-24-AM7U
Request Chain 246
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu HTTP 302
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&xl8blockcheck=1 HTTP 302
  • https://idsync.rlcdn.com/397416.gif?partner_uid=749a3fb36294af3e0be5477ca7a8aed6 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOnRrE8Hh1SlSJm1b9S-Q9c&google_cver=1
Request Chain 247
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&s=193091&C=1 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Request Chain 248
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&__user_check__=1&sync_id=703b413e-a129-11ec-a4b2-19a2cb060103 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=spotx&uid=703b40fe-a129-11ec-a4b2-19a2cb060103&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Request Chain 249
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fsync.outbrain.com%252Fcookie-sync%253Fp%253Dpubmatic%2526obUid%253DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu%2526uid%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODc2M0I2QTMtRDFCNC00RTcxLUFGMjktNThEMjY4NjcxRTUw&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEGbcL73e2AFhjruAy7-Vf_Y&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=PM_CONSENT HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:88A43826E64D4192B957B7C4E6FE616D HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 250
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu%26uid%3D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=openx&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&uid=3619d1d6-4976-45f3-a803-1dbecbe123a7
Request Chain 251
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP7056a3fc-a129-11ec-b6e3-0210df448c65 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=UP7056a3fc-a129-11ec-b6e3-0210df448c65
Request Chain 252
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu%0A HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu%0A&b64_redirect=aHR0cHM6Ly9zeW5jLm91dGJyYWluLmNvbS9jb29raWUtc3luYz9wPWVteCZ1aWQ9JEVNWFVJRCZvYlVpZD1xU1pzVnc3SVVqUWktZ3d5Q2JIczdrcUdiWU9ISWZwVjJicFZHdUc0QkdHamNlbVR6NGRhOHB4Q0hTQ240OXp1Cg==
Request Chain 253
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=731aab81-526e-449a-8b81-5fa14fdcea13&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Request Chain 254
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%24%7BUSER%7D%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4423958491 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/6e0633dc-a403-42d4-8fdd-03bcf8268488 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005?redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3DRX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005%26obUid%3D%24D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005&obUid=$D
Request Chain 256
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu%26gdpr%3D$GDPR_APPLIES%26gdpr_consent%3D$CONSNT_STRING HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=489781436322581848&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
Request Chain 257
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&redir=true HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-wieNCjlE2uEnDGV5ht6_4R0hTe9WyDUFX.ot.jQ-~A&gdpr=0&gdpr_consent=
Request Chain 259
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu HTTP 307
  • https://sync.outbrain.com/cookie-sync?p=synacor&uid=494D3CE41C99400BA621FD0E3E02E377&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Request Chain 260
  • https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu%26uid%3D%7BUSER_ID%7D HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&uid=bcaf9e53-95b7-4356-9c31-3b956785f931
Request Chain 262
  • https://id.rlcdn.com/711945.gif?cparams=obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu HTTP 307
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Request Chain 287
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=68547252942253779170798061318171033219 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=163850804087006939230
Request Chain 302
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9 HTTP 302
  • https://ids.ad.gt/api/v1/openx?openx_id=af48e1b4-bf14-47f3-9897-5b4364252b88&id=0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
Request Chain 341
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=68547252942253779170798061318171033219&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d68547252942253779170798061318171033219 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=4f1b622b-2a11-4300-89bc-81aa7c7a5721&ddsuuid=68547252942253779170798061318171033219
Request Chain 352
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=68547252942253779170798061318171033219 HTTP 302
  • https://load77.exelator.com/pixel.gif
Request Chain 359
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1ielZIVTVwRTJ1TEI1UktRc2czSkd5YjlXbGdnSldtbH5B
Request Chain 361
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=489781436322581848&gdpr=0&gdpr_consent=
Request Chain 362
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=7380764466701486637&ex=appnexus.com
Request Chain 363
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3712844220807655623468
Request Chain 371
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3480839182339453453&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 372
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YisqEAAAAByHOAQr
Request Chain 374
  • https://match.adsrvr.org/track/cmf/openx?oxid=8608f8d1-3698-780f-cb6c-4f13735ae48c&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=6e0633dc-a403-42d4-8fdd-03bcf8268488&ttd_puid=8608f8d1-3698-780f-cb6c-4f13735ae48c&gdpr=0&gdpr_consent=
Request Chain 376
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBQtiJ9e9L1hgBQbgByPk3o&google_cver=1
Request Chain 377
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3480839182339453453&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 378
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YisqEAAAAByHOAQr
Request Chain 380
  • https://match.adsrvr.org/track/cmf/openx?oxid=8608f8d1-3698-780f-cb6c-4f13735ae48c&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=6e0633dc-a403-42d4-8fdd-03bcf8268488&ttd_puid=8608f8d1-3698-780f-cb6c-4f13735ae48c&gdpr=0&gdpr_consent=
Request Chain 382
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBQtiJ9e9L1hgBQbgByPk3o&google_cver=1
Request Chain 383
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341&gdpr=0&gdpr_consent=
Request Chain 385
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID} HTTP 302
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=a8cc7b58-eef2-4246-984b-8e19e4f910e5 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=a8cc7b58-eef2-4246-984b-8e19e4f910e5&apid=UP7056a3fc-a129-11ec-b6e3-0210df448c65
Request Chain 386
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D HTTP 302
  • https://id.rlcdn.com/464246.gif?partner_uid=d3ce87b7-fbdf-4e6f-9415-cfe04ac18554 HTTP 307
  • https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D HTTP 302
  • https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Request Chain 387
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7380764466701486637
Request Chain 398
  • https://su.addthis.com/red/usync?pid=16&puid=68547252942253779170798061318171033219&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D420%26dpuuid%3D%7B%7Buid%7D%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=420&dpuuid=622b2a18a015d6b9
Request Chain 409
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Drkt%26refUrl%3D%26vid%3D69959927362899975901454749000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2899975901454749000V10&type=rkt&refUrl=&vid=69959927362899975901454749000V10&ovsid=1813050710406837267
Request Chain 410
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dcon%26refUrl%3D%26vid%3D69959927362899975901454749000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=5793113d4adc1210&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dcon%26refUrl%3D%26vid%3D69959927362899975901454749000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=con&refUrl=&vid=69959927362899975901454749000V10&ovsid=AAAGahZLjM3i3QMH_QRbAAAAAAA&expiration=1647082394&is_secure=true
Request Chain 411
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dmma%26refUrl%3D%26vid%3D69959927362899975901454749000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=mma&refUrl=&vid=69959927362899975901454749000V10&ovsid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Request Chain 412
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjg5OTk3NTkwMTQ1NDc0OTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB4pejAekEEt_MjVRbcwjVY&google_cver=1
Request Chain 413
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Ddxu%26refUrl%3D%26vid%3D69959927362899975901454749000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Ddxu%26refUrl%3D%26vid%3D69959927362899975901454749000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=dxu&refUrl=&vid=69959927362899975901454749000V10&ovsid=WmVnYQcI1NsCTu5
Request Chain 414
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fa7763bf-d917-451f-853b-cf8801daf3e6
Request Chain 415
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=82063e31-d895-4c78-815b-e5685b556304&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ssp%3Dmedianet%26user_id%3D%24UID HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=medianet&user_id=JWH03wyZvpQ6VgSnIn510 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=82063e31-d895-4c78-815b-e5685b556304&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 416
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dzem%26refUrl%3D%26vid%3D69959927362899975901454749000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=M2AFWxq8fWs1QCyO1OUy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKNGJAUMV3YOE4GMV3TGFIUG6KPGFHVK6JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3DSOJVHE4TENZTGYZDQOJZHE3TKOJQGE2DKNBXGQ4TAMBQKYYTAJTWONUWIPJSHA4TSOJXGU4TAMJUGU2DONBZGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKNGJAUMV3YOE4GMV3TGFIUG6KPGFHVK6JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3DSOJVHE4TENZTGYZDQOJZHE3TKOJQGE2DKNBXGQ4TAMBQKYYTAJTWONUWIPJSHA4TSOJXGU4TAMJUGU2DONBZGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=M2AFWxq8fWs1QCyO1OUy&refUrl=&type=zem&vid=69959927362899975901454749000V10&vsid=2899975901454749000V10
Request Chain 418
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2899975901454749000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=59125365-6b70-4daa-8987-45b896b15e4d&cs=1
Request Chain 420
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6e0633dc-a403-42d4-8fdd-03bcf8268488
Request Chain 421
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E HTTP 302
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2899975901454749000V10
Request Chain 424
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjg5OTk3NTkwMTQ1NDc0OTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB4pejAekEEt_MjVRbcwjVY&google_cver=1
Request Chain 425
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Drkt%26refUrl%3D%26vid%3D69959928482899975901454749000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2899975901454749000V10&type=rkt&refUrl=&vid=69959928482899975901454749000V10&ovsid=1791377137828703288
Request Chain 426
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fa7763bf-d917-451f-853b-cf8801daf3e6
Request Chain 427
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=medianet&bsw_user_id=82063e31-d895-4c78-815b-e5685b556304 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=59125365-6b70-4daa-8987-45b896b15e4d&ssp=medianet HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=82063e31-d895-4c78-815b-e5685b556304&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 429
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2899975901454749000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=59125365-6b70-4daa-8987-45b896b15e4d&cs=1
Request Chain 431
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6e0633dc-a403-42d4-8fdd-03bcf8268488
Request Chain 432
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E HTTP 302
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2899975901454749000V10
Request Chain 433
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dcon%26refUrl%3D%26vid%3D69959928482899975901454749000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=7f2e9b0ac968120d&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dcon%26refUrl%3D%26vid%3D69959928482899975901454749000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=con&refUrl=&vid=69959928482899975901454749000V10&ovsid=AAAGanE-nQtayANHnmXKAAAAAAA&expiration=1647082394&is_secure=true
Request Chain 434
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dmma%26refUrl%3D%26vid%3D69959928482899975901454749000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=mma&refUrl=&vid=69959928482899975901454749000V10&ovsid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Request Chain 435
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Ddxu%26refUrl%3D%26vid%3D69959928482899975901454749000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=dxu&refUrl=&vid=69959928482899975901454749000V10&ovsid=WmVnYQcI1NsCTu5
Request Chain 436
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dzem%26refUrl%3D%26vid%3D69959928482899975901454749000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=M2AFWxq8fWs1QCyO1OUy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKNGJAUMV3YOE4GMV3TGFIUG6KPGFHVK6JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3DSOJVHE4TEOBUHAZDQOJZHE3TKOJQGE2DKNBXGQ4TAMBQKYYTAJTWONUWIPJSHA4TSOJXGU4TAMJUGU2DONBZGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKNGJAUMV3YOE4GMV3TGFIUG6KPGFHVK6JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3DSOJVHE4TEOBUHAZDQOJZHE3TKOJQGE2DKNBXGQ4TAMBQKYYTAJTWONUWIPJSHA4TSOJXGU4TAMJUGU2DONBZGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=M2AFWxq8fWs1QCyO1OUy&refUrl=&type=zem&vid=69959928482899975901454749000V10&vsid=2899975901454749000V10
Request Chain 439
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjg5OTk3NTkwMTQ1NDc0OTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB4pejAekEEt_MjVRbcwjVY&google_cver=1
Request Chain 440
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Drkt%26refUrl%3D%26vid%3D69959930072899975901454749000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=2899975901454749000V10&type=rkt&refUrl=&vid=69959930072899975901454749000V10&ovsid=1791377137828703288
Request Chain 441
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fa7763bf-d917-451f-853b-cf8801daf3e6
Request Chain 442
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=82063e31-d895-4c78-815b-e5685b556304&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10601403155718488451&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5&ssp=medianet&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=163850804087006939230&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10601403155718488451&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
Request Chain 444
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2899975901454749000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=59125365-6b70-4daa-8987-45b896b15e4d&cs=1
Request Chain 446
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1 HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6e0633dc-a403-42d4-8fdd-03bcf8268488
Request Chain 447
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E HTTP 302
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2899975901454749000V10
Request Chain 448
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dcon%26refUrl%3D%26vid%3D69959930072899975901454749000V10%26ovsid%3D%24UID HTTP 302
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=5632becb0ad5120e&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dcon%26refUrl%3D%26vid%3D69959930072899975901454749000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=con&refUrl=&vid=69959930072899975901454749000V10&ovsid=AAAGaswxrVgJGwM8nBtoAAAAAAA&expiration=1647082394&is_secure=true
Request Chain 449
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dmma%26refUrl%3D%26vid%3D69959930072899975901454749000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=mma&refUrl=&vid=69959930072899975901454749000V10&ovsid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Request Chain 450
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Ddxu%26refUrl%3D%26vid%3D69959930072899975901454749000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=dxu&refUrl=&vid=69959930072899975901454749000V10&ovsid=WmVnYQcI1NsCTu5
Request Chain 451
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dzem%26refUrl%3D%26vid%3D69959930072899975901454749000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=M2AFWxq8fWs1QCyO1OUy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKNGJAUMV3YOE4GMV3TGFIUG6KPGFHVK6JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3DSOJVHE4TGMBQG4ZDQOJZHE3TKOJQGE2DKNBXGQ4TAMBQKYYTAJTWONUWIPJSHA4TSOJXGU4TAMJUGU2DONBZGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKNGJAUMV3YOE4GMV3TGFIUG6KPGFHVK6JGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3DSOJVHE4TGMBQG4ZDQOJZHE3TKOJQGE2DKNBXGQ4TAMBQKYYTAJTWONUWIPJSHA4TSOJXGU4TAMJUGU2DONBZGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=M2AFWxq8fWs1QCyO1OUy&refUrl=&type=zem&vid=69959930072899975901454749000V10&vsid=2899975901454749000V10
Request Chain 462
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6e0633dc-a403-42d4-8fdd-03bcf8268488&expiration=1649587993&gdpr=0&gdpr_consent=
Request Chain 463
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YisqEwvGNa5jhI2NpW1I0QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEK1lANW2foKcTnOMEJh9gU0&google_cver=1
Request Chain 464
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMtJMIuJ65AnkBkkDRnsnaw&google_cver=1
Request Chain 466
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB
Request Chain 467
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YisqEwvGNa5jhI2NpW1I0QAA HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=131&cm_user_id=YisqEwvGNa5jhI2NpW1I0QAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662291208079361
Request Chain 468
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Request Chain 469
  • https://d.adroll.com/cm/index/ssp HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Request Chain 474
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=86be2455-0142-427e-89ea-b315f9cc2563 HTTP 303
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=86be2455-0142-427e-89ea-b315f9cc2563&_li_chk=true&previous_uuid=5ffee8427fab447d985e82044640f2ab HTTP 303
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=86be2455-0142-427e-89ea-b315f9cc2563&previous_uuid=5ea95301c2bd41ddb3aba565db08b0d0 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/http://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!{TURN_UUID} HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3480839182339453453 HTTP 303
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F53233%2F0%2F0da6eaa82d2e44738c0a5b0503cfcb5c%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&5ffee842-7fab-447d-985e-82044640f2ab HTTP 302
  • https://i.liadm.com/s/e/53233/0/0da6eaa82d2e44738c0a5b0503cfcb5c?mpid=7156&muid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Request Chain 476
  • https://rtb.openx.net/sync/dds HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=WV5y7Z8ewSEtGAOkoEPeNg==&ox_sc=1&ox_init=1 HTTP 302
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Request Chain 477
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Request Chain 478
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID} HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=738e2803-a129-11ec-a977-0544ef27bb02
Request Chain 480
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK1lANW2foKcTnOMEJh9gU0&google_cver=1
Request Chain 481
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YisqEwvGNa5jhI2NpW1I0QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK1lANW2foKcTnOMEJh9gU0&google_cver=1
Request Chain 482
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENHgmVQs1nI37tKM7D4LCR4&google_cver=1
Request Chain 483
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM4MDc2NDQ2NjcwMTQ4NjYzNw%3D%3D
Request Chain 484
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=TzgyMHZncHllQ1B6ZHRUZzJxVElIQQ&gdpr=0&gdpr_consent= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEH1ioGvot0rjvbXHYIxnCLw&google_cver=1
Request Chain 485
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid= HTTP 302
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=da273c09c101210&is_secure=true&networkId=14200&version=1&nuid= HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAGabtYezLYaQMDhsA2AAAAAAA&expiration=1647082394&nuid=&is_secure=true
Request Chain 486
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent= HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341%26partner_url%3Dhttps%253A%252F%252Fbh.contextweb.com%252Fbh%252Frtset%253Fdo%253Dadd%2526pid%253D543793%2526ev%253D5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341%2526gdpr_in_effect%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid%3D543793%26ev%3D5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341%26gdpr_in_effect%3D0%26gdpr_consent%3D HTTP 302
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341&gdpr_in_effect=0&gdpr_consent=
Request Chain 492
  • https://idsync.rlcdn.com/365868.gif?partner_uid=68547252942253779170798061318171033219 HTTP 307
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=ada7b65a27ea464647c99bc27ba059a29e62f0756bade7a40c8c6c1b95f73c4db0da87c991749652
Request Chain 503
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=7380764466701486637
Request Chain 508
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6e0633dc-a403-42d4-8fdd-03bcf8268488&gdpr=0&gdpr_consent=&expires=30
Request Chain 509
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/LeQDokTvBecDWTwV5HXYdcn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6498286330912587107
Request Chain 511
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0MAVUNK-24-AM7U&us_privacy=1---
Request Chain 512
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vdB8myR-TX2mpJ9kIcXqXw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vdB8myR-TX2mpJ9kIcXqXw
Request Chain 513
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMV5qaK-tcD_G2yLOu6cyc0&google_cver=1
Request Chain 514
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBNQVZVTkstMjQtQU03VQ==&us_privacy=1---
Request Chain 527
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7380764466701486637
Request Chain 529
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3480839182339453453
Request Chain 530
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHhLk7EVlQAACvQi0gD4w&expiration=1648205596
Request Chain 531
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=88A43826E64D4192B957B7C4E6FE616D
Request Chain 532
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030002_622b2a1c52878&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_622b2a1c582d2
Request Chain 533
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB
Request Chain 536
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7380764466701486637
Request Chain 537
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADDLE7EVlQAACtnjd2l6Q&expiration=1648205596
Request Chain 538
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3480839182339453453
Request Chain 539
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMtJMIuJ65AnkBkkDRnsnaw&google_cver=1
Request Chain 540
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377137828703288
Request Chain 542
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030001_622b2a1c582d2&knw=0 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_622b2a1c582d2
Request Chain 544
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YisqEAAAAByHOAQr
Request Chain 545
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=18bb3545107b120f&is_secure=true&networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGahZLjM3jAAMHSkHTAAAAAAA&expiration=1647082396&is_secure=true
Request Chain 546
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=88A43826E64D4192B957B7C4E6FE616D
Request Chain 547
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3647879326392102687&expiration=1648205596
Request Chain 548
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030001_622b2a1c582d2&knw=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_622b2a1c582d2
Request Chain 549
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377137828703288
Request Chain 550
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-be6ce8a0-7d69-40ce-a8e6-a9c55b12db41
Request Chain 551
  • https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YisqEwvGNa5jhI2NpW1I0QAA%26992&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YisqEwvGNa5jhI2NpW1I0QAA%26992&gdpr=&gdpr_consent=&us_privacy=&ct=y
Request Chain 554
  • https://token.rubiconproject.com/token?pid=6404&puid=68547252942253779170798061318171033219&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=L0MAVUNK-24-AM7U?gdpr=0
Request Chain 557
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 571
  • https://ssp.behave.com/push_sync HTTP 302
  • https://ssp.behave.com/ul_cb/push_sync HTTP 302
  • https://x.bidswitch.net/sync?ssp=bouncex HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=82063e31-d895-4c78-815b-e5685b556304&ssp=bouncex&gdpr=&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10601403155718488451&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dbouncex%26gdpr_consent%3D%26gdpr%3D HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5&ssp=bouncex&gdpr_consent=&gdpr= HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=163850804087006939230&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10601403155718488451&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Request Chain 576
  • https://x.dlx.addthis.com/e/demdex_sync?na_exid=68547252942253779170798061318171033219&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20 HTTP 301
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022031110531600094704083240
Request Chain 580
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=68547252942253779170798061318171033219 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5
Request Chain 587
  • https://dp2.33across.com/ps/?pid=897&random=1622186278 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=601&dpuuid=211622110763255&random=1646995997
Request Chain 596
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOYlwd8UZdpOkF0MReGLMDo&google_cver=1&google_push=AYg5qPItbd_7ABphX9eMGsTAVPLFbnnafB-JpZKReLVauNINmMOLoaEpM6YxIomrxZfp0K9thHbYALY2ujV5KtQSdQjMYErr9nEwpQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmUwNjMzZGMtYTQwMy00MmQ0LThmZGQtMDNiY2Y4MjY4NDg4&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6e0633dc-a403-42d4-8fdd-03bcf8268488
Request Chain 598
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEjEwtEr9guHZMOcr6TIBac&google_cver=1&google_push=AYg5qPK-pxPMUjzXfYEkrHb3HJ7QFcimWb_s-mipXrDmP7Wn8-_iSiqzfoX4k8xp3m756bG3zcvMh5S0AISEvr2WsdKivztrjcWAlw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK-pxPMUjzXfYEkrHb3HJ7QFcimWb_s-mipXrDmP7Wn8-_iSiqzfoX4k8xp3m756bG3zcvMh5S0AISEvr2WsdKivztrjcWAlw&google_hm=NjQ5ODI4NjMzMDkxMjU4NzEwNw%3D%3D
Request Chain 599
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPYpuGWVR-FHkx3LkNCUt5s&google_cver=1&google_push=AYg5qPK5dzVRj7-WVgu9aS2F1-jAm6H8-wuC3yVTbU7u9MsP7TtwqAz1aD7JPpa0QtG6ZR5kV1Wr-g-DeVez7K6VFGWI0dwkBqEytQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK5dzVRj7-WVgu9aS2F1-jAm6H8-wuC3yVTbU7u9MsP7TtwqAz1aD7JPpa0QtG6ZR5kV1Wr-g-DeVez7K6VFGWI0dwkBqEytQ
Request Chain 600
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMuWeRDZS_W19xjsX5T8Bec&google_cver=1&google_push=AYg5qPIwfFTtz5dvYG3vnJGMmdPftnhp8opSQ00cEIq55u8BWEMFF8h_yxQO2Aa3Yo1BOHK1mYetk9zgzLmLB4Tleq1VWVpoyC73KA HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIwfFTtz5dvYG3vnJGMmdPftnhp8opSQ00cEIq55u8BWEMFF8h_yxQO2Aa3Yo1BOHK1mYetk9zgzLmLB4Tleq1VWVpoyC73KA%26google_hm%3DBTLtXvscLUT2sUhnEIyeAEQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIwfFTtz5dvYG3vnJGMmdPftnhp8opSQ00cEIq55u8BWEMFF8h_yxQO2Aa3Yo1BOHK1mYetk9zgzLmLB4Tleq1VWVpoyC73KA&google_hm=BTLtXvscLUT2sUhnEIyeAEQ
Request Chain 601
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEJvDT2WpxGTmpGbjYJvpnIs&google_cver=1&google_push=AYg5qPLx9G3cO5Jt3oiDPuaWB1D2yq8B9nNvhisHBsPwPhM4ELoznn49NBMfaCleIosjjT1w4UZABmkMY-3jiaoWnlUfVwOdGZa93w HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEJvDT2WpxGTmpGbjYJvpnIs%26google_cver%3D1%26google_push%3DAYg5qPLx9G3cO5Jt3oiDPuaWB1D2yq8B9nNvhisHBsPwPhM4ELoznn49NBMfaCleIosjjT1w4UZABmkMY-3jiaoWnlUfVwOdGZa93w HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A4427270609957140250&exchange=193&google_gid=CAESEJvDT2WpxGTmpGbjYJvpnIs&google_cver=1&google_push=AYg5qPLx9G3cO5Jt3oiDPuaWB1D2yq8B9nNvhisHBsPwPhM4ELoznn49NBMfaCleIosjjT1w4UZABmkMY-3jiaoWnlUfVwOdGZa93w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQ0MjcyNzA2MDk5NTcxNDAyNTA&google_push=AYg5qPLx9G3cO5Jt3oiDPuaWB1D2yq8B9nNvhisHBsPwPhM4ELoznn49NBMfaCleIosjjT1w4UZABmkMY-3jiaoWnlUfVwOdGZa93w
Request Chain 606
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Njg1NDcyNTI5NDIyNTM3NzkxNzA3OTgwNjEzMTgxNzEwMzMyMTk= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJzwkfqLTZpIVYqmHi9qx30&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 613
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=68547252942253779170798061318171033219 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=992&dpuuid=1tfnqezd9oppq
Request Chain 626
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YisqEAAAAByHOAQr&gdpr=0&gdpr_consent=
Request Chain 627
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4f1b622b-2a11-4300-89bc-81aa7c7a5721&gdpr=0&gdpr_consent=
Request Chain 628
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFERExFN0VWbFFBQUN0bmpkMmw2UQ&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADDLE7EVlQAACtnjd2l6Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADDLE7EVlQAACtnjd2l6Q&pid=558502&do=add HTTP 303
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADDLE7EVlQAACtnjd2l6Q&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsyn%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 307
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADDLE7EVlQAACtnjd2l6Q
Request Chain 629
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 630
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_d8ea72eaab5e46e287f5a
Request Chain 631
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T4MRBqprSD9zkcsEDgDw1ZU4mbM
Request Chain 632
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=763c50f8-a129-11ec-ba1d-13cc640753b5
Request Chain 633
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=5dd9b3c4-2b86-4156-8d0e-df02802af0ce&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=${PUBMATIC_UID} HTTP 302
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=8763B6A3-D1B4-4E71-AF29-58D268671E50
Request Chain 635
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:WmVnYQcI1NsCTu5&gdpr=0&gdpr_consent=
Request Chain 636
  • https://ums.acuityplatform.com/tum?umid=6 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=654219918252
Request Chain 637
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005&rndcb=7698552522 HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=82063e31-d895-4c78-815b-e5685b556304 HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=82063e31-d895-4c78-815b-e5685b556304 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=66501900-d67a-40b1-a924-cf3f6bdd21a4&ssp=adconductor&expires=30&user_group=5&bsw_param=82063e31-d895-4c78-815b-e5685b556304 HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/82063e31-d895-4c78-815b-e5685b556304?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005
Request Chain 638
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D HTTP 302
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID HTTP 302
  • https://match.bnmla.com/usersync?dspid=6&uuid=88A43826E64D4192B957B7C4E6FE616D HTTP 302
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D HTTP 307
  • https://match.bnmla.com/usersync?dspid=170&uuid=494D3CE41C99400BA621FD0E3E02E377 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=4b015e21-91d7-4216-ac8f-018a39260d41
Request Chain 639
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6ca62cbf-06fe-4d09-904c-455965eae6d8
Request Chain 640
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7002823991353312790&uid=Q7002823991353312790&ref=%2Fepm HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7002823991353312790
Request Chain 641
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HzIO2IQ6BCiPRPFEHyorYg
Request Chain 642
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e608c96d-793e-4b06-b808-da3dae17fadc-tuct924af9f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 643
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=h2O2o9G0TnGvKVjSaGceUA%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 644
  • https://idsync.rlcdn.com/420486.gif?partner_uid=8763B6A3-D1B4-4E71-AF29-58D268671E50 HTTP 307
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1 HTTP 302
  • https://idsync.rlcdn.com/362588.gif?partner_uid=6e0633dc-a403-42d4-8fdd-03bcf8268488
Request Chain 645
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Request Chain 646
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3480839182339453453&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 647
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6e0633dc-a403-42d4-8fdd-03bcf8268488
Request Chain 649
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8763B6A3-D1B4-4E71-AF29-58D268671E50&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZHdA.elE2uXkfgwB44kZ4r4b6EBH9t4-~A&gdpr=0&gdpr_consent=
Request Chain 650
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7380764466701486637&gdpr=0&gdpr_consent=
Request Chain 651
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8763B6A3-D1B4-4E71-AF29-58D268671E50&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6a7beb961a97120d&is_secure=true&networkId=17100&version=1&nuid=8763B6A3-D1B4-4E71-AF29-58D268671E50&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGaswxrVgJdAN9ySjpAAAAAAA&expiration=1647082399&nuid=8763B6A3-D1B4-4E71-AF29-58D268671E50&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 652
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=738e2803-a129-11ec-a977-0544ef27bb02&gdpr=0&gdpr_consent=
Request Chain 653
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UpEFzlbCBp5JxQScXZYalVGQDp1JmwOYB5TTwl7K
Request Chain 655
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=82063e31-d895-4c78-815b-e5685b556304&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10601403155718488451&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5&ssp=pubmatic&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=163850804087006939230&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10601403155718488451&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
Request Chain 656
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341&gdpr=0&gdpr_consent=
Request Chain 657
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D531_EC8FEA92_AA647E30&r=https://pmp.mxptint.net/sn.ashx?ak=1 HTTP 302
  • https://pmp.mxptint.net/sn.ashx?ak=1
Request Chain 658
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3647879326392102687
Request Chain 660
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=xuBtJ8KzbnfdtGx1yedyfMXhZnTd6mtxk-X9jov5
Request Chain 668
  • https://tag.yieldoptimizer.com/ps/analytics?pxid=113314& HTTP 302
  • https://tag.yieldoptimizer.com/ps/analytics?tc=398643996&pxid=113314&
Request Chain 681
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2026732888443
Request Chain 685
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=68547252942253779170798061318171033219 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=-5317812257848865376
Request Chain 690
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=684&partner_device_id=3480839182339453453&partner_url=https%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzI3MDg5NDgx%2Fmpuid%2F%24%7BTA_DEVICE_ID%7D HTTP 302
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Df8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5%252Chttps%253A%252F%252Fd.turn.com%252Fr%252Fdu%252Fid%252FL2NzaWQvMS9tcGlkLzI3MDg5NDgx%252Fmpuid%252Ff8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7380764466701486637&pt=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5%2Chttps%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzI3MDg5NDgx%2Fmpuid%2Ff8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI3MDg5NDgx/mpuid/f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5
Request Chain 692
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=turn&id=3480839182339453453 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=turn&id=3480839182339453453&s_h=1 HTTP 302
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=6ba837dd-3fe8-4e92-8c05-f4d09f0592b4&rn=TIMESTAMP&cs_xs=2189&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1701 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1701 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/6ba837dd-3fe8-4e92-8c05-f4d09f0592b4/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1702%2F HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1702%2F HTTP 302
  • https://dmp.truoptik.com/8bf33fe57526aec8/sync.gif?fck=6ba837dd-3fe8-4e92-8c05-f4d09f0592b4&dpid=1703&cbk=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?to_cookie=a468c49a3ea2042c955cf271e61d9a45&dpid=1703&fck=6ba837dd-3fe8-4e92-8c05-f4d09f0592b4 HTTP 302
  • https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc1MDIxMzYvdC8y/kv/ID=6ba837dd-3fe8-4e92-8c05-f4d09f0592b4/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1704 HTTP 302
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1704 HTTP 302
  • https://tags.bluekai.com/site/5379?id=6ba837dd-3fe8-4e92-8c05-f4d09f0592b4&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1705 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1705 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=281&buid=6ba837dd-3fe8-4e92-8c05-f4d09f0592b4&j=0
Request Chain 697
  • https://sync.1rx.io/usersync/turn/3480839182339453453?dspret=1&redir=https%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzg1MjQ2ODY4%2Fmpuid%2F%5BRX_UUID%5D&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005?redir=https%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzg1MjQ2ODY4%2Fmpuid%2FRX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005 HTTP 302
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005
Request Chain 698
  • https://x.bidswitch.net/sync?dsp_id=302&user_id=3480839182339453453&expires=7&gdpr=0&gdpr_consent= HTTP 302
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=82063e31-d895-4c78-815b-e5685b556304&seat_user_id=&seat_key=%20%20&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy=
Request Chain 699
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ4MDgzOTE4MjMzOTQ1MzQ1Mw==&gdpr=0&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEPC21XjRu7vszdRJYQkyxXE&google_cver=1
Request Chain 705
  • https://fei.pro-market.net/engine?du=85&mimetype=img&csync=3480839182339453453 HTTP 302
  • https://fei.pro-market.net/engine?du=85&mimetype=img&csync=3480839182339453453&sr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NDAxNjkxODcyMDAxNzk0MzkzNA== HTTP 302
  • https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEISqXIC2ww_codZj606Hk8g&google_cver=1
Request Chain 708
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E HTTP 302
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2899975901454749000V10
Request Chain 710
  • https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID) HTTP 302
  • https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7002823991353312790P
Request Chain 713
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=68547252942253779170798061318171033219&rn=1646995983732&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D68547252942253779170798061318171033219 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=68547252942253779170798061318171033219
Request Chain 715
  • https://abp.mxptint.net/sn.ashx HTTP 302
  • https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1D531_EC8FEA92_AA647E30&redir=https://abp.mxptint.net/sn.ashx?ak=1
Request Chain 719
  • https://aorta.clickagy.com/pixel.gif?ch=124&cm=68547252942253779170798061318171033219&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:0a2f6a73e9e7ad5fda850f527272b637
Request Chain 738
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=68547252942253779170798061318171033219 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=66757?id=68547252942253779170798061318171033219&dpuuid=OtgMmMns
Request Chain 746
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=68547252942253779170798061318171033219?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=605c1349d50ebc618e582106d51c2c66
Request Chain 758
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlzcUVBQUFBQnlIT0FRcg==
Request Chain 760
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YisqEAAAAByHOAQr&expires=90
Request Chain 763
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YisqEAAAAByHOAQr
Request Chain 765
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YisqEAAAAByHOAQr
Request Chain 767
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YisqEAAAAByHOAQr
Request Chain 770
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YisqEAAAAByHOAQr
Request Chain 773
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YisqEAAAAByHOAQr&img=1
Request Chain 776
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YisqEAAAAByHOAQr&t=2592000&o=0
Request Chain 780
  • https://pixel.onaudience.com/?partner=130&mapped=68547252942253779170798061318171033219&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m HTTP 302
  • https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
Request Chain 781
  • https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=68547252942253779170798061318171033219 HTTP 302
  • https://ib.mookie1.com/image.sbix?go=244346&pid=268&xid=68547252942253779170798061318171033219 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=285689&dpuuid=68547252942253779170798061318171033219&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D HTTP 302
  • https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=68547252942253779170798061318171033219 HTTP 302
  • https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=68547252942253779170798061318171033219
Request Chain 785
  • https://sb.scorecardresearch.com/c2/6035094/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js

790 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/ 		46 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.14.94.35 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-14-94-35.us-east-2.compute.amazonaws.com
Software
nginx/1.17.10 / PHP/7.3.33
Resource Hash
67b829bf42594362b988e1a795c40661f5fc51509c0509545c3779e867187ab9
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

date
Fri, 11 Mar 2022 10:53:00 GMT
content-type
text/html; charset=UTF-8
server
nginx/1.17.10
x-powered-by
PHP/7.3.33
link
<https://arstechnica.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
content-encoding
gzip
main-c3a3431538.css
cdn.arstechnica.net/wp-content/themes/ars/assets/css/ 		336 KB
71 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
5c5dcbdd805b4603a4ac478d0e3966033767767309ac8eb2ddb6a1aea68ad2c7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:00 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:dA.waw1:co:1646256689:cacheN.waw1-01:D
content-length
71971
x-cf-tsc
1646991807
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
W/"62222aa5-53f36"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
562209
accept-ranges
bytes
x-cf-rand
77.716
expires
Fri, 06 May 2022 10:53:00 GMT
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
de46b77a5b05ab09a32c1999473923ea2b42c8c1489a4a1fb15d551a45366df3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 11 Mar 2022 10:53:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
tIKwvumWYF6u8xFeFGeRKQ==
age
6430
vary
Accept-Encoding
content-length
6486
x-ms-lease-status
unlocked
last-modified
Thu, 10 Mar 2022 07:20:50 GMT
server
cloudflare
etag
0x8DA0266815404F9
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3c087a34-401e-017c-3a68-340386000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6ea3be6f0f707151-YUL
otCCPAiab.js
cdn.cookielaw.org/opt-out/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 11 Mar 2022 10:53:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
ERttG9+iQk1LCPjR495NRw==
age
6103
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Tue, 22 Feb 2022 22:01:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fdfee482-401e-011a-4343-28b1dc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6ea3be6f0f717151-YUL
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81478a4736e344919fa3f2dac491477f645efcb779c4fdde0ec102d4e767200a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27710
x-xss-protection
0
server
sffe
etag
"1155 / 823 of 1000 / last-modified: 1646953640"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 11 Mar 2022 10:53:01 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
43935402f95c6e02452551eed170ad4ce21cd71f18dedc5efddd21ed1deca984

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
pTlyRDLTaTqcCw0dmfP2epRqM.lhldzh
content-encoding
gzip
etag
0e4876665018a306b1c42fb415cdf907
age
108
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1F0ZP7J1GJBQWXSECSQM
date
Fri, 11 Mar 2022 10:51:45 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 b4396731a9663e6ea5f94926a9a70198.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
EWR52-C2
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
nP5PM5RphXxiMxCgd98aL8hruOLNCiwp-9jPW4q8qVjOkp36dl4cTw==
prebid.min.js
cdn.arstechnica.net/cns/ 		266 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
823fca52bee1d6cb234fc34a9868e7c748a8fa1cfd8352b71de25d301a494fcc

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:00 GMT
content-encoding
gzip
x-cf3
H
x-amz-request-id
W5HPHWSSKGR1XYKQ
x-cf1
14961:dA.waw1:co:1525808045:cacheN.waw1-01:D
x-cache-hits
1
content-length
80918
x-amz-id-2
j5mBsTUTtbHwIgHQ5vupkV9d4Eqy3aGlGb+lZeDXa6tzF8RBnibOvxk5/YyHIU6lEdMj1vsikP0=
x-cf-tsc
1646995872
cf4ttl
112.500
x-cf2
H
last-modified
Thu, 03 Feb 2022 22:10:26 GMT
server
CFS 0215
x-timer
S1646995679.610431,VS0,VE1
x-cff
B
etag
"9f420db69d6ebb6f044ea8f31e42e59e"
x-served-by
cache-iad-kjyo7100080-IAD
vary
Accept-Encoding
x-amz-version-id
Flqe0ArrBYIKAONOU_vyLxsHigpc_3Pc
access-control-allow-origin
*
cache-control
max-age=120
cf4age
202
accept-ranges
bytes
content-type
application/javascript
x-cf-rand
24.026
expires
Fri, 11 Mar 2022 10:55:00 GMT
183973-93942139695505.js
js-sec.indexww.com/ht/p/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:01 GMT
Content-Encoding
gzip
Last-Modified
Fri, 11 Mar 2022 10:51:32 GMT
Server
Apache
ETag
"da4b0b-ada8-5d9ef1d19006e"
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3521
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/javascript
Content-Length
14812
Expires
Fri, 11 Mar 2022 11:51:42 GMT
moatheader.js
z.moatads.com/condenastprebidheader987326845656/ 		213 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
28e332b169942af1515d3eb1c40391556421cd1a8c56f07481e4d43a8c7a015e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 17:15:41 GMT
server
AmazonS3
x-amz-request-id
AZVX9EXTWXM9SRNC
etag
"f5fe6918e03ccec082a97a5cd8890126"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=9509
accept-ranges
bytes
content-length
76039
x-amz-id-2
5zFQML4eaAS0m2LkyhlF6Hd3cWPn1KlPlE/QDJ9+o6X/kiErIRIB3nMup0vmTeiEUEOobzAso1c=
ars-technica.min.js
cdn.arstechnica.net/cns/ 		125 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1646995667
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
e762460a2a5cf7d02f2b1c248476357208d74703e55d95bc47398eca7d5b3c97

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:00 GMT
content-encoding
gzip
x-cf3
H
x-amz-request-id
PF0G7M1M8KCMHA9B
x-cf1
14961:dA.waw1:co:1525808045:cacheN.waw1-01:D
x-cache-hits
1
content-length
39413
x-amz-id-2
7VfLgGUnSgc90x6T+FUiJr9dTdm4T8Hox5n6ZW8D3AgCUAOzWB3BIsvwd0sJ/tq9GZXiymYUK50=
x-cf-tsc
1646995977
cf4ttl
114.500
x-cf2
H
last-modified
Thu, 10 Mar 2022 17:24:31 GMT
server
CFS 0215
x-timer
S1646995676.606209,VS0,VE1
x-cff
B
etag
"baf39266bb7c3d1b6b60851aca9b96c7"
x-served-by
cache-iad-kjyo7100174-IAD
vary
Accept-Encoding
x-amz-version-id
vVkJmQekR2f30IVm.rdl3nE7ixGUmhi_
access-control-allow-origin
*
cache-control
max-age=120
cf4age
308
accept-ranges
bytes
content-type
application/javascript
x-cf-rand
93.090
expires
Fri, 11 Mar 2022 10:55:00 GMT
ars-84a4ab0802.ads.us.js
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/ars-84a4ab0802.ads.us.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
16708dda2536b4b3782313db4a6ec8456cd84da7ae0f56d7d2455e68fc9bc4f0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:00 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:dA.waw1:co:1525808045:cacheN.waw1-01:D
content-length
1143
x-cf-tsc
1646984154
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
W/"62222aa5-bc0"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
569105
accept-ranges
bytes
x-cf-rand
39.644
expires
Fri, 06 May 2022 10:53:00 GMT
blurry-0s-and-1s-800x534.jpeg
cdn.arstechnica.net/wp-content/uploads/2022/03/ 		152 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2022/03/blurry-0s-and-1s-800x534.jpeg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
09bbc2707865aef8533be98d346f3c2a47eace7a5b5eed4dae492e6a1d5a0bad

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
x-cf3
H
x-amz-request-id
897Y3JT05V7CM23J
x-cf1
14961:dA.waw1:co:1525808045:cacheN.waw1-01:D
x-amz-replication-status
COMPLETED
content-length
155905
x-amz-id-2
ao89ydDO8eGUhbvvGA2lJ4QcRU23fdZVGwbqwedM7vIfL2UcIoj2QRAZrvLAaNxQDEJldHNTWWA=
x-cf-tsc
1646994856
cf4ttl
43200.000
x-cf2
H
last-modified
Thu, 10 Mar 2022 20:55:54 GMT
server
CFS 0215
x-cff
B
etag
"8fba969b0650aab05013136873beb727"
x-amz-version-id
P4j7gySlx9Y4cZkXV7frj13DEMJNfTJl
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
45070
accept-ranges
bytes
content-type
image/jpeg
x-cf-rand
29.660
expires
Fri, 06 May 2022 10:53:01 GMT
outbrain.js
widgets.outbrain.com/ 		197 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
454511b4e1f0636670156c9c7de2816701dc59fc9753504b1f87ec7fb7de576e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 13:04:55 GMT
etag
"15-6zi0k09kpC2EvfxsZ46rC0Ow/Sc"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
72844d4b2eea4592156a40f74e0ed427
timing-allow-origin
*, *
content-length
69347
main-7329c51a38.js
cdn.arstechnica.net/wp-content/themes/ars/assets/js/ 		650 KB
212 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-7329c51a38.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
d574ea3f744818bf42eb39c6ae49bebf0b7134e722d9dd9c3a2c500b79672cd9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
content-encoding
gzip
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:dA.waw1:co:1646256670:cacheN.waw1-01:D
content-length
216091
x-cf-tsc
1646991807
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
W/"62222aa5-a29cb"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
562213
accept-ranges
bytes
x-cf-rand
12.064
expires
Fri, 06 May 2022 10:53:01 GMT
arstechnica.js
player.cnevids.com/interlude/ 		107 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/interlude/arstechnica.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-58.ewr52.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
361b138d5ee8745e6d460be4dbb1c94e4bd4071bd5d224efdf11fab3ba11beaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:52:23 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Age
38
X-Cache
Hit from cloudfront
Status
200 OK
Connection
keep-alive
Content-Length
26910
X-XSS-Protection
1; mode=block
X-Request-Id
ec4bfe66-4ebe-4982-9bca-42def4e9da7a
X-Runtime
0.012118
X-Backend-Node
10.110.76.29
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
ETag
W/"47f0f5aaaa3cd3ef073662245de96ba0"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 49830f6fdfb2c3519e81248d6d19f450.cloudfront.net (CloudFront)
Cache-Control
max-age=0, private, must-revalidate
X-Amz-Cf-Pop
EWR52-C4
X-Amz-Cf-Id
mzVUv9gRRAAK43G2wE2yBmVQKczhTIq6tsQvfQ9TBZSXK8aD5ky37A==
conde-asa-polar-master.js
cdn.mediavoice.com/nativeads/script/condenastcorporate/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:da83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
content-encoding
gzip
cf-cache-status
HIT
age
19941
cf-ray
6ea3be742893715a-YUL
cf-ipcountry
CA
content-length
2018
via
1.1 varnish
last-modified
Fri, 11 Mar 2022 04:31:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
1422659970
x-country
CA
cache-control
max-age=21600
accept-ranges
bytes
content-type
text/javascript
100098X1555750.skimlinks.js
s.skimresources.com/js/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/100098X1555750.skimlinks.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c56bc3540bbe70b580833813772246a3da8ace048bcf982c5983330dcaca7a06

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
content-encoding
gzip
last-modified
Wed, 23 Feb 2022 11:45:14 GMT
server
AmazonS3
x-amz-request-id
D19SH0Y19QG9DK92
etag
"36b8621415f828c7754f4f8696f19fd0"
x-hw
1646995981.cds041.dc2.hn,1646995981.cds191.dc2.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
13721
x-amz-id-2
P+sbir39By9amGByV6b3MxOkE/qYkFQ547wWL5UX0bHanhnD6YIZOPDRY557FqX2PDc9NaYGn7Y=
gtm.js
www.googletagmanager.com/ 		450 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
012e9ca05924ae22684fd662f5b049846f53e0a9ecedc2c766e9fad39fbb1913
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124397
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 11 Mar 2022 10:53:01 GMT
b10882a1-8446-4e7d-bfb2-ce2c770ad910.json
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/b10882a1-8446-4e7d-bfb2-ce2c770ad910.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1feafaa9eaf1db06371a7897b4563c43a30d6b0de9912310c0b5bc5c4c1a593f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 11 Mar 2022 10:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
eUiaCaYyNGwv0JTfrZWTrA==
age
11663
vary
Accept-Encoding
content-length
1518
x-ms-lease-status
unlocked
last-modified
Fri, 04 Mar 2022 19:16:05 GMT
server
cloudflare
etag
0x8D9FE136E05F48A
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
27c23b83-a01e-001f-80fc-2f03f6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6ea3be734950ca53-YUL
expires
Fri, 11 Mar 2022 14:53:01 GMT
dnsfeed
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 		166 B
374 B 		Script
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a280e864b87587efb0dad5227e1e3c55a72cc15ad6f1aa76766bb6128118ccb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6ea3be741d43ca6f-YUL
condenast-amp
segment-data.zqtk.net/ 		51 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://segment-data.zqtk.net/condenast-amp?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1646995667
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.51.171 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-51-171.compute-1.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
cd216bc5cece19866e688ce56e5c5243f32241dfc9cd4045d393f4f111f9333e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:01 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
max-age=30
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
51
Expires
Fri, 11 Mar 2022 10:53:31 GMT
ads.js
arstechnica.com/hotzones/src/ 		0
494 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://arstechnica.com/hotzones/src/ads.js
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/ars-technica.min.js?v=1646995667
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.14.94.35 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-14-94-35.us-east-2.compute.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
x-content-type-options
nosniff
last-modified
Fri, 04 Mar 2022 15:01:00 GMT
server
nginx/1.17.10
etag
"622229ac-0"
x-frame-options
SAMEORIGIN
content-type
application/javascript
content-security-policy
default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
accept-ranges
bytes
content-length
0
x-xss-protection
1; mode=block
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 		157 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:b844 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74b1612d1cb16d432cfd6542a7efe8f9297f1197025e044b9e0d9fa8e54befab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept
application/json
Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
content-encoding
gzip
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-ray
6ea3be741cff713f-YUL
access-control-allow-headers
Content-Type
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		357 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
economica-bold-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-bold-otf-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:dA.waw1:co:1525808045:cacheN.waw1-01:D
content-length
25592
x-cf-tsc
1646986404
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-63f8"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
558293
accept-ranges
bytes
x-cf-rand
30.358
expires
Fri, 06 May 2022 10:53:01 GMT
economica-regular-otf-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/economica-regular-otf-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:dA.waw1:co:1525808045:cacheN.waw1-01:D
content-length
24264
x-cf-tsc
1646986404
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-5ec8"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
558293
accept-ranges
bytes
x-cf-rand
52.517
expires
Fri, 06 May 2022 10:53:01 GMT
bitter-italic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-italic-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:dA.waw1:co:1525808045:cacheN.waw1-01:D
content-length
24212
x-cf-tsc
1646986668
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-5e94"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
562034
accept-ranges
bytes
x-cf-rand
71.309
expires
Fri, 06 May 2022 10:53:01 GMT
bitter-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-regular-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:dA.waw1:co:1525808045:cacheN.waw1-01:D
content-length
22872
x-cf-tsc
1646986668
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-5958"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
562034
accept-ranges
bytes
x-cf-rand
16.424
expires
Fri, 06 May 2022 10:53:01 GMT
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.23.0/ 		312 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 11 Mar 2022 10:53:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
joMckLq8BtEunD8NH/4XVA==
age
12393924
vary
Accept-Encoding
content-length
76366
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:11:58 GMT
server
cloudflare
etag
0x8D96DBF6CBEE741
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
eebf80c7-601e-00e7-026c-c4c8eb000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6ea3be753b987151-YUL
video_groups
api.cnevids.com/v1/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cnevids.com/v1/video_groups?filters={%22channel_key%22:%22arstechnica%22}&pagesize=20&endpoint=oo.arstechnica
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-7329c51a38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.57.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-57-166.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
cb52c9b5c6b4f30eb9580d4414ecd97d408ffb0579fc9792f379da7e9e43221c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/*
Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:01 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Status
200 OK
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
658
X-XSS-Protection
1; mode=block
X-Request-Id
8b4d3eff-dc05-43b9-b40d-6be89ad05889
X-Runtime
0.001886
X-Backend-Node
10.110.14.81
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
X-Frame-Options
SAMEORIGIN
ETag
W/"c5ca44dbb4f8fd41bc9a885916c6cfe0"
X-Download-Options
noopen
Vary
Accept-Encoding, Origin
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
memo.js
cdn.memo.co/js/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.memo.co/js/memo.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-75.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3557e85820c5b6af8b1f10bbd07b503a8460232b8a7ba5d678c1b379b2dfb764

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
z9ABgFrjA._E2hI2fCDz0BILPiEANCh8
content-encoding
gzip
etag
W/"50238783324da6c24e044ccb9261f8e3"
last-modified
Wed, 06 May 2020 13:05:27 GMT
server
AmazonS3
x-amz-cf-pop
EWR52-C3
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 fd5bb5b63be18c34495bdbea44226476.cloudfront.net (CloudFront)
cache-control
no-cache
date
Fri, 11 Mar 2022 10:53:02 GMT
x-amz-cf-id
nAziOmKIl390NeqvgEY559kk3MfT6-Z8ymYPtBPsKJDvSXJKCJDVxw==
ars-technica.config.js
pixel.condenastdigital.com/config/v2/production/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.condenastdigital.com/config/v2/production/ars-technica.config.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86b1750ac3fa82df8295e51912887cc0f10833802b17dc1f76a31293f7ecf049

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:01 GMT
Content-Encoding
gzip
Age
564674
X-Cache
HIT, HIT, HIT
Connection
keep-alive
Content-Length
1280
x-amz-id-2
rqNN71fM9rNeCIAfUcVOdQPsV46N0ZZHXiA+i3xINWwfo8BaF/oNWQox5IO14VDhdnx42NqTrCE=
X-Served-By
cache-bwi5181-BWI, cache-iad-kcgs7200058-IAD, cache-yul12829-YUL
Access-Control-Allow-Origin
*
Last-Modified
Wed, 20 Oct 2021 17:32:47 GMT
Server
AmazonS3
X-Timer
S1646995982.853756,VS0,VE0
ETag
"eb5a28e1cf7fe168b5057e3c330a277e"
Vary
Accept-Encoding
x-amz-request-id
ZBK2RTVHEENMYM36
Via
1.1 varnish, 1.1 varnish, 1.1 varnish
Expires
Thu, 18 Nov 2021 21:26:02 GMT
Cache-Control
no-cache, public, max-age=604800
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
1, 4, 427
truncated
/ 		279 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		400 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		700 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
ransomware-screen-360x200.jpeg
cdn.arstechnica.net/wp-content/uploads/2021/07/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2021/07/ransomware-screen-360x200.jpeg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
3e3e6c14c037e02bcd7dadfcec6b9aa7a0b00f9a16f80d258cc1df4fa72af34a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
x-cf3
H
x-amz-request-id
9GYCVKDBF6PRNE5R
x-cf1
14961:dA.waw1:co:1525808045:cacheN.waw1-01:D
x-amz-replication-status
COMPLETED
content-length
27163
x-amz-id-2
YVqqpqkyypTwpG6xh5cGdX483rMp92G6BW7i+BIOhMqs/QNvIPCYRBmGbGjAYSGegIqScC6RgXQ=
x-cf-tsc
1646994856
cf4ttl
43200.000
x-cf2
H
last-modified
Tue, 06 Jul 2021 20:12:51 GMT
server
CFS 0215
x-cff
B
etag
"471167763cf1e14d70a8d6c8e7111d2b"
x-amz-version-id
eKWXu3lRwcWQDLWhmznVB7ZZLEncA3Jd
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
1303094
accept-ranges
bytes
content-type
image/jpeg
x-cf-rand
29.110
expires
Fri, 06 May 2022 10:53:01 GMT
truncated
/ 		841 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
Dang.jpg
cdn.arstechnica.net/wp-content/uploads/2018/10/ 		90 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/uploads/2018/10/Dang.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
x-cf3
H
x-amz-request-id
3E85P3PNY1KH0P9E
x-cf1
14961:dA.waw1:co:1525808045:cacheN.waw1-01:D
content-length
92486
x-amz-id-2
AU+tOPTPwa8yasuHz4fdvL0vFFb32gqNcYIVp/y9PvCcJOtjCijolyVg4Hd5VfMKxy8maBrtW7o=
x-cf-tsc
1646953457
cf4ttl
43200.000
x-cf2
H
last-modified
Sat, 21 Dec 2019 01:48:48 GMT
server
CFS 0215
x-cff
B
etag
"03e5fec9e7ca5f8064d945bd791bd4c3"
x-amz-version-id
null
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
609616
accept-ranges
bytes
content-type
image/jpeg
x-cf-rand
6.810
expires
Fri, 06 May 2022 10:53:01 GMT
channel-ars-be7bb52ba9.png
cdn.arstechnica.net/wp-content/themes/ars/assets/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/img/channel-ars-be7bb52ba9.png
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:dA.waw1:co:1525808045:cacheN.waw1-01:D
content-length
4809
x-cf-tsc
1646992740
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-12c9"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
562246
accept-ranges
bytes
x-cf-rand
95.787
expires
Fri, 06 May 2022 10:53:01 GMT
truncated
/ 		18 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
opensans-regular-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-regular-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:dA.waw1:co:1525808045:cacheN.waw1-01:D
content-length
18824
x-cf-tsc
1646986668
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-4988"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
563045
accept-ranges
bytes
x-cf-rand
98.235
expires
Fri, 06 May 2022 10:53:01 GMT
bitter-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/bitter-bold-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:dA.waw1:co:1525808045:cacheN.waw1-01:D
content-length
22104
x-cf-tsc
1646953829
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-5658"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
521683
accept-ranges
bytes
x-cf-rand
78.676
expires
Fri, 06 May 2022 10:53:01 GMT
opensans-semibold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibold-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:dA.waw1:co:1525808045:cacheN.waw1-01:D
content-length
18972
x-cf-tsc
1646989672
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-4a1c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
571963
accept-ranges
bytes
x-cf-rand
86.834
expires
Fri, 06 May 2022 10:53:01 GMT
opensans-bold-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-bold-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:dA.waw1:co:1525808045:cacheN.waw1-01:D
content-length
19516
x-cf-tsc
1646989672
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-4c3c"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
564585
accept-ranges
bytes
x-cf-rand
26.381
expires
Fri, 06 May 2022 10:53:01 GMT
opensans-semibolditalic-webfont.woff2
cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.arstechnica.net/wp-content/themes/ars/assets/fonts/opensans-semibolditalic-webfont.woff2
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 Leesburg, United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282

Request headers

Referer
https://cdn.arstechnica.net/wp-content/themes/ars/assets/css/main-c3a3431538.css
Origin
https://arstechnica.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:01 GMT
x-cf3
H
cf4ttl
43200.000
x-cf1
14961:dA.waw1:co:1525808045:cacheN.waw1-01:D
content-length
20872
x-cf-tsc
1646992891
x-cf2
H
last-modified
Fri, 04 Mar 2022 15:05:09 GMT
server
CFS 0215
x-cff
B
etag
"62222aa5-5188"
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=4838400
cf4age
564428
accept-ranges
bytes
x-cf-rand
74.757
expires
Fri, 06 May 2022 10:53:01 GMT
/
r.skimresources.com/api/ 		180 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
c0f89675b2d83804c5d54816d4b8f3343604261ab7a734fa895a9d0e103eb76f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 11 Mar 2022 10:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://arstechnica.com
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
robots.txt
t.skimresources.com/api/v2/ Frame D0DA 		0
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.00041571765848136266
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:02 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
clear
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=6.12670963742012
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:02 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=6.12670963742012
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:02 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
clear
content-length
43
content-type
image/gif
config
c.amazon-adsystem.com/cdn/prod/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3035&u=https%3A%2F%2Farstechnica.com
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 09:37:42 GMT
via
1.1 b4396731a9663e6ea5f94926a9a70198.cloudfront.net (CloudFront)
server
Server
age
4519
x-cache
Hit from cloudfront
access-control-allow-origin
https://arstechnica.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
4yDZwCjki47gYfiNXtJdwXTKMesO87w0hmxJEoNDXS4wagSAQnWtsw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 02:13:11 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
31192
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Wed, 02 Mar 2022 02:09:50 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
SUwxoOFVf.oGi397tNuwFzfmo0lFzuJd
via
1.1 edf41293681a3c1555cb4f36266904cc.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
EWR52-C2
content-type
application/javascript
x-amz-cf-id
Fa-hYfpmXrD-siaHOqEjREj40HFXxDtkF4gv6R0GDq0TIpZTJ_NAAQ==
YXJzdGVjaG5pY2EuY29t
tcheck.outbrainimg.com/tcheck/check/ 		16 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/YXJzdGVjaG5pY2EuY29t
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:02 GMT
ETag
W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=23241
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
c9df08486888808b1dae9346e0df7135
Content-Length
16
Expires
Fri, 11 Mar 2022 17:20:23 GMT
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=1.1745737276097274
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:02 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sun, 10 Apr 2022 10:53:02 GMT
pubads_impl_2022030901.js
securepubads.g.doubleclick.net/gpt/ 		358 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
sffe /
Resource Hash
eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 14:27:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
159962
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123713
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 09:34:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Mar 2023 14:27:00 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		154 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=arstechnica.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
9325e7ffee12aa958b1d3fa602493849cd5d088b0543960badbedb73a1c89640
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108
x-xss-protection
0
expires
Fri, 11 Mar 2022 10:53:02 GMT
recommendations
api.condenast.io/v1/ 		16 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.condenast.io/v1/recommendations?applicationID=cne-interlude-arstechnica&brand=arstechnica&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&filter%5Bstrategy%5D=POPULAR&filter%5BcontentType%5D=CNEVIDEO&filter%5Blanguage%5D=en-US&page%5Bsize%5D=5
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/interlude/arstechnica.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.128.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.15.8 /
Resource Hash
ae6be2e2763ad0bdc19adde03b9c11d49d8a0deda929db041d6d1457f3b264d6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:02 GMT
content-encoding
gzip
X-Backend
2SrKDXXFWNz87LdtRpzPzK--F_api_us_east_1_condenast_io
access-control-allow-origin
https://arstechnica.com
transfer-encoding
chunked
X-Cache
MISS
Connection
keep-alive
X-Served-By
cache-yul12827-YUL
Server
nginx/1.15.8
X-Timer
S1646995982.375544,VS0,VE98
Vary
origin,accept-encoding, Accept-Encoding, Origin
Content-Type
application/json;charset=utf-8
Via
1.1 varnish
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
private, max-age=0
access-control-allow-credentials
true
Accept-Ranges
bytes
X-Cache-Hits
0
plugin.js
plugin.mediavoice.com/ 		367 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://plugin.mediavoice.com/plugin.js
Requested by
Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:da83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79976aaa95264ee9d558115794253d31d5b0039a0b6c6214f27188f69af0fbd6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:02 GMT
content-encoding
gzip
cf-cache-status
HIT
age
20617
content-type
application/javascript
content-length
139683
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Thu, 24 Feb 2022 16:49:25 GMT
server
cloudflare
etag
W/"6217b715-5bd46"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
x-varnish
2249143266 2249083994
via
1.1 varnish
cache-control
max-age=43200
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
6ea3be79ccfd715a-YUL
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Fri, 11 Mar 2022 07:40:33 GMT
condenastcorporate
polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/ 		208 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://polarcdn-terrax.com/nativeads/v1.4.0/json/hostname/arstechnica.com/organization/condenastcorporate
Requested by
Host: cdn.mediavoice.com
URL: https://cdn.mediavoice.com/nativeads/script/condenastcorporate/conde-asa-polar-master.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4132 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8dc40a5096530714279199bd98ffbe44f3108bf9dd183ec74d85f69705d86e25

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:02 GMT
content-encoding
gzip
server
cloudflare
etag
W/"f3cb63b5151ee861d177a2136e7d9989"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Country, CF-Ray
cache-control
max-age=3600
x-country
CA
cf-ray
6ea3be7a09367156-YUL
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
546
date
Fri, 11 Mar 2022 10:43:56 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 11 Mar 2022 12:43:56 GMT
v2
z-na.associates-amazon.com/onetag/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.86.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-86-49.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
7475f5c70d3b6020b6f4621b2e69fba3360bea00a913e60b085af165b93842ec

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 11:46:00 GMT
content-encoding
gzip
accept-charset
UTF-8
server
Server
age
83222
x-amz-rid
6SQE2WYG4MD8J1XABDMK
vary
accept-encoding,Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
permissions-policy
interest-cohort=()
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
ZzcsAJbtQZOuWYFFjA4tY-GrHpGsLNcyFJ_oDH40V3C_T9GYHkV-rw==
via
1.1 caeaab1dec28e8247466740025a521a6.cloudfront.net (CloudFront)
v2
mb.moatads.com/yi/ 		427 B
602 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pcode=condenastprebidheader987326845656&rx=604451054343&callback=MoatNadoAllJsonpRequest_78832957
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/condenastprebidheader987326845656/moatheader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.223.55.244 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-223-55-244.us-east-2.compute.amazonaws.com
Software
TornadoServer/5.1.1 /
Resource Hash
0f8954ce595fcc5e030e44f8daea903da16781358fb95f97031a5e329d7bf762

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:02 GMT
cache-control
max-age=900
server
TornadoServer/5.1.1
timing-allow-origin
*
etag
"0b773fc75f6babac4b8991248cfe365d2a900808"
content-length
427
content-type
text/html; charset=UTF-8
page
t.skimresources.com/api/v2/ 		22 B
339 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:02 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
22
link
t.skimresources.com/api/v2/ 		22 B
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/link
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/100098X1555750.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:02 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://arstechnica.com
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
warning
299 - "Deprecated API"
alt-svc
clear
content-length
22
5b27ee7e8c1abc4e7900000f
api.cnevids.com/v1/video_groups/ 		104 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.cnevids.com/v1/video_groups/5b27ee7e8c1abc4e7900000f?endpoint=oo.arstechnica
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-7329c51a38.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.57.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-57-166.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
918effd8eebf1d220ca8a7b865ccabe852f4c849113f446b70ad2bc986412aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/*
Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Status
200 OK
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
17068
X-XSS-Protection
1; mode=block
X-Request-Id
ffb24cdf-5f64-4c9c-b42d-6d729202ee87
X-Runtime
0.005131
X-Backend-Node
10.110.126.149
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
X-Frame-Options
SAMEORIGIN
ETag
W/"af52597fea3afd343781c2186e988e68"
X-Download-Options
noopen
Vary
Accept-Encoding, Origin
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
en.json
cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/51981cec-32b8-4f64-b081-4fffb4af3c86/ 		108 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/b10882a1-8446-4e7d-bfb2-ce2c770ad910/51981cec-32b8-4f64-b081-4fffb4af3c86/en.json
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35aa6009a5e9c65ecc00c19fa23c0556808d65876fead02712c88a1d27f14c0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 11 Mar 2022 10:53:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
phMtcfZy+aGbXLJiH2KU8g==
age
11220
vary
Accept-Encoding
content-length
20862
x-ms-lease-status
unlocked
last-modified
Fri, 04 Mar 2022 19:16:22 GMT
server
cloudflare
etag
0x8D9FE137856FC41
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9491d60b-501e-0141-42fc-2fb6a0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=14400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
6ea3be7c8f0fca53-YUL
expires
Fri, 11 Mar 2022 14:53:02 GMT
sparrow.min.js
pixel.condenastdigital.com/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.condenastdigital.com/sparrow.min.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.239 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cff3ff7513a42187f914df965c0006c8756f549dc13ffb64540767042902a748

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:02 GMT
Content-Encoding
gzip
Age
106895
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
13370
x-amz-id-2
SENHVCtuomdm2Mm3mqd2d5TaZvXtN7y+tX3NqyQzcJZGMI1w5AhAFIHf5woKpMNeAi2X6kBHmcY=
X-Served-By
cache-bwi5179-BWI, cache-yul12829-YUL
Access-Control-Allow-Origin
*
Last-Modified
Mon, 18 Oct 2021 11:33:31 GMT
Server
AmazonS3
X-Timer
S1646995983.871968,VS0,VE0
ETag
"e6b88c6f7c41eb887a206c62c62867a9"
Vary
Accept-Encoding
x-amz-request-id
17RDPM5XDG8GCCK8
Via
1.1 varnish, 1.1 varnish
Expires
Wed, 20 Oct 2021 22:46:55 GMT
Cache-Control
no-cache, public, max-age=604800
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
2, 6555
60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady88856293
player.cnevids.com/script/video/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady88856293
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-7329c51a38.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-58.ewr52.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
bb9dfe37a84d25e47a931cdffe5d8c2a0d9c289ef11e0b269159ab39369dcb9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Amz-Cf-Pop
EWR52-C4
X-Cache
Miss from cloudfront
Status
200 OK
Connection
keep-alive
Content-Length
21571
X-XSS-Protection
1; mode=block
X-Request-Id
5973a4a8-4931-4f1b-a438-f1ef0a72f211
X-Runtime
0.004887
X-Backend-Node
10.110.13.158
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
ETag
W/"196f0805e671d18a8da20258b3095b51"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 49830f6fdfb2c3519e81248d6d19f450.cloudfront.net (CloudFront)
Cache-Control
max-age=0, private, must-revalidate
X-Amz-Cf-Id
UWz2Bv55Zr2F7g37BnBSNFiG8XLwZOg2emj-9F11XL-VNiBtHubvQg==
arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1621877260/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
0396be2ab58ec30babd0838d7e37d6407475d4361be85ee7451dbac9186add57
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 25b4c4372feadf7e1722c01c8c9eeea0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
138
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:02 GMT
Server-Timing
fastly;dur=3;cpu=0;start=2022-03-06T07:54:39.063Z;desc=hit,rtt;dur=1
Content-Length
11625
Last-Modified
Thu, 20 Jan 2022 21:51:37 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"0b80752552abdab1277829e7a4b2824a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
4eT35LupLhYsfxW_NLdY_85PS4wuMh2hfZe-x9Inqqn9zZU4SDSaog==
arstechnica_unsolved-mysteries-unsolved-mysteries-of-the-warhammer-40k-universe-answered-by-author-dan-abnett.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1620135390/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1620135390/arstechnica_unsolved-mysteries-unsolved-mysteries-of-the-warhammer-40k-universe-answered-by-author-dan-abnett.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
a2bd43c80adc73ae26472a90ec3bd9df44a5b7d2dafb133b8660efd800c719b1
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 f8d8b16a7820702de048e041a1ec7840.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
80
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:02 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-07T12:54:16.898Z;desc=hit,rtt;dur=5
Content-Length
14620
Last-Modified
Thu, 20 Jan 2022 21:51:38 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"7996e22c04be37a8677bb680607e6d12"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
OahI4S3cPUeFwEdZTam2qcDBL749HE4M6FCgjyy8oN69B4cmEMciUA==
arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1619531614/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1619531614/arstechnica_sitrep-f-16-replacement-search-a-signal-of-f-35-fail.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
85c33811c2b04e4e02babe2fd6bd7ac0035f93e95827116429bbda2cf9c6c95d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 1741dbec7ff4486be3ac109e403dff4e.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
1688636
X-Cache
Hit from cloudfront
Date
Sat, 19 Feb 2022 21:49:06 GMT
Server-Timing
fastly;dur=331;cpu=0;start=2022-01-20T21:49:05.240Z;desc=miss,rtt;dur=1,cloudinary;dur=316;start=2022-01-20T21:49:05.241Z,cld-id;desc=e74c86fa13592f608dd4e6384c2245e0
Content-Length
5242
X-Request-Id
e74c86fa13592f608dd4e6384c2245e0
Last-Modified
Thu, 20 Jan 2022 21:49:06 GMT
Server
Cloudinary
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"cfdeb1a825aca3ca1bf9ab3727325d27"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
GQmvcoPGZP11-gfFCoBSjKTQq-8qLMDtLiSUIWrWZV8EAA6F3lZ4Lg==
arstechnica_sitrep-boeing-707.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1615574323/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1615574323/arstechnica_sitrep-boeing-707.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
571479d52cd675db5573fe46973c62cba6d8224a76136fcefeb90f7dc42a6391
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 324ee7ffbffb0a0d21b807d0d4f50eb8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
1688636
X-Cache
Hit from cloudfront
Date
Sat, 19 Feb 2022 21:49:06 GMT
Server-Timing
fastly;dur=34;cpu=0;start=2022-01-20T21:49:05.252Z;desc=miss,rtt;dur=2,cloudinary;dur=21;start=2022-01-20T21:49:05.260Z
Content-Length
11899
Last-Modified
Thu, 20 Jan 2022 21:49:06 GMT
Server
Cloudinary
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"49fd6cf75b5acbe4ea95126496406585"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
EaaEWNyx0Ux3y9DZemFxLnx5bFfT_zkBEZF4WEFIAJi_qcuALsWArg==
arstechnica_steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1611089409/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1611089409/arstechnica_steve-from-gamers-nexus-reacts-to-their-top-1000-comments-on-youtube.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
06b33c040105224101afcdaacd82b6dfb3ea1bf9ef3d7478cf5fa163a0ad65e0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
100
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:02 GMT
Server-Timing
fastly;dur=8;cpu=0;start=2022-03-06T07:23:18.915Z;desc=hit,rtt;dur=2
Content-Length
16317
Last-Modified
Thu, 20 Jan 2022 21:49:06 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"4796345150de82db7572da4e13d5fbc1"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
I_pE-dFzDXiu52KncMzUvTEAboVvGN2UYoI1oL1oHBJ-j_8gEdGmmQ==
arstechnica_modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1607984287/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1607984287/arstechnica_modern-vintage-gamer-reacts-to-his-top-1000-comments-on-youtube.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
de5e37739b5797e8ba9dba4a2dcb65f37c36a65fe839cb306162e21c74ba166e
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 982cb64cb92f3401b208c338dbeb40ba.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
199
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:50:07 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-06T07:06:33.728Z;desc=hit,rtt;dur=3
Content-Length
14171
Last-Modified
Thu, 20 Jan 2022 21:51:37 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"7f2bf661d68cedfcf91542c6e1dab7c6"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
6G36EVcr3IueLjemZV-sWbdigv3GJ5UQRtJH3qq21ecJS9PsK6C0fA==
arstechnica_war-stories-gail-tilden.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603899385/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603899385/arstechnica_war-stories-gail-tilden.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
7d91c04c657709af03f6dad61d375c3208d18ab5ff7851c2472007dc05201342
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 324ee7ffbffb0a0d21b807d0d4f50eb8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
114
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-06T07:06:33.756Z;desc=hit,rtt;dur=1
Content-Length
15071
Last-Modified
Thu, 20 Jan 2022 21:51:38 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"1f4aa6187c59e6ed79d0c3a2a0bc19d9"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
axxKnMDtSh6VsHV__ffoUpGZPK8pEbnE3MST_GIzfS_efNuH5_x6rw==
arstechnica_personal-history-scott-manley.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603123470/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1603123470/arstechnica_personal-history-scott-manley.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
1f466b08649eef5ad16c20f6d7207bf8818cb107b6241950dbc568cdffc03d63
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 1741dbec7ff4486be3ac109e403dff4e.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
1688637
X-Cache
Hit from cloudfront
Date
Sat, 19 Feb 2022 21:49:06 GMT
Server-Timing
fastly;dur=508;cpu=0;start=2022-01-20T21:49:05.262Z;desc=miss,rtt;dur=1,cloudinary;dur=505;start=2022-01-20T21:49:05.264Z,cld-id;desc=4b3d9d33245e846ef559042acf0fadbb
Content-Length
14113
X-Request-Id
4b3d9d33245e846ef559042acf0fadbb
Last-Modified
Thu, 20 Jan 2022 21:49:06 GMT
Server
Cloudinary
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"963bf0b22c745f95a06f32ee1317b872"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
q9HQMTirlwfoki9Pzxs6YhT_IY4Qe2qjSe68efYl_u-_QfMi1xse7Q==
arstechnica_scare-tactics-thomas-grip.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1602524702/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1602524702/arstechnica_scare-tactics-thomas-grip.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
617e0f9fee7ef0ca891735246b4b5a61caa3622db4a4256685b061c9f43bd053
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 982cb64cb92f3401b208c338dbeb40ba.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
139
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-07T08:29:41.523Z;desc=hit,rtt;dur=6
Content-Length
15079
Last-Modified
Thu, 20 Jan 2022 21:51:38 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"d57f99149a48173e30de572cfa48ed93"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
mgKDPUaHYu47DQTWt-zJFNZnzANMi8p7GoGgHS6sA0FzC4uhsf8tyw==
arstechnica_personal-history-lgr.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1600711530/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1600711530/arstechnica_personal-history-lgr.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
29637e0647104ccc5d5583e652db29ce99e947c858c3d9502960e7ea7f1aea19
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 25b4c4372feadf7e1722c01c8c9eeea0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
154
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=0;start=2022-03-07T08:01:36.747Z;desc=hit,rtt;dur=3
Content-Length
14772
Last-Modified
Thu, 20 Jan 2022 21:49:06 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"4049b10cd3281951b01beb4f36134234"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
mhmVJHTNkZPab2e3kKbgPy7UbVgRZKmJjTEXKhmcT1CfphecMCVHsA==
arstechnica_the-f-35-s-next-tech-upgrade.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1598890591/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1598890591/arstechnica_the-f-35-s-next-tech-upgrade.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
3b0209841325362235c221628e471145726897e4e1c9b210b6e6b2217fdf2ee8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
1688637
X-Cache
Hit from cloudfront
Date
Sat, 19 Feb 2022 21:49:06 GMT
Server-Timing
fastly;dur=551;cpu=0;start=2022-01-20T21:49:05.441Z;desc=miss,rtt;dur=2,cloudinary;dur=549;start=2022-01-20T21:49:05.443Z,cld-id;desc=6eeee863c7080e4ec4fce63f7fb15009
Content-Length
3374
X-Request-Id
6eeee863c7080e4ec4fce63f7fb15009
Last-Modified
Thu, 20 Jan 2022 21:49:06 GMT
Server
Cloudinary
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"3f16924a1fdff64e971a0491115fc147"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
NEWjLxs42cnM71LHZrGpkJlkO63-XjtmHdBqEAGi1wyiyoheXJveeA==
arstechnica_war-stories-diablo.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1597686086/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1597686086/arstechnica_war-stories-diablo.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
aa3b9513abbbf65a2c8483122648fce1b39b1afa2a69bdf863242f1411baba58
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 f8d8b16a7820702de048e041a1ec7840.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
139
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-06T07:58:40.560Z;desc=hit,rtt;dur=1
Content-Length
14667
Last-Modified
Thu, 20 Jan 2022 21:51:39 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"d4de63ae8b9ef5b77ad58eaae97d7d02"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
DVA6o_AyzQPGU0NalKiF8YVkeGD26nKYlYhI_W-f8h-SoFM8t06Daw==
arstechnica_unsolved-mysteries-unsolved-mysteries-mortal-kombat.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1596476950/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1596476950/arstechnica_unsolved-mysteries-unsolved-mysteries-mortal-kombat.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
0b5c6a8d4a856db56da956eced8af9a5eb6e0a89dc67de5ffc4c83513472a3cc
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 1741dbec7ff4486be3ac109e403dff4e.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
13
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=5;cpu=0;start=2022-03-07T07:39:17.317Z;desc=hit,rtt;dur=1
Content-Length
11486
Last-Modified
Thu, 20 Jan 2022 21:51:38 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"7a8a596aae95c9a900261808554523e6"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
HAWPkWqlAPvjlDQ096E18Skxns8aGkzZnTd3roY1N6oPZhOuTf7L4w==
arstechnica_us-navy-gets-an-italian-accent.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1595427354/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1595427354/arstechnica_us-navy-gets-an-italian-accent.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
85db95dbe15c810a710ca6d9094a2a29f2eeea05791cc7aaab7af8939684b978
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 324ee7ffbffb0a0d21b807d0d4f50eb8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
1688476
X-Cache
Hit from cloudfront
Date
Sat, 19 Feb 2022 21:51:47 GMT
Server-Timing
fastly;dur=211;cpu=0;start=2022-01-20T21:51:47.274Z;desc=hit,rtt;dur=2
Content-Length
6124
X-Request-Id
a1f9177b77339756781d596195aa119d
Last-Modified
Thu, 20 Jan 2022 21:51:46 GMT
Server
Cloudinary
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"51113bf4443c0cf453d0e8bf60489ac7"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
pdYFegJ_EJJB-mv2XUPaWmLY2vBf_ZdSp-cO8odJIxhiQEUJomQPAw==
arstechnica_war-stories-war-stories-undone-w-slash-hisko-hulsing.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1594656439/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1594656439/arstechnica_war-stories-war-stories-undone-w-slash-hisko-hulsing.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
e74b9cb9d8871d300d2a1d36ce2cd00dfbfe0c5d8066d1d415c4ce620a919d47
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 982cb64cb92f3401b208c338dbeb40ba.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
200
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=0;start=2022-03-07T06:52:43.647Z;desc=hit,rtt;dur=1
Content-Length
10345
Last-Modified
Thu, 20 Jan 2022 21:52:15 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"60622b64688dbb49917234d4091856fb"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
YvotwvgqvZ5cNl5ZHHc51Fcg_f9Lei2Y4jIPL_XrLmUewR9Ly-_EhQ==
arstechnica_fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1593453234/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1593453234/arstechnica_fighter-pilot-breaks-down-every-button-in-an-f-15-cockpit.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
9431bc6d1a6d036a70c92dfc9000d7965f939671a59705bdd01c3e652048ed9a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
1688631
X-Cache
Hit from cloudfront
Date
Sat, 19 Feb 2022 21:49:12 GMT
Server-Timing
fastly;dur=2288;cpu=0;start=2022-01-20T21:49:05.847Z;desc=miss,rtt;dur=1,cloudinary;dur=2276;start=2022-01-20T21:49:05.849Z,cld-id;desc=6410d6e1f5d9b43f1ffd6f1591d4d668
Content-Length
15307
X-Request-Id
6410d6e1f5d9b43f1ffd6f1591d4d668
Last-Modified
Thu, 20 Jan 2022 21:49:07 GMT
Server
Cloudinary
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"324e15e8b7d3edd23ffbf5df0a1a9e77"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
BDtxwUQs0mYHWf30YNXdFhSbFDXJMYTDY46l0xo26EpAo-GSQ-m3Hw==
arstechnica_war-stories-war-stories-nba-jam.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1592315288/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1592315288/arstechnica_war-stories-war-stories-nba-jam.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
5be5b0170ad4bbd2be91182d137933e7de9c7e86b09ec855a4bac015ebfd746f
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 f8d8b16a7820702de048e041a1ec7840.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
237
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:50:07 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-06T07:41:40.330Z;desc=hit,rtt;dur=1
Content-Length
14149
Last-Modified
Thu, 20 Jan 2022 21:51:39 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"bd63326fa81d10df9e2da1245d3c122c"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
Fkb3iX4315QpGenD-PWjhMrcacDSQSlSMJ1fSrLixHkP7QT3oIA1uw==
arstechnica_linus-tech-tips-reacts-to-his-top-1000-youtube-comments.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1591804041/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1591804041/arstechnica_linus-tech-tips-reacts-to-his-top-1000-youtube-comments.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
e8830a414dfeb4c0e0f519d3419f69849df9226f329357c938333dbf2c956f63
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 324ee7ffbffb0a0d21b807d0d4f50eb8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
101
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=4;cpu=0;start=2022-03-09T23:10:34.599Z;desc=hit,rtt;dur=6
Content-Length
9054
Last-Modified
Thu, 20 Jan 2022 21:49:07 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"b17d3aab70cb56fbf2df892c8415ab16"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
cypA1_hTXcznt-DE_kH6O4XLLO8iQPLf4mRU_fK_o2pbTJgegoaxMg==
arstechnica_war-stories-how-alan-wake-was-rebuilt-3-years-into-development.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1589408118/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1589408118/arstechnica_war-stories-how-alan-wake-was-rebuilt-3-years-into-development.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
3f2cf5f857c617761a251ceef8f6ed452a7690e21f16eff0a70dddf9beea8633
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 1741dbec7ff4486be3ac109e403dff4e.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
13
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-08T06:30:07.698Z;desc=hit,rtt;dur=0
Content-Length
10817
Last-Modified
Thu, 20 Jan 2022 21:51:39 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"9417ada34c9b6b07ccd41a463b717969"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
_oH6uKGaYOhWpSBCE1MKXitgT3wzOcJ1Xu5o4UF9gudv4RsKoM0KOw==
arstechnica_war-stories-prince-of-persia.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1584454477/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1584454477/arstechnica_war-stories-prince-of-persia.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
56f8838a24cb0cc47dc34a19d6b84d6ce8bf8086b1682bbb990abc13b1e2da65
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 25b4c4372feadf7e1722c01c8c9eeea0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
139
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=0;start=2022-03-08T07:10:13.058Z;desc=hit,rtt;dur=1
Content-Length
15682
Last-Modified
Thu, 20 Jan 2022 21:51:39 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"e9cccef2a4a4cf217be0ba162f6b4296"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
SEqAawmGqK8p-mJVgVnkfAVbDNe3dLJXL4BwTHSvc5YTpJHhcmrj2A==
arstechnica_war-stories-how-crash-bandicoot-hacked-the-playstation-to-run.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582755533/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582755533/arstechnica_war-stories-how-crash-bandicoot-hacked-the-playstation-to-run.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
46a9ddb1f206a46900872e0a832750ae06925528f81883a3d3517fdb42aefb6d
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 f8d8b16a7820702de048e041a1ec7840.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
13
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-06T07:12:15.792Z;desc=hit,rtt;dur=1
Content-Length
17475
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"7588b83c6eb2a1165344abad7e12e715"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
8FdXnvKVWMhWCdLxmRqjfa6Qvv7rs6mhtjqttyHbadnrNvmgLFpvqw==
arstechnica_war-stories-myst.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1580223113/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1580223113/arstechnica_war-stories-myst.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
1bf55bc00dbf13180884211c3d301729e67b81f3456225c1fbf97d271d636509
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 982cb64cb92f3401b208c338dbeb40ba.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
237
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:50:07 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-06T14:34:48.227Z;desc=hit,rtt;dur=3
Content-Length
13522
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"ed8c6a9aa19e7d5c7aa46a3aead23a87"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
DhZdtXA4daL6PlvKHyxV09A678Ax_kXpPhbY75xg9uK2tKE0q46npw==
arstechnica_markiplier-reacts-to-his-top-1000-youtube-comments.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1579194313/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1579194313/arstechnica_markiplier-reacts-to-his-top-1000-youtube-comments.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
e336ff50623cff960c2396944be4392139f63dcc032e5f3428d81489fdfe697a
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
237
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:50:07 GMT
Server-Timing
fastly;dur=2;cpu=0;start=2022-03-06T14:34:48.302Z;desc=hit,rtt;dur=2
Content-Length
8832
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"2bad386c14ac040d530ceb2ae89c8bbb"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
QJ8i192SCpSiLwT8oX_6vzDn0sUDgB_ktxtLWaWAHiD74USSbyr0dQ==
arstechnica_war-stories-war-stories-oddworld.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582815531/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1582815531/arstechnica_war-stories-war-stories-oddworld.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
1097abb6f0992cccc79428374463e7f23b99dae5eb85d7317b20bd57c96031bb
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 324ee7ffbffb0a0d21b807d0d4f50eb8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
13
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=1;start=2022-03-07T07:30:22.155Z;desc=hit,rtt;dur=5
Content-Length
12614
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"4a7903cbe66890b5688d843661943ccd"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
vzS1j-_ONbUfmRtUX9E9ux6Lgh03t2oftxqoHRHHeMWRW0kgAgDX0g==
arstechnica_unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1573140819/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1573140819/arstechnica_unsolved-mysteries-bioware-answers-unsolved-mysteries-of-the-mass-effect-universe.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
de24551bd4396fc8579b2d87ce01944553dd48fb52775d14373725a50efa0c37
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 1741dbec7ff4486be3ac109e403dff4e.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
200
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-05T10:54:27.136Z;desc=hit,rtt;dur=5
Content-Length
11417
Last-Modified
Thu, 20 Jan 2022 21:52:15 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"3e8509d06c6610d54babcac0d91e5d93"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
1_uXbbHuYlfzweCbdySzJP-s97IoqQJ6k3Ne9ncWxwAzqdUU1Ze8MQ==
arstechnica_war-stories-civilization.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1569003425/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1569003425/arstechnica_war-stories-civilization.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
1c7dcc8216c6f82da2998ceeac2523632c7f9bffe510824b6d082621201f2012
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 982cb64cb92f3401b208c338dbeb40ba.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
139
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-08T07:11:20.884Z;desc=hit,rtt;dur=2
Content-Length
16236
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"72002610618f7bf8bf0e52c760e39897"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
PIcfDLfnxqRuHLfl8r4Rp9JaKXNIzxy-un-PGelnnG-ZJPEUdrQdjQ==
arstechnica_sitrep-dod-resets-ballistic-missile-interceptor-program.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1568662260/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1568662260/arstechnica_sitrep-dod-resets-ballistic-missile-interceptor-program.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
7fc88c65d46e83b3f3e9f098f05fd639480332fc3718cd714725e2e4633af4e8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 f8d8b16a7820702de048e041a1ec7840.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
1688476
X-Cache
Hit from cloudfront
Date
Sat, 19 Feb 2022 21:51:47 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-01-20T21:51:47.279Z;desc=hit,rtt;dur=2
Content-Length
10793
X-Request-Id
9a70e4b7efbe3aabc4057aeb339d0fb6
Last-Modified
Thu, 20 Jan 2022 21:51:46 GMT
Server
Cloudinary
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"0e1ff58ccf6d97759de3d774a7ff835a"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
Q1IrxKprsBqDGEkMQncv54fXEIw3Lh98b2Q8rwhbK8UcRc6EG5ztcA==
arstechnica_warframe-reviews.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1561556730/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1561556730/arstechnica_warframe-reviews.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
83a366075eb2387c6d9f848f42b08df0546027333eccf5813edf95ba45709be2
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
13
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=2;cpu=0;start=2022-03-07T08:56:29.226Z;desc=hit,rtt;dur=4
Content-Length
14837
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"1d90d6aef7585f963e1270a1a02a4dd4"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
tkAJfrsKbbtXh87eYRKHmvQX1nSkc3YBhkuLW-j7P6zQdyXr6x63Sw==
arstechnica_war-stories-subnautica.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559747425/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1559747425/arstechnica_war-stories-subnautica.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
20660a9ef7ec454c15b2dc62b3db084e0cc9f74c5bb6de71a96fb1a54aef00f8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 25b4c4372feadf7e1722c01c8c9eeea0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
13
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-06T07:33:17.321Z;desc=hit,rtt;dur=3
Content-Length
15222
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"8c45b6c645caba59f4b14d3fbdc09062"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
oCyYfu0XFT-bnconnO-0zu12kiHYobm9Vl8492qlilo32ZoINl_aEg==
arstechnica_war-stories-slay-the-spire-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556741487/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1556741487/arstechnica_war-stories-slay-the-spire-war-stories.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
f9d9e96c4439beeca49a1a10f9dffe6f5cd0b604d13aa13af170d0bc62d8ca1b
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 324ee7ffbffb0a0d21b807d0d4f50eb8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
139
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-06T07:06:34.396Z;desc=hit,rtt;dur=2
Content-Length
15634
Last-Modified
Thu, 20 Jan 2022 21:51:41 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"abee90e53f29ba0127fca9442ab50902"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
YlffnsZzeKcIyemtNtpkEjlSi80O-4vfg0upHBZp4WlE70RR-ZllaA==
arstechnica_war-stories-amnesia-the-dark-descent-the-horror-facade.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1555359865/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1555359865/arstechnica_war-stories-amnesia-the-dark-descent-the-horror-facade.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
1defb6bc54a7ee9c066136908360e8455c23ee9ad0dec9924e7255d7948cd4be
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 f8d8b16a7820702de048e041a1ec7840.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
13
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-06T11:33:47.504Z;desc=hit,rtt;dur=3
Content-Length
15251
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"3e7cdc13e718680bf5e1efa64468b560"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
sMo5JjhGqPb3SyR472V7rH63uZRV2ZeRUijh2MZnILbvA9lCsbYOUw==
arstechnica_war-stories-c-and-c-tiberian-sun.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1551193450/arstechnica_war-stories-c-and-c-tiberian-sun.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 25b4c4372feadf7e1722c01c8c9eeea0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
200
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:50:07 GMT
Server-Timing
fastly;dur=0;start=2022-03-06T07:06:34.442Z;desc=hit,rtt;dur=5
Content-Length
19022
Last-Modified
Thu, 20 Jan 2022 21:51:41 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"fe52b9acd391d8bee8de15a0f429b377"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
OF15iuQWrJXPxdzQSgSH_7a4VnrSJxVVPTLMGXTwj4zhDoRHXt41cg==
arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1550244434/arstechnica_war-stories-blade-runner-skinjobs-voxels-and-future-noir.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 982cb64cb92f3401b208c338dbeb40ba.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
200
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:50:07 GMT
Server-Timing
fastly;dur=2;cpu=0;start=2022-03-07T07:09:59.337Z;desc=hit,rtt;dur=5
Content-Length
18172
Last-Modified
Thu, 20 Jan 2022 21:51:40 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"32f1b8954559c8d598e9861f5b8360b9"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
JCYeYdGcNVacktAQgRfWH7lrTE1Ea8We3KGPY65VX5vsdwYaDyoq9Q==
arstechnica_war-stories-dead-space-the-drag-tentacle.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1546889545/arstechnica_war-stories-dead-space-the-drag-tentacle.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
1688480
X-Cache
Hit from cloudfront
Date
Sat, 19 Feb 2022 21:51:43 GMT
Server-Timing
fastly;dur=572;cpu=0;start=2022-01-20T21:51:39.484Z;desc=miss,rtt;dur=1,cloudinary;dur=561;start=2022-01-20T21:51:39.493Z,cld-id;desc=85392e2cf970a0497ac819f68b89c17a
Content-Length
7393
X-Request-Id
85392e2cf970a0497ac819f68b89c17a
Last-Modified
Thu, 20 Jan 2022 21:51:41 GMT
Server
Cloudinary
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"17a6e4b5eb75eb12f5d8c89eb3d0ace8"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
OgNh3PNgE7WoqIlEUnP4eBXCLrivzAWHeubFoT_qE7O7DhiFiBD7_A==
arstechnica_teach-the-controversy-flat-earthers.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1541592304/arstechnica_teach-the-controversy-flat-earthers.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 324ee7ffbffb0a0d21b807d0d4f50eb8.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
149
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:51:58 GMT
Server-Timing
fastly;dur=0;start=2022-03-06T07:39:36.100Z;desc=hit,rtt;dur=1
Content-Length
10595
Last-Modified
Thu, 20 Jan 2022 21:52:14 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"6c0c4f8a9d61ed2b5863a8058c624a37"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
JAkjBKjJpe8F8fpug9pulrEDC07iHZjm8Uk7T8gTfxqyyNpx6QzHVg==
arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1537406983/arstechnica_delta-v-the-burgeoning-world-of-small-rockets-paul-allen-s-huge-plane-and-spacex-get-s-a-crucial-green-light.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 1741dbec7ff4486be3ac109e403dff4e.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
298
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:48:27 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-06T07:24:05.657Z;desc=hit,rtt;dur=2
Content-Length
12509
Last-Modified
Thu, 20 Jan 2022 21:52:14 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"b9c502ffc902b60d0eb13698b37a945d"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
UU_C08ZNgYJZkyaFTjc7Ha5Gjb6TMv_t2fSVkq7skwqi7OrzNayAXg==
arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1522031130/arstechnica_chris-hadfield-explains-his-space-oddity-video.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Feb 2022 07:28:24 GMT
Via
1.1 c1c976b1b60b605adb44f62da9e0bb8a.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
1481079
X-Cache
Hit from cloudfront
Server-Timing
fastly;dur=2;cpu=0;start=2022-02-22T07:28:24.739Z;desc=hit,rtt;dur=6
Content-Length
7181
Last-Modified
Thu, 20 Jan 2022 21:52:14 GMT
Server
Cloudinary
Cache-Control
public, no-transform, immutable, max-age=2592000
ETag
"0549828edcecd339d8d10ebe6119de70"
Strict-Transport-Security
max-age=604800
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
yaoLee2TX2S-o5ytoOuqXz15X1YCk4uKmKz2s8Q0NwtkTKs2Uh0Rug==
arstechnica_apollo-mission-episode-1.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1512424612/arstechnica_apollo-mission-episode-1.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 982cb64cb92f3401b208c338dbeb40ba.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
200
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=2;cpu=1;start=2022-03-05T10:04:16.548Z;desc=hit,rtt;dur=5
Content-Length
14040
Last-Modified
Thu, 20 Jan 2022 21:52:14 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"ecc047c6eed3dc571a78eab647201220"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
FZgOynPA6rOk4x-c6vM17I8p7aHwFcxslnt5VnxF3Qp-QIMKJfFhlg==
arstechnica_richard-garriot-war-stories.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_image.jpg,fl_progressive,g_center,h_169,q_80,w_300/v1513807048/arstechnica_richard-garriot-war-stories.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 25b4c4372feadf7e1722c01c8c9eeea0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
13
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:03 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-05T11:57:14.762Z;desc=hit,rtt;dur=2
Content-Length
13885
Last-Modified
Thu, 20 Jan 2022 21:51:41 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"13d45a1733ad4d2f3ae707584d6a8a32"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
kk4CjT6trixL_iwN4bJjE7Bk1J74aBUYt5LCt_bZSlI6vg9i3KZgPw==
truncated
/ 		408 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
n
elsa.memoinsights.com/ 		385 B
961 B 		Script
General
Check archive.org
Download Go to
Full URL
https://elsa.memoinsights.com/n?pid=62012a7a19351c07620394e0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&author%5B%5D=Dan%20Goodin&title=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week&date=2022-03-10T22%3A01%3A39Z&referrer=&ref_url=&page_url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&cb=MEMO.API.callbacks.cbamvvxyq&v=v3.0.5
Requested by
Host: cdn.memo.co
URL: https://cdn.memo.co/js/memo.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.90.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-90-162.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
cfe904f4c14a2d63fcf8b37a75f30282b13501015ca9fcd1fe8e1600ab35ab39

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:02 GMT
content-encoding
gzip
server
istio-envoy
content-type
application/javascript
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
263
x-request-id
dc2f2c48ba0cf8b30f93553f8d0f4495
integrator.js
adservice.google.ca/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		561 B
780 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3372216402445410&correlator=1247721029048928&hxva=1&scor=2691703139664711&eid=31065604&output=ldjh&gdfp_req=1&vrg=2022030901&ptt=17&impl=fifs&us_privacy=1---&sc=1&iu_parts=3379%2Cconde.ars%2Cinterstitial%2Cinformation-technology%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=1x1&ifi=1&adks=2746652139&sfv=1-0-38&ecs=20220311&ists=1&fsapi=false&prev_scp=pos%3Dinterstitial%26ctx_slot_type%3Dout_of_page%26ctx_slot_rn%3D0%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Dout_of_page_0%26slot_name%3Dinterstitial_1&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26m_data%3Dwaiting%26m_safety%3Dwaiting%26m_categories%3Dwaiting%26m_mv%3Dwaiting%26m_gv%3Dwaiting%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.5%26ctx_page_slug%3Dfeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%26cnt_tags%3Dcriminal-justice%252Cextortion%252Cindictments%252Cransomware%26cnt_platform%3Dwordpress%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D26%26usr_bkt_pv%3D64%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D&cookie_enabled=1&abxe=1&dt=1646995983299&lmt=1646995983&dlt=1646995980516&idt=2537&biw=1600&bih=1200&oid=2&adxs=0&adys=0&ucis=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=1262709198.1646995983&ga_sid=1646995983&ga_hid=798283911&ga_fc=false&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e8ede051cc17fc5a872b91d10f4bec83c2bc1b75b559a08d7c7245a1cbdc848f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EDDC 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Fri, 11 Mar 2022 10:53:03 GMT
expires
Sat, 11 Mar 2023 10:53:03 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:46:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 11 Mar 2022 11:46:11 GMT
publisher:getClientId
ampcid.google.com/v1/ 		74 B
531 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Mar 2022 10:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
andoncord
assoc-na.associates-amazon.com/onetag/ 		16 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assoc-na.associates-amazon.com/onetag/andoncord
Requested by
Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
Server /
Resource Hash
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:03 GMT
Server
Server
x-amz-rid
MCMXV645GYB0BHY3KHD5
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
https://arstechnica.com
Access-Control-Allow-Credentials
true
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
16
id
dpm.demdex.net/ 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F7093025512D2B690A490D44%40AdobeOrg&d_nsid=0&ts=1646995983427
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
f5a2ac577c39585912f27b9cbe386430cbe683b09344bb70c1d41c1072885be1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v026-0fa590054.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
3m4y8mUbRNw=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
2196
Expires
Thu, 01 Jan 1970 00:00:00 UTC
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f716:921a:893c:c3d8 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:03 GMT
content-encoding
gzip
etag
"yoD6mq4JTyPdtDBolW+GUg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Fri, 18 Mar 2022 10:53:03 GMT
uwt.js
static.ads-twitter.com/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:03 GMT
content-encoding
gzip
last-modified
Sat, 05 Feb 2022 00:34:56 GMT
etag
"8dc11b7ca1d5ed9ec3b1ab1beb621c75+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
5410
x-served-by
cache-iad-kiad7000147-IAD
spm.v1.min.js
ak.sail-horizon.com/spm/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-94.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:50:43 GMT
content-encoding
gzip
last-modified
Tue, 08 Jun 2021 04:22:34 GMT
server
AmazonS3
age
141
etag
W/"b22b4f4738e8722be1636447be239da2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d5da196526ff04114ed874cd3c0f9622.cloudfront.net (CloudFront)
cache-control
max-age=600; must-revalidate
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
1OIOcweUYqy4oAm58tip_biEX6xu1RWVVK-fdepGbrEkjPDZCG_gqg==
i.js
tag.bounceexchange.com/2806/ 		261 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.bounceexchange.com/2806/i.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.253.250 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
250.253.120.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
606f146ddca26cd4eb1d03c0a42e550e7b897e799998b67e7b115febbce98bc0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:51:48 GMT
content-encoding
gzip
server
istio-envoy
age
75
etag
0734824c9797ac
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
via
1.1 google
cache-control
public,max-age=60
x-envoy-upstream-service-time
7
x-region
us-central1
timing-allow-origin
*
alt-svc
clear
content-length
114956
link
<https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect
PageName=undefined,SiteID=Ars%20Technica,CampaignID=1802C,Channel=website,CreativeID=information%20technology,Placement=undefined
d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MjE1L3QvMA/kv/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MjE1L3QvMA/kv/PageName=undefined,SiteID=Ars%20Technica,CampaignID=1802C,Channel=website,CreativeID=information%20technology,Placement=undefined
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
57
a.ad.gt/api/v1/u/matches/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/57
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.84.228.30 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-84-228-30.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
eaed684290a92148cafb646f3122ce208e4d7f1623ca17e2fb294e6b96ff1dbf

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:03 GMT
server
nginx/1.18.0
content-length
3374
content-type
application/javascript
insight.min.js
snap.licdn.com/li.lms-analytics/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2600:141b:13::17d7:82d1 New York, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
c567d0068aa9d314d13047cf6af171cce476501aac5e5521bd2b2233b16fbce5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 09 Mar 2022 20:16:02 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=25307
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3073
fbevents.js
connect.facebook.net/en_US/ 		99 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26291
x-xss-protection
0
pragma
public
x-fb-debug
VKcu6oxYHYfL54Fwk6PUQNSaptZqqmw0QttQRlvMM0pyLRbSLSCYCcBNaN7cG935IoJhnRIL/834iQtHaGyQDQ==
x-fb-trip-id
1512268381
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 11 Mar 2022 10:53:03 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-1632543.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1632543.js?sv=6
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-90.ewr52.r.cloudfront.net
Software
/
Resource Hash
d69016ca21ee080f6fe79d800d7f6d033ed940a4bd026bcf95bd3fc958efe32b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:52:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
28
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
1913
access-control-allow-origin
*
cache-control
max-age=60
etag
W/e45433f53b0485eb23a611114d669fc1
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
via
1.1 8f8a44665236c177df56aa58b84d84de.cloudfront.net (CloudFront)
x-cache-hit
1
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
-jxVH2cf23hgD9aJslAN5TvvyJcOEdDLNwknxT6a39GdaPuUSlu3RA==
events.js
analytics.tiktok.com/i18n/pixel/ 		136 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1IQID9FKFK1PHD4UBH0&lib=ttq
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.132.60 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-132-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
80a7b5cd61008647d83733ffb6dae5e4604f613f0b1ecaec6e99a9c875f22413

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-akamai-request-id
1087205d.be1f927
date
Fri, 11 Mar 2022 10:53:03 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-217-116-213.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-216-133-188.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
x-parent-response-time
19,23.216.133.188
server-timing
cdn-cache; desc=MISS, edge; dur=14, origin; dur=6, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
202203111053030101131351471EDC4E70
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
6,23.217.116.213
x-tt-trace-host
01727f9c048f346e5634670cad583716de583029bb8aaddd1e02a65842bce1af00a03a355f930693583172ed9e22ae8555cb7240ca9cdfe12f851501f528680e8c727ef028a2b6b5e6afbe5f259e6df4a5719f21dc2865eb2315b18292905fccadc85b91f57709790e6b9b4cd6c39dbca2
expires
Fri, 11 Mar 2022 10:53:03 GMT
condenast_eujdmc753_arstechnica.js
cdn-magiclinks.trackonomics.net/client/static/v2/ 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-magiclinks.trackonomics.net/client/static/v2/condenast_eujdmc753_arstechnica.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2120:9000:1d:8c8c:47c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8 /
Resource Hash
f3e8f1f5163b712a260f0211d88ccb0973003057ea14c3c18997c3a5d8259e0b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 18:35:29 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 11:40:45 GMT
server
Apache/2.4.34 (Amazon) OpenSSL/1.0.2k-fips PHP/7.2.8
age
58654
etag
W/"17c2f-5d6f35f2cec9d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
SXlueGzAEtoCbKbOQE2Gt56Jcs4HSK8OaCIxPaUYAddi4n72dLRrKQ==
via
1.1 44c3684463dfb1f60dc276fec7fe9d92.cloudfront.net (CloudFront)
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 		20 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otCommonStyles.css
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 11 Mar 2022 10:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
Ye6OeZcNyuFoWog7CYs00A==
age
2087
vary
Accept-Encoding
x-ms-lease-status
unlocked
last-modified
Thu, 02 Sep 2021 03:12:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
b51d7411-701e-0112-808a-2aaaaf000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=14400
x-ms-version
2009-09-19
cf-ray
6ea3be80c95cca53-YUL
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035094&ns__t=1646995983452&ns_c=UTF-8&c8=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week%20%7C%20Ars%20Te...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1646995983452&ns_c=UTF-8&c8=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week%20%7C%20Ars%20T...
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1646995983452&ns_c=UTF-8&c8=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week%20%7C%20Ars%20Technica&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&c9=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
13.33.60.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-43.ewr52.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:03 GMT
via
1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
RQnOckbmHc5VFjPF7pZLfVrAjmQQ9S5_i2COVyDGDJkPlTJUVAuwAw==
x-cache
Miss from cloudfront

Redirect headers

date
Fri, 11 Mar 2022 10:53:03 GMT
via
1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035094&ns__t=1646995983452&ns_c=UTF-8&c8=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week%20%7C%20Ars%20Technica&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&c9=
content-length
379
x-amz-cf-id
zf-ufLQdH_Li0nmbWCSXBvhoXgs69EoBQ_Gx6cmUm7hlZEAt9tCV9A==
458249.gif
idsync.rlcdn.com/
Redirect Chain
  • https://idsync.rlcdn.com/709387.gif?partner_uid=undefined&gtmcb=956312924
  • https://idsync.rlcdn.com/1000.gif?memo=CIumKxIVChEIARCFvQkaCXVuZGVmaW5lZBAAGg0Ij9SskQYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=2fa2336a93f585f55edaa22db8af7573fe3ce9a2ec8c59106bf9f28f930b4038791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlAyZmEyMzM2YTkzZjU4NWY1NWVkYWEyMmRiOGFmNzU3M2ZlM2NlOWEyZWM4YzU5MTA2YmY5ZjI4ZjkzMGI0MDM4NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlAyZmEyMzM2YTkzZjU4NWY1NWVkYWEyMmRiOGFmNzU3M2ZlM2NlOWEyZWM4YzU5MTA2YmY5ZjI4ZjkzMGI0MDM4NzkxNDI2YjU0MTdkY2UyMRAAGgwIkNSskQYSBAgCEABCAEoA&goog...
  • https://tags.rd.linksynergy.com/rcs?ns=lr&uid3=
  • https://idsync.rlcdn.com/458249.gif?partner_uid=4272d87a-7960-4846-b0cb-40ae05801c78
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/458249.gif?partner_uid=4272d87a-7960-4846-b0cb-40ae05801c78
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:06 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
https://idsync.rlcdn.com/458249.gif?partner_uid=4272d87a-7960-4846-b0cb-40ae05801c78
date
Fri, 11 Mar 2022 10:53:06 GMT
via
1.1 google
x-samesite
secure
alt-svc
clear
content-length
111
content-type
text/html; charset=utf-8
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_device_id=undefined
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_device_id=undefined
95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_device_id=undefined
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:03 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=ADB&partner_device_id=undefined
date
Fri, 11 Mar 2022 10:53:03 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
receive
pixel.tapad.com/idsync/ex/
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=648&partner_device_id=undefined
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=648&partner_device_id=undefined
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5%252C&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5%252C&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6e0633dc-a403-42d4-8fdd-03bcf8268488&ttd_puid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5%2C
95 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6e0633dc-a403-42d4-8fdd-03bcf8268488&ttd_puid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5%2C
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:05 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=6e0633dc-a403-42d4-8fdd-03bcf8268488&ttd_puid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5%2C
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
353
get
odb.outbrain.com/utils/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&srcUrl=http%3A%2F%2Ffeeds.arstechnica.com%2Farstechnica%2Findex%2F&idx=0&rand=65917&key=NANOWDGT01&widgetJSId=AR_14&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=190&py=4462&vpd=3262&activeTab=true&darkMode=false&settings=true&recs=true&version=2000617&sig=hXNe1n98&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=1&ogn=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ea4dfbb85ad48cf0a96ca32b0dc92895fd4697c8e60327667351183f044b0bfb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:03 GMT
content-encoding
gzip
traffic-path
SADC1, IAD, North_America
x-cache
MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
x-cache-hits
0
x-traceid
703a8c51131d3d96e9d705477404d13f
content-length
14709
x-served-by
cache-iad-kiad7000059-IAD
pragma
no-cache
x-timer
S1646995984.719269,VS0,VE257
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
5f90976042b5f03ec594bace.js
player.cnevids.com/script/video/ 		64 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/script/video/5f90976042b5f03ec594bace.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/interlude/arstechnica.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-58.ewr52.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
bb9dfe37a84d25e47a931cdffe5d8c2a0d9c289ef11e0b269159ab39369dcb9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
X-Amz-Cf-Pop
EWR52-C4
X-Cache
Miss from cloudfront
Status
200 OK
Connection
keep-alive
Content-Length
21571
X-XSS-Protection
1; mode=block
X-Request-Id
bcd81b6c-7ed3-488a-bd96-d1d92c8ce289
X-Runtime
0.006251
X-Backend-Node
10.110.76.29
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
ETag
W/"2053ee57896b86dfb85fa048f801fc2a"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Via
1.1 49830f6fdfb2c3519e81248d6d19f450.cloudfront.net (CloudFront)
Cache-Control
max-age=0, private, must-revalidate
X-Amz-Cf-Id
JmT6hxFurwblr2m489YYTfZXPX3vqDgQRKgWvsijFcxnZdqQVylqOQ==
publisher:getClientId
ampcid.google.ca/v1/ 		3 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.ca/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Mar 2022 10:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
/
infinityid.condenastdigital.com/ 		36 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://infinityid.condenastdigital.com/?rand=1646995983830
Requested by
Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.187.255 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-187-255.compute-1.amazonaws.com
Software
nginx/1.15.8 /
Resource Hash
c5ab0d1f589ff1bed88ec9c1e565cd26b1060afb185910bc2b027d61cd30864b

Request headers

Accept
text/plain
Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:03 GMT
content-encoding
gzip
Server
nginx/1.15.8
vary
origin,accept-encoding
Content-Type
text/plain; charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
Connection
keep-alive
transfer-encoding
chunked
expires
0
content
4d.condenastdigital.com/ 		333 B
637 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4d.condenastdigital.com/content?url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F
Requested by
Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-129-5.compute-1.amazonaws.com
Software
/
Resource Hash
9c186382b6a768d6f78f7601305ed2b1f7c879e577e2fc47b6f7cd7df196e373

Request headers

Accept
text/plain
Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:03 GMT
content-encoding
gzip
transfer-encoding
chunked
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
Connection
keep-alive
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-11T10%3A53%3A03.833Z&_t=pubadsReady&cBr=Ars%20Technica&cKe=criminal%20justice%7Cextortion%7Cindictments%7Cransomware&cCh=information%20technology&cTi=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=775&cId=1840246&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pWw=1600&pWh=1200&pPw=1600&pPh=5000&pSw=1600&pSh=1200&uID=0884e157-1f7d-4567-95c8-d99c9013a3c8&uNw=1&uUq=1&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&uDt=desktop&dim1=%7B%22channel%22%3A%22information-technology%22%2C%22platform%22%3A%22wordpress%22%2C%22template%22%3A%22article%22%2C%22viewport%22%3A%22desktop%22%2C%22pageContext%22%3A%7B%22contentType%22%3A%22article%22%2C%22templateType%22%3A%22article%22%2C%22channel%22%3A%22information-technology%22%2C%22slug%22%3A%22feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%22%2C%22server%22%3A%22production%22%2C%22keywords%22%3A%7B%22tags%22%3A%5B%22criminal-justice%22%2C%22extortion%22%2C%22indictments%22%2C%22ransomware%22%5D%2C%22cm%22%3A%5B%5D%2C%22platform%22%3A%5B%22wordpress%22%5D%2C%22copilotid%22%3A%22%22%7D%7D%2C%22version%22%3A%226.56.5%22%7D&_o=ars-technica&_c=ad_metrics&environment=prod&origin=ars-technica
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:03 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-11T10%3A53%3A03.854Z&_t=renderEnded&cBr=Ars%20Technica&cKe=criminal%20justice%7Cextortion%7Cindictments%7Cransomware&cCh=information%20technology&cTi=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=775&cId=1840246&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pWw=1600&pWh=1200&pPw=1600&pPh=5000&pSw=1600&pSh=1200&uID=0884e157-1f7d-4567-95c8-d99c9013a3c8&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&uDt=desktop&dim1=%7B%22channel%22%3A%22information-technology%22%2C%22platform%22%3A%22wordpress%22%2C%22template%22%3A%22article%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Atrue%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22interstitial%22%2C%22size%22%3A%22%22%7D&_o=ars-technica&_c=ad_metrics&environment=prod&origin=ars-technica
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:03 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
bid
c.amazon-adsystem.com/e/dtb/ 		594 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3035&u=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pid=Ildi5Qucnr4lB&cb=0&ws=1600x1200&v=7.74.0&t=1000&slots=%5B%7B%22sd%22%3A%22article_in_text_0%22%2C%22s%22%3A%5B%22300x50%22%2C%22300x250%22%2C%22320x50%22%2C%22728x90%22%5D%2C%22sn%22%3A%22mid-content%2Fdesktop%22%7D%2C%7B%22sd%22%3A%22post_nav_0%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22hero%2Fdesktop%22%7D%2C%7B%22sd%22%3A%22siderail_0%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22rail%2Fdesktop%22%7D%5D&pj=%7B%22si_section%22%3A%22information-technology%22%2C%22us_privacy%22%3A%221---%22%7D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.137.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-137-197.ewr52.r.cloudfront.net
Software
Server /
Resource Hash
5945f5bc1545e8ef6bfdd0224514923d1e520a96e9282b7cd5dc511af226b61e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:04 GMT
via
1.1 b4396731a9663e6ea5f94926a9a70198.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
EWR52-C2
x-amz-rid
PJNWZFA5DY7509B1N6XX
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
594
x-amz-cf-id
3x05Be2yCEvEsBORCGSp7fCCNhRM7UTWHsmSGjskc9qNxw6U0s61XQ==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		328 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552970&size_id=15&alt_size_ids=2%2C43%2C44&us_privacy=1---&eid_pubcid.org=55a4c788-9f1f-47f8-91ba-87fb177dd771%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&tg_i.cnt_tags=criminal-justice%2Cextortion%2Cindictments%2Cransomware&tk_flint=pbjs_lite_v6.10.0&x_source.tid=f2f73b75-9acc-48e0-86ae-f77f695a8eaf&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.018161805870654524
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e7366791e8d37a1d230bd56b738dc83c339697df86c14fe55e43283ce66cef65

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:04 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
328
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		36 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=375855&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2235fca93ba4c4dd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F%3Fcnt_tags%3Dcriminal-justice%252Cextortion%252Cindictments%252Cransomware%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cnt_tags%22%3A%5B%22criminal-justice%22%2C%22extortion%22%2C%22indictments%22%2C%22ransomware%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A3%2C%22msi%22%3A3%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.10.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224d5015cc3e5698%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22375855%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22375855%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22375855%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22375855%22%2C%22sid%22%3A%22320x50%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2255a4c788-9f1f-47f8-91ba-87fb177dd771%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.229.102 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-229-102.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
577cffba3a5e4060fc00267dd1aae194bab397fc806fa2bdf2498277102cafa2

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:04 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.179], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://arstechnica.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
19
expires
Fri, 11 Mar 2022 10:53:04 GMT
prebid
ib.adnxs.com/ut/v3/ 		142 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
03f79370c505484926193469c439ce3b7d7004f408c07b359a29274b1ab28000
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:04 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
b37fb877-dd76-4047-91b6-b08d516bcd3a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
142
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
543 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a969ce00175757040bb70c50400002c&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
8cb42e8847df02cc0d863921e9c2fe3f8a24a9078cd878ae3f7d0b47e039ad22

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Mar 2022 10:53:04 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
content-length
62
arj
condenastus-d.openx.net/w/1.0/ 		189 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f2f73b75-9acc-48e0-86ae-f77f695a8eaf&nocache=1646995984002&us_privacy=1---&pubcid=55a4c788-9f1f-47f8-91ba-87fb177dd771&aus=300x250%2C300x50%2C320x50%2C728x90&divids=mid-content_300x250_300x50_320x50_728x90&aucs=&auid=541000584&aumfs=50
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
b5a0783c853ecf2785cf7380bcf03bfc7a37ea6ffbef000d2c16d4089eff77e9

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:04 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://arstechnica.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
894 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
636ed63be35a13e9ac7891f7c1b62d7fd23c7872c6a59f01fe0e7489f7be83cd

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
fastlane.json
fastlane.rubiconproject.com/a/api/ 		322 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552960&size_id=2&alt_size_ids=57&us_privacy=1---&eid_pubcid.org=55a4c788-9f1f-47f8-91ba-87fb177dd771%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&tg_i.cnt_tags=criminal-justice%2Cextortion%2Cindictments%2Cransomware&tk_flint=pbjs_lite_v6.10.0&x_source.tid=a1d284f8-efb9-422a-8910-f5a0ee19289f&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7157062063402022
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
debde1bc71e84bc339bc2f5417713f411494806678ecc583f2665d4ce18521bc

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:04 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
322
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		322 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552962&size_id=2&alt_size_ids=57&us_privacy=1---&eid_pubcid.org=55a4c788-9f1f-47f8-91ba-87fb177dd771%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&tg_i.cnt_tags=criminal-justice%2Cextortion%2Cindictments%2Cransomware&tk_flint=pbjs_lite_v6.10.0&x_source.tid=a1d284f8-efb9-422a-8910-f5a0ee19289f&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.06678442853936484
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
7dfb735aacf9b97aa1a65c2bb61a762e34daffea3e2213c4e861981cddff925a

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:04 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
322
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		37 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=375849&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22175119d0a42f0bd%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F%3Fcnt_tags%3Dcriminal-justice%252Cextortion%252Cindictments%252Cransomware%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cnt_tags%22%3A%5B%22criminal-justice%22%2C%22extortion%22%2C%22indictments%22%2C%22ransomware%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.10.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22181d612a41db5d1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22375849%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22375848%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2255a4c788-9f1f-47f8-91ba-87fb177dd771%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.229.102 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-229-102.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
734077f9a9575e82a7f8718e4e255298f84f51962f22407b35b6ce299ff74ca9

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:04 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.179], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://arstechnica.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
19
expires
Fri, 11 Mar 2022 10:53:04 GMT
prebid
ib.adnxs.com/ut/v3/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
53a0db506162ed3060ae85b44c1fa345ef586cb64b3dfcbf0590ded5b462373d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:04 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
c025212e-9d89-4404-be9a-34b0a7d94164
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
260
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a969ce00175757040bb70c4ff01002a&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
09c272dc0ba5fa58b24854c32acf50db5aa8e02659685ca6e4ec0d8a78e66c16

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Mar 2022 10:53:04 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a9691380175757044fd70c4fff3002b&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
b80304a9d93bd9e90a03367a3f1e1d4780a95a0f71d43ce1e95293dd5c238510

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Mar 2022 10:53:04 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
content-length
62
arj
condenastus-d.openx.net/w/1.0/ 		189 B
603 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a1d284f8-efb9-422a-8910-f5a0ee19289f%2Ca1d284f8-efb9-422a-8910-f5a0ee19289f&nocache=1646995984033&us_privacy=1---&pubcid=55a4c788-9f1f-47f8-91ba-87fb177dd771&aus=728x90%2C970x250%7C728x90%2C970x250&divids=hero_728x90_970x250%2Chero_728x90_970x250&aucs=%2C&auid=541000619%2C541000563&aumfs=50%2C50
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
6f99091cfd4343db6da0de90a7d93ba904b76134e4818f36a075c41df24cac9c

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:04 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://arstechnica.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
724 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
60236872a96cff4612101efc416706fe34892d9152f2c019e42209fb7d8d8de4

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
dest5.html
condenast.demdex.net/ Frame 83DF 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://condenast.demdex.net/dest5.html?d_nsid=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.86.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-86-185.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Fri, 11 Mar 2022 10:53:04 GMT
DCS
dcs-prod-usw2-2-v026-0d7fe3f4a.edge-usw2.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Fri, 4 Mar 2022 17:57:22 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
S9APIGTlQfw=
Content-Length
2791
Connection
keep-alive
id
sstats.arstechnica.com/ 		0
0
ibs:dpid=411&dpuuid=YisqEAAAAByHOAQr
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=68547252942253779170798061318171033219
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YisqEAAAAByHOAQr
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YisqEAAAAByHOAQr
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v026-0b39b6e6b.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
DgisQM9ARnw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YisqEAAAAByHOAQr
Date
Fri, 11 Mar 2022 10:53:04 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
onetag
assoc-na.associates-amazon.com/ 		64 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assoc-na.associates-amazon.com/onetag?src=330&pj=%7B%22tracking_id%22%3A%22arstech20-20%22%2C%22assocPayloadId%22%3Anull%2C%22refUrl%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F%22%7D&u=https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Requested by
Host: z-na.associates-amazon.com
URL: https://z-na.associates-amazon.com/onetag/v2?MarketPlace=US&instanceId=e6160dfa-32a7-4b0e-9675-d18902339f1e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.21.195.65 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
Server /
Resource Hash
de6d9929cafab4dabc8e369bf19b9a193ee27531263ac95498cc24d0366e4515

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:04 GMT
Server
Server
x-amz-rid
RA2X19J7FEMR5ZWR75ST
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Content-Type
application/json
Access-Control-Allow-Origin
https://arstechnica.com
Access-Control-Allow-Credentials
true
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
64
embed-api.json
player.cnevids.com/ 		11 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/embed-api.json?videoId=5f90976042b5f03ec594bace&playerType=interlude&embedLocation=arstechnica
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady88856293
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-58.ewr52.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
5f3dfe5ae04216d60a5eebd9b2eebfdf38a196c8bd2446de3492e804926a63db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:49:00 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Age
244
X-Cache
Hit from cloudfront
Status
200 OK
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
3684
X-XSS-Protection
1; mode=block
X-Request-Id
0c747a96-f25c-459d-8b98-7d46992400d2
X-Runtime
0.026787
X-Backend-Node
10.110.26.79
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
ETag
W/"5ff3a73d6b9c59de5d6f00972bb9051f"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Via
1.1 96457af3f289bfa24042a3475201173c.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control
max-age=300, public
X-Amz-Cf-Pop
EWR52-C4
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
UbpZqkur_bG6vuqdSaFHI9cYz2CRT61RQ0MyOWkU82YHQx9bcUVZbg==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 8A4E 		367 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady88856293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1645cfe2c4914e99ee7ccc9eeadbc05b12b1298db1a495b532adfb0643ca598d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124424
x-xss-protection
0
expires
Fri, 11 Mar 2022 10:53:04 GMT
gpt_proxy.js
imasdk.googleapis.com/js/sdkloader/ 		79 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady88856293
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5776ba1daf67d30c1adc2b55914f0fd71364ffd8bb22d10dc4f8b1488d9d5fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:40:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
733
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28708
x-xss-protection
0
last-modified
Thu, 03 Mar 2022 18:59:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Fri, 11 Mar 2022 10:55:51 GMT
player-style-839c3e98ef8199d5df9c.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame 8A4E 		88 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/player-style-839c3e98ef8199d5df9c.css
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady88856293
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.81.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-81-81.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
474e43543efcb5a0bf6c248cbfff92130a2a5611cd0d57ec64170ba982abd99e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:08:39 GMT
Content-Encoding
gzip
Age
3372266
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
12683
Last-Modified
Thu, 18 Nov 2021 10:11:57 GMT
Server
AmazonS3
ETag
"c3e312ffe7ea1e1fe08e47e617b867c2"
x-amz-version-id
jUUszsuWmYA3NL0GlcDSU1h1wjHyhdY0
Via
1.1 bdc824c8e03ec386d5eb83e9ff916440.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
X-Amz-Cf-Pop
EWR52-C1
Accept-Ranges
bytes
Content-Type
text/css; charset=utf-8
X-Amz-Cf-Id
JHHJ9P9RUtYjZPmhnYiBXwzkDPzz5GIsEJ3f_URcb2VtP-6LcvBC6Q==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
main-994d707c54e6acf457a1.js
d2c8v52ll5s99u.cloudfront.net/player/ Frame 8A4E 		820 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady88856293
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.81.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-81-81.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a5477e9982444491d1ece766b1b4c1fa5ba0712af6ed47ccf42cea17bdd7c45

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 10 Mar 2022 16:46:38 GMT
Content-Encoding
gzip
Age
65187
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
228526
Last-Modified
Thu, 10 Mar 2022 16:01:35 GMT
Server
AmazonS3
ETag
"f3ad45597a2714efc43af0206b6b7b1f"
x-amz-version-id
eJIHSOtqTOZJabRzMa3pnvySHO4CcaNU
Via
1.1 bc6981f82440e44448ee5dd3577bf4f4.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
X-Amz-Cf-Pop
EWR52-C1
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
VORRCbcXEhkwbmz29NyzAJrO8vkDzRjbK6VBD70TFdHF6K-EC2giwQ==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
infinityid
arstechnica.com/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://arstechnica.com/infinityid
Requested by
Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.14.94.35 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-14-94-35.us-east-2.compute.amazonaws.com
Software
nginx/1.17.10 /
Resource Hash
18794d2ef2e62636a8d7cea1ce420a572c82e448ab1e4a0a9b817013e99e25f4

Request headers

Accept
text/plain
Referer
https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:04 GMT
content-encoding
gzip
server
nginx/1.17.10
etag
W/"5f51280a-dd3"
content-type
text/html
user
4d.condenastdigital.com/ 		67 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://4d.condenastdigital.com/user?xid=8a88dde5-85d6-4eb8-99f5-d9efef957024
Requested by
Host: pixel.condenastdigital.com
URL: https://pixel.condenastdigital.com/sparrow.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.2.129.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-2-129-5.compute-1.amazonaws.com
Software
/
Resource Hash
32deea184d626e57d2be55e815bceb4c582b5a7283131d5ec3a1e19e55bda377

Request headers

Accept
text/plain
Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:04 GMT
content-encoding
gzip
transfer-encoding
chunked
Content-Type
application/json; charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-expose-headers
WWW-Authenticate,Server-Authorization
cache-control
no-cache
access-control-allow-credentials
true
Connection
keep-alive
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-31997-1&cid=1262709198.1646995983&jid=165640570&gjid=1437310503&_gid=1204506803.1646995984&_u=aChAgUAjAAQCAE~&z=193078960
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 11 Mar 2022 10:53:04 GMT
content-type
text/plain
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=798283911&t=pageview&_s=1&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&dr=%2F&dp=%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&ul=en-us&de=UTF-8&dt=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week%20%7C%20Ars%20Technica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aChAgUAjAAQC~&jid=165640570&gjid=1437310503&cid=1262709198.1646995983&tid=UA-31997-1&_gid=1204506803.1646995984&gtm=2wg370NLXNPCQ&cg1=article%7Creport&cg2=information-technology&cg3=information%20technology&cd1=GTM-NLXNPCQ&cd2=287&cd4=&cd6=Fri%20Mar%2011%202022%2010%3A53%3A02%20GMT%2B0000%20(GMT)&cd7=1646995982436.30kk1sd&cd8=0&cd9=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&cd10=English&cd11=10&cd12=0&cd13=Tag%20Name%3A%20GA%20-%20Pageview%20-%20Core%20Pageview%20-%20All%20Pages&cd20=none&cd25=Dan%20Goodin&cd26=1840246&cd27=775&cd28=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week&cd29=web&cd32=2022-03-10T22%3A01%3A39%2B00%3A00&cd33=1&cd34=2022-03-11T00%3A38%3A41%2B00%3A00&cd35=criminal%20justice%7Cextortion%7Cindictments%7Cransomware&cd36=web&cd43=Ars%20Technica&cd45=Adblock%20Enabled%20-%20false&cd62=https%3A%2F%2Farstechnica.com%2F%3Fp%3D1840246&cd63=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&cd65=&cd72=1.0.0&cd92=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&cd93=information%20technology&cd98=article%7Creport&cd102=22&cd103=&cd113=data-layer-loaded&cd127=Thursday&cd129=Etc%2FUnknown&cd131=2&cm13=0&cm23=0&cd3=1262709198.1646995983&z=140574635
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 03:38:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26064
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=798283911&t=event&ni=1&_s=1&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&dr=%2F&dp=%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&ul=en-us&de=UTF-8&dt=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week%20%7C%20Ars%20Technica&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=proxy%20pageviews&ea=pageload&_u=aCjAgUAjAAQCAE~&jid=&gjid=&cid=1262709198.1646995983&tid=UA-31997-1&_gid=1204506803.1646995984&gtm=2wg370NLXNPCQ&cg1=article%7Creport&cg2=information-technology&cg3=information%20technology&cd1=GTM-NLXNPCQ&cd2=287&cd4=&cd6=Fri%20Mar%2011%202022%2010%3A53%3A02%20GMT%2B0000%20(GMT)&cd7=1646995982497.56pq8su&cd8=0&cd9=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&cd10=English&cd11=10&cd12=0&cd13=Tag%20Name%3A%20GA%20Events%20-%20Proxy%20Pageviews%20-%20Pageload&cd20=none&cd25=Dan%20Goodin&cd26=1840246&cd27=775&cd28=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week&cd29=web&cd32=2022-03-10T22%3A01%3A39%2B00%3A00&cd33=1&cd34=2022-03-11T00%3A38%3A41%2B00%3A00&cd35=criminal%20justice%7Cextortion%7Cindictments%7Cransomware&cd36=web&cd43=Ars%20Technica&cd45=Adblock%20Enabled%20-%20false&cd62=https%3A%2F%2Farstechnica.com%2F%3Fp%3D1840246&cd63=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&cd65=&cd72=1.0.0&cd92=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&cd93=information%20technology&cd98=article%7Creport&cd102=22&cd103=&cd113=data-layer-loaded&cd127=Thursday&cd129=Etc%2FUnknown&cd131=2&cd3=1262709198.1646995983&cm21=1&z=1180890762
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 03:38:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
26064
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		323 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552988&size_id=15&alt_size_ids=10&us_privacy=1---&eid_pubcid.org=55a4c788-9f1f-47f8-91ba-87fb177dd771%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&tg_i.cnt_tags=criminal-justice%2Cextortion%2Cindictments%2Cransomware&tk_flint=pbjs_lite_v6.10.0&x_source.tid=d6d894ff-67f5-4efb-93ea-589c57f19500&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7568794102270919
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
cc8373e96f331082cf231dc1bfb2da7f317e74f0f785b095da91d49dcb66b2f1

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:04 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
323
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		323 B
779 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11850&site_id=307072&zone_id=1552990&size_id=15&alt_size_ids=10&us_privacy=1---&eid_pubcid.org=55a4c788-9f1f-47f8-91ba-87fb177dd771%5E1&rf=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&tg_i.cnt_tags=criminal-justice%2Cextortion%2Cindictments%2Cransomware&tk_flint=pbjs_lite_v6.10.0&x_source.tid=d6d894ff-67f5-4efb-93ea-589c57f19500&p_screen_res=1600x1200&rp_floor=0.05&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9269659293511237
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c002:200::62 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
551ca43e390e357fa87f923bebd068de9448ffd0c86197b6a873a80fdd0d1c2b

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:04 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
323
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		37 B
331 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=375865&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2235468aa6c42f541%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F%3Fcnt_tags%3Dcriminal-justice%252Cextortion%252Cindictments%252Cransomware%22%2C%22ext%22%3A%7B%22data%22%3A%7B%22cnt_tags%22%3A%5B%22criminal-justice%22%2C%22extortion%22%2C%22indictments%22%2C%22ransomware%22%5D%7D%7D%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%226.10.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22dms%22%3Atrue%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2236d8bbd58a55d33%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22375865%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22375864%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%2255a4c788-9f1f-47f8-91ba-87fb177dd771%22%7D%5D%7D%5D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.66.229.102 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-66-229-102.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ff1d5bed54a0c64f04a2f49463f9df997e1c97a2bad9cbb9e7914d158a81208f

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:04 GMT
x-ak-initial-geo
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.179], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://arstechnica.com
x-cs-client-geo
19
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
19
expires
Fri, 11 Mar 2022 10:53:04 GMT
prebid
ib.adnxs.com/ut/v3/ 		11 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
3e3f40300b1685c3911589ab78d30f12541035b430e3381aa4c355c08bb0c2ce
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 11 Mar 2022 10:53:04 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
aaa25aa3-a245-4083-8064-fd6c42e53b7c
Server
nginx/1.17.9
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a969ce00175757040bb70c50db8002f&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
f8e31c22da5c2280c4f7f35d9187db8c66c827ddc6517947b5ded9555a8a0033

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Mar 2022 10:53:04 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691380175757044fd70b6a8ba0010&pos=8a9691380175757044fd70c50ec60030&cmd=bid&secure=1&us_privacy=1---
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.236.83.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-83-94.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
2d8da20e250aa413de7bfbc8ccb0b88c7fc0015a7a4a2dd69cd1b437eaeec8f8

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Mar 2022 10:53:04 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
content-length
62
arj
condenastus-d.openx.net/w/1.0/ 		190 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://condenastus-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d6d894ff-67f5-4efb-93ea-589c57f19500%2Cd6d894ff-67f5-4efb-93ea-589c57f19500&nocache=1646995984528&us_privacy=1---&pubcid=55a4c788-9f1f-47f8-91ba-87fb177dd771&aus=300x250%2C300x600%7C300x250%2C300x600&divids=rail_300x250_300x600%2Crail_300x250_300x600&aucs=%2C&auid=541000589%2C541000592&aumfs=50%2C50
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
a7ed5bc0d84f5b2b2bbe1dc70610cae5c6fb03f2c29531888ec54f4ec19fadc8

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:04 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://arstechnica.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
176
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU65UN7R
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
c8dd1f8056375009edff50e8c196c039a2eddd75a2bbc6a6448cc8e798bfa688

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:04 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
embed-api.json
player.cnevids.com/ 		11 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.cnevids.com/embed-api.json?videoId=60abade4dc31e5375248cba6&embedLocation=arstechnica
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5f90976042b5f03ec594bace.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-58.ewr52.r.cloudfront.net
Software
nginx/1.18.0 /
Resource Hash
6fce0dbbc989e2f852d8045ea7aaa7db852aab75caef08e0cac9bf3205dff02f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:48:27 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
none
Age
277
X-Cache
Hit from cloudfront
Status
200 OK
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
3681
X-XSS-Protection
1; mode=block
X-Request-Id
715fd9b6-443d-4f9c-a822-2a60aaba6a23
X-Runtime
0.020355
X-Backend-Node
10.110.120.129
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.18.0
ETag
W/"e849bd26f394b8e73dfd7577ebed86f9"
X-Download-Options
noopen
Vary
Origin,Accept-Encoding
Access-Control-Allow-Methods
GET, OPTIONS
Content-Type
application/json; charset=utf-8
Via
1.1 96457af3f289bfa24042a3475201173c.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
Cache-Control
max-age=300, public
X-Amz-Cf-Pop
EWR52-C4
Access-Control-Allow-Origin
*
X-Amz-Cf-Id
d6ncizw-MA-FcaTrb9D83V6fKDAiXO0vu_qGNgJDSkOGgQNImEcbGg==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A5A1 		367 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5f90976042b5f03ec594bace.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1645cfe2c4914e99ee7ccc9eeadbc05b12b1298db1a495b532adfb0643ca598d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124424
x-xss-protection
0
expires
Fri, 11 Mar 2022 10:53:04 GMT
player-style-839c3e98ef8199d5df9c.css
d2c8v52ll5s99u.cloudfront.net/player/ Frame A5A1 		88 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/player-style-839c3e98ef8199d5df9c.css
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5f90976042b5f03ec594bace.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.81.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-81-81.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
474e43543efcb5a0bf6c248cbfff92130a2a5611cd0d57ec64170ba982abd99e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Mon, 31 Jan 2022 10:08:39 GMT
Content-Encoding
gzip
Age
3372266
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
12683
Last-Modified
Thu, 18 Nov 2021 10:11:57 GMT
Server
AmazonS3
ETag
"c3e312ffe7ea1e1fe08e47e617b867c2"
x-amz-version-id
jUUszsuWmYA3NL0GlcDSU1h1wjHyhdY0
Via
1.1 bc6981f82440e44448ee5dd3577bf4f4.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
X-Amz-Cf-Pop
EWR52-C1
Accept-Ranges
bytes
Content-Type
text/css; charset=utf-8
X-Amz-Cf-Id
u4qwUpqYaDPG47uQoObu0jrHHGCoqAyfqPcMvHupPwjnXqQzCpnbkw==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
main-994d707c54e6acf457a1.js
d2c8v52ll5s99u.cloudfront.net/player/ Frame A5A1 		820 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/5f90976042b5f03ec594bace.js?autoplay=1&hasCompanion=false&hideHoverTitle=1&hidePosterTitle=1&muted=1&onReady=setupInterlude1&playerType=interlude&recAlgorithm=recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2&recStrategy=cral_top2_2&showPlaylistBar=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.81.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-81-81.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a5477e9982444491d1ece766b1b4c1fa5ba0712af6ed47ccf42cea17bdd7c45

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 10 Mar 2022 16:46:38 GMT
Content-Encoding
gzip
Age
65187
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
228526
Last-Modified
Thu, 10 Mar 2022 16:01:35 GMT
Server
AmazonS3
ETag
"f3ad45597a2714efc43af0206b6b7b1f"
x-amz-version-id
eJIHSOtqTOZJabRzMa3pnvySHO4CcaNU
Via
1.1 bdc824c8e03ec386d5eb83e9ff916440.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
X-Amz-Cf-Pop
EWR52-C1
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
AwBbhIVxfs0u0FJBxn_dhZw8-MrDDqHX5rcZ3NYmS2cCBKdZ4QmHew==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
/
p.adsymptotic.com/d/px/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1646995984677&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-proli...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1646995984677&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-proli...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D434737%26time%3D1646995984677%26url%3Dhttps%253A%252F%252Farstechnica.com%252Finf...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1646995984677&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-proli...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=434737&time=1646995984677&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prol...
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=58c2fef9-6a1c-41eb-9ebf-6bd475714fa3
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=58c2fef9-6a1c-41eb-9ebf-6bd475714fa3&_expected_cookie=133206bfc57dc84a527e3ac8...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=58c2fef9-6a1c-41eb-9ebf-6bd475714fa3&_expected_cookie=133206bfc57dc84a527e3ac88db634d0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
104.18.102.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ea3beae483df99d-YYZ
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=58c2fef9-6a1c-41eb-9ebf-6bd475714fa3&_expected_cookie=133206bfc57dc84a527e3ac88db634d0
date
Fri, 11 Mar 2022 10:53:10 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6ea3bea9ec91f99d-YYZ
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
simple
api.sail-personalize.com/v1/personalize/ 		288 B
496 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
6e53da60f022a960fdf289f9baf1c70e7b57603b2022d38d0626aea34cc6cf92

Request headers

x-lib-version
v1.0.1
Accept-Language
en-CA,en;q=0.9
authorization
Bearer 96cc6d73eeadca5c51a196378f9bf3d1
content-type
application/json
accept
application/json
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
x-referring-url
https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:04 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
195
allowedmethods
GET,OPTIONS
expires
-1
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Origin
https://arstechnica.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Fri, 11 Mar 2022 10:53:04 GMT
content-type
text/plain
content-length
18
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
allow
HEAD,GET,OPTIONS
haloid
aufp.io/api/v1/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://aufp.io/api/v1/haloid
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.88.197 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-88-197.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:05 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:01:38 GMT
server
nginx/1.18.0
etag
W/"1646989298.0-6132-2958560116"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*, *
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
public, max-age=43200
origin-trial
A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires
Fri, 11 Mar 2022 22:53:05 GMT
57
p.ad.gt/api/v1/p/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.ad.gt/api/v1/p/57
Requested by
Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.235.32.190 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-235-32-190.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3f5e5e83fe0ffb305e73c4405c7ecf55dc088fcede4ec94dd03288c0bb172ac

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:05 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:01:10 GMT
server
nginx/1.18.0
etag
W/"1646989270.0-29255-2545748540"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control
public, max-age=43200
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires
Fri, 11 Mar 2022 22:53:05 GMT
match
ids.ad.gt/api/v1/
Redirect Chain
  • https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&adnxs_id=$UID
  • https://ids.ad.gt/api/v1/match?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&adnxs_id=7380764466701486637
43 B
566 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/match?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&adnxs_id=7380764466701486637
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
44.240.184.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-184-96.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:05 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Fri, 11 Mar 2022 22:53:05 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:04 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 805.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
c07370ee-cf21-4191-a48b-5f7ab049e999
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ids.ad.gt/api/v1/match?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&adnxs_id=7380764466701486637
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
t_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
  • https://ids.ad.gt/api/v1/t_match?tdid=6e0633dc-a403-42d4-8fdd-03bcf8268488&id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
43 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/t_match?tdid=6e0633dc-a403-42d4-8fdd-03bcf8268488&id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
44.240.184.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-184-96.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:05 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Fri, 11 Mar 2022 22:53:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ids.ad.gt/api/v1/t_match?tdid=6e0633dc-a403-42d4-8fdd-03bcf8268488&id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
259
pbm_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
  • https://ids.ad.gt/api/v1/pbm_match?pbm=8763B6A3-D1B4-4E71-AF29-58D268671E50&id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/pbm_match?pbm=8763B6A3-D1B4-4E71-AF29-58D268671E50&id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
44.240.184.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-184-96.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:06 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Fri, 11 Mar 2022 22:53:06 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/pbm_match?pbm=8763B6A3-D1B4-4E71-AF29-58D268671E50&id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
date
Fri, 11 Mar 2022 10:53:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
g_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
  • https://ids.ad.gt/api/v1/g_match?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&google_gid=CAESEHAGhIqFq0JL46uIHrnDrno&google_cver=1&google_ula=450542624,0
43 B
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/g_match?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&google_gid=CAESEHAGhIqFq0JL46uIHrnDrno&google_cver=1&google_ula=450542624,0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
44.240.184.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-184-96.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:05 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Fri, 11 Mar 2022 22:53:05 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:04 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ids.ad.gt/api/v1/g_match?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&google_gid=CAESEHAGhIqFq0JL46uIHrnDrno&google_cver=1&google_ula=450542624,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
357
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://ids.ad.gt/api/v1/g_hosted?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
  • https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZDA3MjAyZGQtZGJmOC00ZDVkLWExM2EtYjBmYjdlNTIwMmY5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZDA3MjAyZGQtZGJmOC00ZDVkLWExM2EtYjBmYjdlNTIwMmY5
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=ZDA3MjAyZGQtZGJmOC00ZDVkLWExM2EtYjBmYjdlNTIwMmY5
date
Fri, 11 Mar 2022 10:53:05 GMT
server
nginx/1.20.0
content-length
473
content-type
text/html; charset=utf-8
impr_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://ad.360yield.com/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9%26impr_uid%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/ux?&publisher_dmp_id=15&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fimpr_match%3Fid%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9%26impr_uid%3D%7BPUB_USER_ID%7D
  • https://ids.ad.gt/api/v1/impr_match?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&impr_uid=731aab81-526e-449a-8b81-5fa14fdcea13
43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/impr_match?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&impr_uid=731aab81-526e-449a-8b81-5fa14fdcea13
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
44.240.184.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-184-96.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:06 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Fri, 11 Mar 2022 22:53:06 GMT

Redirect headers

location
https://ids.ad.gt/api/v1/impr_match?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&impr_uid=731aab81-526e-449a-8b81-5fa14fdcea13
date
Fri, 11 Mar 2022 10:53:05 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
unruly
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.1rx.io/usersync/audigent/0?dspret=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9%26unruly_id%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync/audigent/0?zcc=1&redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9%26unruly_id%3D%5BRX_UUID%5D&cb=1646995984972
  • https://sync.targeting.unrulymedia.com/csync/RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Funruly%3Fid%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9%26unruly_id%3D...
  • https://ids.ad.gt/api/v1/unruly?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&unruly_id=RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005
43 B
490 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/unruly?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&unruly_id=RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
44.240.184.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-184-96.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:06 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Fri, 11 Mar 2022 22:53:06 GMT

Redirect headers

Date
Fri, 11 Mar 2022 10:53:06 GMT
Server
Tengine
ETag
RX32ed5efb1c2d44f6b14867108c9e0044005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://ids.ad.gt/api/v1/unruly?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&unruly_id=RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005
Connection
keep-alive
Content-Type
text/html
mediamath_match
ids.ad.gt/api/v1/
Redirect Chain
  • https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3Dd07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
  • https://ids.ad.gt/api/v1/mediamath_match?user_id=4f1b622b-2a11-4300-89bc-81aa7c7a5721&id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/mediamath_match?user_id=4f1b622b-2a11-4300-89bc-81aa7c7a5721&id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
44.240.184.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-184-96.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:06 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Fri, 11 Mar 2022 22:53:06 GMT

Redirect headers

Date
Fri, 11 Mar 2022 10:53:05 GMT
Server
MT3 4256 109297d master iad-pixel-x24 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ids.ad.gt/api/v1/mediamath_match?user_id=4f1b622b-2a11-4300-89bc-81aa7c7a5721&id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Mar 2022 10:53:04 GMT
br-ijs_all_modules_bbc32662d3ff8adbbac6de6e5ec04c71.js
assets.bounceexchange.com/assets/smart-tag/versioned/ 		537 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_bbc32662d3ff8adbbac6de6e5ec04c71.js
Requested by
Host: tag.bounceexchange.com
URL: https://tag.bounceexchange.com/2806/i.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
8bb831c2b810d0797a6e24c24e87c7b87ee191344f011b4671671b8e8aba9918

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 15:40:30 GMT
content-encoding
br
age
328355
x-guploader-uploadid
ADPycdvmw1c89tDvy4JE4XKdlhvGauxQDJV6VqQFyd1JAQYWjGSRmWiqWZYjR7JBZzq18Z9nt5xXCdr8EVjiorTGzWTbAjs5eg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
clear
content-length
102579
last-modified
Mon, 07 Mar 2022 15:40:23 GMT
server
UploadServer
etag
"a4a60a8bef6598b8631bc4c6b306996d"
x-goog-hash
crc32c=ruFMZw==, md5=pKYKi+9lmLhjG8TGswaZbQ==
x-goog-generation
1646667623529622
access-control-allow-origin
*
access-control-expose-headers
etag, Content-Type
cache-control
public,max-age=31536000
x-goog-stored-content-length
102579
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 07 Mar 2023 15:40:30 GMT
rules-p-Jjy-Cyr1NZGRz.js
rules.quantcount.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Jjy-Cyr1NZGRz.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:2000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efdbd8582066a12cf45115f1e150d2a8de06bf6b14db3feca98b116efeb9e0bb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 09:58:09 GMT
content-encoding
gzip
age
3297
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Mon, 19 Mar 2018 22:18:17 GMT
server
AmazonS3
etag
W/"2c930184a7ea36f2f9a5d9324b880b63"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 bf5abe06e7e8ddc3963a0afd0a961f74.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
I1okyMDtuP_smiAoLGLmf2EYsYf5b3z_ZAEg5OfFy1yagYEZCpRl7Q==
modules.7d3f952308caf42c2b67.js
script.hotjar.com/ 		236 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1632543.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.146.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-146-92.ewr52.r.cloudfront.net
Software
/
Resource Hash
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 09:02:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
93059
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
63048
access-control-allow-origin
*
last-modified
Thu, 10 Mar 2022 09:01:33 GMT
etag
"2f5d47da7be4d107a04726029158797c"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 31b4da0406d8b733add8a3131335a500.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
EWR52-C2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
fLtQ7uL0ix5DH7kIlLopamxEkK_KZj3pZg0KeioBe93tqr1Cu6kGZA==
p.js
fpa-cdn.arstechnica.com/keys/arstechnica.com/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fpa-cdn.arstechnica.com/keys/arstechnica.com/p.js
Requested by
Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-107.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08b8b78504677c4bb61018fbcfe343bf7603d3ea56b3b47d9532569104f9b5c0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:36:09 GMT
content-encoding
gzip
last-modified
Mon, 22 Jun 2020 18:36:23 GMT
server
AmazonS3
age
1017
etag
W/"9ad5803fbe8f447002010c8ec44dbf00"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 1e0c086b1361f8d4ae58a5db76efda36.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
yfI4NW6Za88QQLZkAwsgX6svwcEeDAg1MAKOmVAmwF2xPPmmcXqkOQ==
228464857488266
connect.facebook.net/signals/config/ 		308 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/228464857488266?v=2.9.55&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c0fffa0081cfcf9092c63f0c080fa8dce13c97c00f927de57751559c488e05fd
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89674
x-xss-protection
0
pragma
public
x-fb-debug
VwFEjo2Dl+tjzAMFqkoAZvt7StrgwEX0zeoe/OP2KPEljy3uEf9jWk4X3V1lVeLbcJZhdQNGminCpygoLx+4oA==
x-frame-options
DENY
date
Fri, 11 Mar 2022 10:53:05 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
identify.js
analytics.tiktok.com/i18n/pixel/ 		114 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/identify.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1IQID9FKFK1PHD4UBH0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.132.60 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-132-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-akamai-request-id
2e761072.be1fa08
date
Fri, 11 Mar 2022 10:53:05 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-217-116-206.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-216-133-188.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
x-parent-response-time
13,23.216.133.188
server-timing
cdn-cache; desc=MISS, edge; dur=8, origin; dur=5, inner; dur=2
pragma
no-cache
server
nginx
x-tt-logid
202203111053050101131351350CEA1618
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
5,23.217.116.206
x-tt-trace-host
01727f9c048f346e5634670cad583716de583029bb8aaddd1e02a65842bce1af0021e391ab619c98c5064e59a80f52052228285cff9192a233603b14de12319142c0b0164822ad0bc048e862142552c5fc812ae6d7ea27a235422906b47a4d166141c40db6907b99bf5f5fa474b0762751
expires
Fri, 11 Mar 2022 10:53:05 GMT
config.js
analytics.tiktok.com/i18n/pixel/ 		888 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/i18n/pixel/config.js?sdkid=C1IQID9FKFK1PHD4UBH0&hostname=arstechnica.com
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1IQID9FKFK1PHD4UBH0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.132.60 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-132-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a752705baaf1b6424744a68ce4aeeda0cb4c8c12f63fe609cca51c1e580dda69

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-akamai-request-id
10873bde.be1fa37
date
Fri, 11 Mar 2022 10:53:05 GMT
content-encoding
gzip
x-cache-remote
TCP_MISS from a23-217-116-213.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-216-133-188.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
x-parent-response-time
14,23.216.133.188
server-timing
cdn-cache; desc=MISS, edge; dur=10, origin; dur=4, inner; dur=2
content-length
362
pragma
no-cache
server
nginx
x-tt-logid
202203111053050101130060710EE1E306
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
4,23.217.116.213
x-tt-trace-host
01727f9c048f346e5634670cad583716de583029bb8aaddd1e02a65842bce1af00a03a355f930693583172ed9e22ae8555cb7240ca9cdfe12f851501f528680e8cc7af16a7bf4c6ec6716854eb9a803fb6c8b1a30db738553f18561b88a9c71beaf20c9a97854e6aa50af46a5b1e10e986
expires
Fri, 11 Mar 2022 10:53:05 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-31997-1&cid=1262709198.1646995983&jid=165640570&_u=aChAgUAjAAQCAE~&z=909260240
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-31997-1&cid=1262709198.1646995983&jid=165640570&_u=aChAgUAjAAQCAE~&z=909260240
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 1B2A
Redirect Chain
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
271 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
8b3268e2ce0d2967367801ae12fdcbbb1aa50ab8d786d901530867214b67f04a
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Server
Server
Date
Fri, 11 Mar 2022 10:53:05 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
271
Connection
keep-alive
x-amz-rid
8V4693NH507E3VR6GE4E
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
Server
Date
Fri, 11 Mar 2022 10:53:05 GMT
Content-Length
0
Connection
keep-alive
x-amz-rid
HF4YZQ9C4ABAGCXA99ZA
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
test.html
widgets.outbrain.com/nanoWidget/externals/obUserFrame/ Frame BEA7 		2 KB
1004 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/obUserFrame/test.html?lsd=e8062a03-abd0-4179-9237-bc017ff4576d
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"1e015194a0e596827cb8971f884eb43c:1646904063.020174"
last-modified
Wed, 09 Mar 2022 09:32:35 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=14400
expires
Fri, 11 Mar 2022 14:53:05 GMT
date
Fri, 11 Mar 2022 10:53:05 GMT
content-length
686
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 0278 		416 B
714 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1646909375.611942"
last-modified
Wed, 02 Mar 2022 13:03:27 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=14400
expires
Fri, 11 Mar 2022 14:53:05 GMT
date
Fri, 11 Mar 2022 10:53:05 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:05 GMT
last-modified
Tue, 08 Mar 2022 10:17:27 GMT
server
AkamaiNetStorage
etag
"c52b07e749f7a09fa7b97b7e195e06ce:1646735217.992808"
access-control-allow-methods
GET,POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2326
expires
Sun, 10 Apr 2022 10:53:05 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:05 GMT
last-modified
Tue, 08 Mar 2022 10:17:27 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1646735198.653837"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sun, 10 Apr 2022 10:53:05 GMT
l
mcdp-sadc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-sadc1.outbrain.com/l?token=a4bf585271e761266cf5b16e51164792_6817_1646995983927&tm=3174&eT=0&widgetWidth=1220&widgetHeight=235&widgetX=190&widgetY=4463&wRV=2000617&pVis=1&lsd=e8062a03-abd0-4179-9237-bc017ff4576d&eIdx=&cheq=0&rtt=1849&oo=false&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.127 , United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Fri, 11 Mar 2022 10:53:05 GMT
content-encoding
gzip
X-TraceId
1ef84ced25a3ebdde28a224b84044e80
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 38AF 		17 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4ba5146eb33e639576b0befa39a523230a21b504b6a68f57bb1a32ea9b514c23

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"2f2b7a716f5b20c4b13adcdfd51e461b:1646323178.713502"
last-modified
Thu, 03 Mar 2022 15:52:32 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=14400
expires
Fri, 11 Mar 2022 14:53:05 GMT
date
Fri, 11 Mar 2022 10:53:05 GMT
content-length
5861
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
clip.js
widgets.outbrain.com/nanoWidget/2000617/module/ 		1 KB
940 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000617/module/clip.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7fea3f1469a47a2a31191b5c7cdae71d8f47bdb5170a27a33ded4494a5b935f2

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:05 GMT
content-encoding
gzip
last-modified
Wed, 02 Mar 2022 13:04:25 GMT
server
AkamaiNetStorage
etag
"c8f2f49b18b56b848d6eb0aee2ffc966:1646227624.318814"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
612
expires
Fri, 11 Mar 2022 14:53:05 GMT
eyJpdSI6IjU3ODVkMGRmZjVkOWM5Y2JiYTJkMWQ5YjIyYmY1MjI0ZmExODI1NDZhNmVjMzFkZGUyY2Y0YWJlM2UzMTQ3YTYiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		629 KB
629 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU3ODVkMGRmZjVkOWM5Y2JiYTJkMWQ5YjIyYmY1MjI0ZmExODI1NDZhNmVjMzFkZGUyY2Y0YWJlM2UzMTQ3YTYiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:05 GMT
cache-control
max-age=1256216
last-modified
Fri, 25 Feb 2022 11:50:39 GMT
x-traceid
f0a557cfb8a96c43c893765a15eeac1e
timing-allow-origin
*
content-length
644289
content-type
video/mp4
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-11T10%3A53%3A05.500Z&_t=pageview&cBr=Ars%20Technica&cKe=criminal%20justice%7Cextortion%7Cindictments%7Cransomware&cCh=information%20technology&cTi=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=775&cId=1840246&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pWw=1600&pWh=1200&pPw=1600&pPh=5400&pSw=1600&pSh=1200&uID=0884e157-1f7d-4567-95c8-d99c9013a3c8&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&uDt=desktop&_o=ars-technica&_c=general&xID=8a88dde5-85d6-4eb8-99f5-d9efef957024&environment=prod&origin=ars-technica
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:05 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
adsct
analytics.twitter.com/i/ 		31 B
458 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1o49&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=51881b0b-a601-409d-8e42-1dab138ec0f7&tw_document_href=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&tpx_cb=twttr.conversion.loadPixels
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
5
date
Fri, 11 Mar 2022 10:53:05 GMT
content-encoding
gzip
server
tsa_b
strict-transport-security
max-age=631138519
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0
x-connection-hash
fec3b62b6e76af3fc431efdab53e1d9293f96976fdb4457ef7110d50ab427940
content-type
application/javascript;charset=utf-8
content-length
57
adsct
t.co/i/ 		43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?type=javascript&version=2.0.4&p_id=Twitter&p_user_id=0&txn_id=o1o49&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&event_id=51881b0b-a601-409d-8e42-1dab138ec0f7&tw_document_href=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
6
date
Fri, 11 Mar 2022 10:53:05 GMT
server
tsa_b
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
9e0e3e58abac0bc80b71a020765188fadae35739a9dc49a9d7c76c743ebf7c48
content-length
43
box-acca23410e696f2ca3087d947271c3d0.html
vars.hotjar.com/ Frame 7BE4 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-acca23410e696f2ca3087d947271c3d0.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1632543.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.146.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-146-2.ewr52.r.cloudfront.net
Software
/
Resource Hash
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

content-type
text/html
content-length
1044
date
Fri, 04 Feb 2022 08:52:06 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6f65fac4e8efe167ff5132c0c54c5729"
last-modified
Fri, 04 Feb 2022 08:51:39 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 fd4983be77ace22659323918c5b30f1e.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C2
x-amz-cf-id
jDHRe4Xjxp2od4WVG7cEUH2pC2deYYvyHD67_g2_M_AqR_4OxZRn1g==
age
3031259
eyJpdSI6IjU3ODVkMGRmZjVkOWM5Y2JiYTJkMWQ5YjIyYmY1MjI0ZmExODI1NDZhNmVjMzFkZGUyY2Y0YWJlM2UzMTQ3YTYiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 		629 KB
631 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6IjU3ODVkMGRmZjVkOWM5Y2JiYTJkMWQ5YjIyYmY1MjI0ZmExODI1NDZhNmVjMzFkZGUyY2Y0YWJlM2UzMTQ3YTYiLCJ3IjozOTAsImgiOjI0MCwiZCI6MS41LCJjcyI6MiwiZiI6NX0.mp4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.164.28 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-164-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9380129b18a146823f4a5b725bd655adba385f8c42f84515687cb506a6d892a5

Request headers

Referer
https://arstechnica.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Fri, 11 Mar 2022 10:53:05 GMT
last-modified
Fri, 25 Feb 2022 11:50:39 GMT
content-type
video/mp4
Content-Range
bytes 0-644288/644289
cache-control
max-age=1256216
x-traceid
f0a557cfb8a96c43c893765a15eeac1e
timing-allow-origin
*
Content-Length
644289
integrator.js
adservice.google.ca/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ca/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3372216402445410&correlator=1247721029048928&hxva=1&scor=2691703139664711&eid=31065604&output=ldjh&gdfp_req=1&vrg=2022030901&ptt=17&impl=fifs&us_privacy=1---&sc=1&iu_parts=3379%2Cconde.ars%2Cmid-content%2Cinformation-technology%2Carticle%2C2&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x50%7C300x250%7C320x50%7C300x150%7C320x150%7C320x270%7C728x90%7C9x1%7C16x9%7C4x1%7C2x1&ifi=2&adks=711671639&sfv=1-0-38&ecs=20220311&fsapi=false&prev_scp=pos%3Dmid-content%26ctx_slot_type%3Darticle_in_text%26ctx_slot_rn%3D0%26pos_instance%3D2%26ctx_slot_instance%3D0%26ctx_slot_name%3Darticle_in_text_0%26slot_name%3Dmid_content_2%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.5%26ctx_page_slug%3Dfeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%26cnt_tags%3Dcriminal-justice%252Cextortion%252Cindictments%252Cransomware%26cnt_platform%3Dwordpress%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D26%26usr_bkt_pv%3D64%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D&cookie=ID%3Dc0d5607e9ac7d54c-22009f83b4d100bf%3AT%3D1646995983%3AS%3DALNI_MYPUon4t-K8cFSj-wL8xPf30nrjQQ&abxe=1&dt=1646995985991&lmt=1646995985&dlt=1646995980516&idt=2537&biw=1600&bih=1200&oid=2&adxs=310&adys=2106&ucis=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=760x0&msz=760x0&fws=4&ohw=760&ga_vid=1262709198.1646995983&ga_sid=1646995983&ga_hid=798283911&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ccf25eed304963be5ca3c94de43dcf827e8ac05a2c857d1a19371e86649a3459
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12045
x-xss-protection
0
google-lineitem-id
5342964441
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138291203555
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3372216402445410&correlator=1247721029048928&hxva=1&scor=2691703139664711&eid=31065604&output=ldjh&gdfp_req=1&vrg=2022030901&ptt=17&impl=fifs&us_privacy=1---&sc=1&iu_parts=3379%2Cconde.ars%2Chero%2Cinformation-technology%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=728x90%7C970x250%7C9x1%7C10x1&ifi=3&adks=2385402828&sfv=1-0-38&ecs=20220311&fsapi=false&prev_scp=pos%3Dhero%26ctx_slot_type%3Dpost_nav%26ctx_slot_rn%3D0%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Dpost_nav_0%26slot_name%3Dhero_1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.5%26ctx_page_slug%3Dfeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%26cnt_tags%3Dcriminal-justice%252Cextortion%252Cindictments%252Cransomware%26cnt_platform%3Dwordpress%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D26%26usr_bkt_pv%3D64%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D&cookie=ID%3Dc0d5607e9ac7d54c-22009f83b4d100bf%3AT%3D1646995983%3AS%3DALNI_MYPUon4t-K8cFSj-wL8xPf30nrjQQ&abxe=1&dt=1646995986058&lmt=1646995986&dlt=1646995980516&idt=2537&biw=1600&bih=1200&oid=2&adxs=0&adys=125&ucis=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=1262709198.1646995983&ga_sid=1646995983&ga_hid=798283911&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
acc2eabd64654b82015e5e58d31d6fba6159b9b081bca201970a3efe16de7f0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10171
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3372216402445410&correlator=1247721029048928&hxva=1&scor=2691703139664711&eid=31065604&output=ldjh&gdfp_req=1&vrg=2022030901&ptt=17&impl=fifs&us_privacy=1---&sc=1&iu_parts=3379%2Cconde.ars%2Crail%2Cinformation-technology%2Carticle%2C1&enc_prev_ius=0%2F1%2F2%2F3%2F4%2F5&prev_iu_szs=300x250%7C300x600&ifi=4&adks=1483574547&sfv=1-0-38&ecs=20220311&fsapi=false&prev_scp=pos%3Drail%26ctx_slot_type%3Dsiderail%26ctx_slot_rn%3D0%26pos_instance%3D1%26ctx_slot_instance%3D0%26ctx_slot_name%3Dsiderail_0%26slot_name%3Drail_1%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26amznbid%3D50xn9c%26amznp%3Dkzaark%26amzniid%3DIjOAPg_0aTBZstFt9dwS1EUAAAF_eJxPKwEAAAvbAak1jzk%26amznsz%3D300x600%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D1.15%26hb_adid%3D500cb586cf46bac%26hb_bidder%3Dmedianet&eri=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.5%26ctx_page_slug%3Dfeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%26cnt_tags%3Dcriminal-justice%252Cextortion%252Cindictments%252Cransomware%26cnt_platform%3Dwordpress%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D26%26usr_bkt_pv%3D64%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D&cookie=ID%3Dc0d5607e9ac7d54c-22009f83b4d100bf%3AT%3D1646995983%3AS%3DALNI_MYPUon4t-K8cFSj-wL8xPf30nrjQQ&abxe=1&dt=1646995986068&lmt=1646995986&dlt=1646995980516&idt=2537&biw=1600&bih=1200&oid=2&adxs=1110&adys=824&ucis=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=516&ohw=300&ga_vid=1262709198.1646995983&ga_sid=1646995983&ga_hid=798283911&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
af029183fec521886e120f1deea6bb4c74f8270ad8367e4688ecb1016d25d4d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9206
x-xss-protection
0
google-lineitem-id
5203039836
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138290591553
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
s2s-hb
pbs.getpublica.com/v1/ 		2 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbs.getpublica.com/v1/s2s-hb?site_id=2564&format=json&app_name=CNEVIDEO&adserver=gam&slot_count=3&site_name=arstechnica&content_episode=32&content_length=1582&content_season=Season%201&content_id=5f90976042b5f03ec594bace&content_title=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&content_series=War%20Stories&content_language=en&content_category=business%2Cgaming%20%26%20entertainment%2CNews%2CPop%20Culture--Video%20Games&content_keywords=war%20stories%2Cars%20war%20stories%2Cars%20technica%20war%20stories%2Cwar%20stories%20nintendo%2Cars%20technica%20nintendo%2Cars%20nintendo%2Cnintendo%20entertainment%20system%2Cnintendo%20power%2Cnintendo%20power%20magazine%2Cnintendo%201985%2Cnintendo%201986%2Cnintendo%20of%20america%2Cgail%20tilden%2Cnes%2Cn.e.s.%2Cnes%20launch%2Cnes%201985%2Cgail%20tilden%20nintendo%2Cg%20tilden%20nintendo%2Cgail%20tilden%20nintendo%20power%2Coriginal%20nes%2C8bit%20nes%2C8bit%20nintendo%2Chistory%20of%20nintendo%2Chistory%20of%20nes%2Cars%20nes%2Cars%20technica%20nes&site_page=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&cb=5018390
Requested by
Host: player.cnevids.com
URL: https://player.cnevids.com/script/video/60abade4dc31e5375248cba6.jsautoplay=0&muted=0&hasCompanion=0&adsDisabled=0&onReady=arsVideoModulePlayerReady88856293
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.232.14.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-232-14-164.compute-1.amazonaws.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:06 GMT
Content-Encoding
gzip
Vary
Origin
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate
Access-Control-Allow-Credentials
true
Content-Length
26
Expires
0
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 0278 		610 B
907 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.190 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges
bytes
content-type
text/html
etag
"48053d50141031b1511dbd30f9a31288:1646907877.824403"
last-modified
Wed, 09 Mar 2022 09:32:35 GMT
server
AkamaiNetStorage
content-length
610
cache-control
max-age=14400
expires
Fri, 11 Mar 2022 14:53:06 GMT
date
Fri, 11 Mar 2022 10:53:06 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
396846.gif
idsync.rlcdn.com/ Frame 38AF
Redirect Chain
  • https://idsync.rlcdn.com/420046.gif?partner_uid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fidsync.rlcdn.com%2F396846.gif%3Fserved_by%3Devergreen%26partner_uid%3D
  • https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=d3ce87b7-fbdf-4e6f-9415-cfe04ac18554
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=d3ce87b7-fbdf-4e6f-9415-cfe04ac18554
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:09 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

date
Fri, 11 Mar 2022 10:53:08 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://idsync.rlcdn.com/396846.gif?served_by=evergreen&partner_uid=d3ce87b7-fbdf-4e6f-9415-cfe04ac18554
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
29859
tags.bluekai.com/site/ Frame 38AF 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29859?id=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.85.195.135 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-85-195-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:06 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/outbrain/?puid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://b1sync.zemanta.com/usersync/outbrain/?gdpr=0&gdpr_consent=&puid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&s=2&us_privacy=1---
  • https://sync.outbrain.com/cookie-sync?p=zemanta&uid=M2AFWxq8fWs1QCyO1OUy&gdpr=0&us_privacy=1---
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=M2AFWxq8fWs1QCyO1OUy&gdpr=0&us_privacy=1---
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:10 GMT
Cache-Control
no-cache
X-TraceId
1548ae91a7c281d8793b6fea468ce968
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:08 GMT
P3p
CP="We do not support P3P header."
Location
https://sync.outbrain.com/cookie-sync?p=zemanta&uid=M2AFWxq8fWs1QCyO1OUy&gdpr=0&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
130
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://sync.outbrain.com/cookie-sync?p=appnexus&uid=$UID&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
  • https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7380764466701486637&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
0
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7380764466701486637&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:08 GMT
Cache-Control
no-cache
X-TraceId
e09dcd0d3d0d2cc2243f7fcb2887947e
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:06 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
9ebadd3c-8a83-4a1f-8ddc-097db4371082
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://sync.outbrain.com/cookie-sync?p=appnexus&uid=7380764466701486637&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ibs:dpid=133726&dpuuid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&gdpr=0&gdpr_pd=1&gdpr_consent=
dpm.demdex.net/ Frame 38AF 		42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=133726&dpuuid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&gdpr=0&gdpr_pd=1&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v026-04ce4714a.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
y/wxX9C6STM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
set
sync-jp.im-apps.net/imid/ Frame 38AF 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-jp.im-apps.net/imid/set?cid=1000047&tid=obid&uid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.176.120.50 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-176-120-50.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:07 GMT
cache-control
no-cache
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
nginx
content-type
image/gif
content-length
43
expires
Fri, 11 Mar 2022 10:53:06 GMT
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=icco6m5&ttd_tpi=1&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://sync.outbrain.com/cookie-sync?p=ttd&uid=6e0633dc-a403-42d4-8fdd-03bcf8268488
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=ttd&uid=6e0633dc-a403-42d4-8fdd-03bcf8268488
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:08 GMT
Cache-Control
no-cache
X-TraceId
0c60cb59568a42898041fbb841a8facc
Content-Length
0

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:06 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://sync.outbrain.com/cookie-sync?p=ttd&uid=6e0633dc-a403-42d4-8fdd-03bcf8268488
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
usermatch.gif
beacon.krxd.net/ Frame 38AF 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=outbrain&partner_uid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.210.148.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-210-148-149.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:06 GMT
cache-control
private, no-cache, no-store
x-request-time
D=42 t=1646995986
x-served-by
beacon-n008-ash-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
g.pixel
aa.agkn.com/adscores/ Frame 38AF 		43 B
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aa.agkn.com/adscores/g.pixel?sid=9212295978&puid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.176.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-176-75.us-west-2.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:06 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
43
expires
0
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=outbrain&ssp_user_id=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=outbrain&ssp_user_id=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
  • https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=59125365-6b70-4daa-8987-45b896b15e4d
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=mediaforce&uid=59125365-6b70-4daa-8987-45b896b15e4d
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:10 GMT
Cache-Control
no-cache
X-TraceId
94826ad64465ac6289bb28b9fd5699cf
Content-Length
0

Redirect headers

location
//sync.outbrain.com/cookie-sync?p=mediaforce&uid=59125365-6b70-4daa-8987-45b896b15e4d
date
Fri, 11 Mar 2022 10:53:08 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=outbrain&user_id=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=outbrain&user_id=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&us_privacy=1---&gdpr=0&gdpr_pd=1&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Doutbrain%26bsw_param%3D82063e31-d895-4c78-815b-e5685b5563...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=4f1b622b-2a11-4300-89bc-81aa7c7a5721&expires=30&ssp=outbrain&bsw_param=82063e31-d895-4c78-815b-e5685b556304&gdpr=0&gdpr_consent=
  • https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=82063e31-d895-4c78-815b-e5685b556304&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=bidswitch&uid=82063e31-d895-4c78-815b-e5685b556304&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:12 GMT
Cache-Control
no-cache
X-TraceId
377c53f6f6561c889411b460b3efc7cb
Content-Length
0

Redirect headers

Location
//sync.outbrain.com/cookie-sync?p=bidswitch&uid=82063e31-d895-4c78-815b-e5685b556304&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
Date
Fri, 11 Mar 2022 10:53:11 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
usersync.aspx
dis.criteo.com/dis/ Frame 38AF 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=74&p=126&cp=outbrain&cu=1&url=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dcriteo%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu%26uid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.150 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:06 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
428134
content-type
image/gif
expires
Fri, 11 Mar 2022 00:00:00 GMT
sync
sofia.trustx.org/ul_cb/ Frame 38AF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&google_dbm
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEKhjo6mkPirEYY_MuSQBSqg&google_cver=1
  • https://sofia.trustx.org/sync?tp_id=1&tp_uid=82063e31-d895-4c78-815b-e5685b556304&ssp_custom_data=
  • https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=82063e31-d895-4c78-815b-e5685b556304&ssp_custom_data=
43 B
806 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=82063e31-d895-4c78-815b-e5685b556304&ssp_custom_data=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
35.211.168.6 North Charleston, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
6.168.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

Location
https://sofia.trustx.org/ul_cb/sync?tp_id=1&tp_uid=82063e31-d895-4c78-815b-e5685b556304&ssp_custom_data=
Date
Fri, 11 Mar 2022 10:53:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=25
  • https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7073793900810664086
0
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7073793900810664086
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:09 GMT
Cache-Control
no-cache
X-TraceId
97da27f4ed1f35f01df78dd95753b2e7
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=activeagent&uid=7073793900810664086
Date
Fri, 11 Mar 2022 10:53:07 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
/
ps.eyeota.net/match/bounce/ Frame 38AF
Redirect Chain
  • https://ps.eyeota.net/match?bid=1mpn7m0&uid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
  • https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match/bounce/?bid=1mpn7m0&uid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
3.233.22.19 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-22-19.compute-1.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:08 GMT
Content-Type
image/gif
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location
/match/bounce/?bid=1mpn7m0&uid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Date
Fri, 11 Mar 2022 10:53:07 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
id.geistm.com/m/OB/ Frame 38AF 		0
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.geistm.com/m/OB/qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.6.194.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-6-194-164.compute-1.amazonaws.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:06 GMT
x-powered-by
Express
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=outbrain
  • https://creativecdn.com/cm-notify?pi=outbrain&tc=1
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=g71zTyS3JrJ1a7exnX6p&pi=outbrain&tc=1
0
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=g71zTyS3JrJ1a7exnX6p&pi=outbrain&tc=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:10 GMT
Cache-Control
no-cache
X-TraceId
8b96bb25a2a95c6e6f132d11fe071de9
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=g71zTyS3JrJ1a7exnX6p&pi=outbrain&tc=1
pragma
no-cache
date
Fri, 11 Mar 2022 10:53:09 GMT, Fri, 11 Mar 2022 10:53:09 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=15268
  • https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L0MAVUNK-24-AM7U
0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L0MAVUNK-24-AM7U
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:09 GMT
Cache-Control
no-cache
X-TraceId
195cce6653b75f3f0fd35d81db4ad620
Content-Length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://sync.outbrain.com/cookie-sync?p=rubicon&uid=L0MAVUNK-24-AM7U
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
5c765cf7d1bd0738e8bf9e7ecb99ef6d
Expires
0
cookiesyncredir
bttrack.com/Pixel/ Frame 38AF 		35 B
574 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/Pixel/cookiesyncredir?rurl=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dbidtellect%26uid%3D%7Bglobalid%7D%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

X-ServerName
Track002-iad
Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:01 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
tpid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
sync.crwdcntrl.net/map/c=14516/tp=OBRN/ Frame 38AF 		49 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.174.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-174-18.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:07 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.5.6
content-type
image/gif
content-length
49
expires
0
362358.gif
idsync.rlcdn.com/ Frame 38AF
Redirect Chain
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
  • https://loadus.exelator.com/load/?p=580&g=2&j=0&buid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&xl8blockcheck=1
  • https://idsync.rlcdn.com/397416.gif?partner_uid=749a3fb36294af3e0be5477ca7a8aed6
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOnRrE8Hh1SlSJm1b9S-Q9c&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOnRrE8Hh1SlSJm1b9S-Q9c&google_cver=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:12 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEOnRrE8Hh1SlSJm1b9S-Q9c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=193091&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGj...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dindxexcg%26uid%3D%24%7BUSER%7D%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8...
  • https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
0
307 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:10 GMT
Cache-Control
no-cache
X-TraceId
42302f14bd1840de1bf158d8eb269e7a
Content-Length
0

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://sync.outbrain.com/cookie-sync?p=indxexcg&uid=YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
348
Expires
Fri, 11 Mar 2022 10:53:09 GMT
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BG...
  • https://sync.search.spotxchange.com/partner?adv_id=8862&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dspotx%26uid%3D%24SPOTX_USER_ID%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BG...
  • https://sync.outbrain.com/cookie-sync?p=spotx&uid=703b40fe-a129-11ec-a4b2-19a2cb060103&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=spotx&uid=703b40fe-a129-11ec-a4b2-19a2cb060103&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:11 GMT
Cache-Control
no-cache
X-TraceId
11132c04fa8e88bb61469342744b8a32
Content-Length
0

Redirect headers

Date
Fri, 11 Mar 2022 10:53:10 GMT
Server
nginx
Location
https://sync.outbrain.com/cookie-sync?p=spotx&uid=703b40fe-a129-11ec-a4b2-19a2cb060103&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
385
Connection
keep-alive
Content-Length
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 38AF
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160065&gdpr=PM_GDPR&gdpr_consent=PM_CONSENT&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160065%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=ODc2M0I2QTMtRDFCNC00RTcxLUFGMjktNThEMjY4NjcxRTUw&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=PM_CONSENT&piggybackCookie=CAESEGbcL73e2AFhjruAy7-Vf_Y&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=PM_CONSENT
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=PM_CONSENT
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:88A43826E64D4192B957B7C4E6FE616D
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Server
8.28.7.82 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:16 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Fri, 11 Mar 2022 10:53:16 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug002:0:482
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=00df9f64-6f67-4cae-aeb2-d951da52047c&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dopenx%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHS...
  • https://sync.outbrain.com/cookie-sync?p=openx&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&uid=3619d1d6-4976-45f3-a803-1dbecbe123a7
0
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=openx&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&uid=3619d1d6-4976-45f3-a803-1dbecbe123a7
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:10 GMT
Cache-Control
no-cache
X-TraceId
1bf2baeb4539ea743efa23d7fc50222e
Content-Length
0

Redirect headers

date
Fri, 11 Mar 2022 10:53:09 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://sync.outbrain.com/cookie-sync?p=openx&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&uid=3619d1d6-4976-45f3-a803-1dbecbe123a7
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true
  • https://pixel.advertising.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/58440/sync?&gdpr=0&gdpr_consent=&redir=true&apid=UP7056a3fc-a129-11ec-b6e3-0210df448c65
  • https://sync.outbrain.com/cookie-sync?p=oath&uid=UP7056a3fc-a129-11ec-b6e3-0210df448c65
0
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=oath&uid=UP7056a3fc-a129-11ec-b6e3-0210df448c65
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:12 GMT
Cache-Control
no-cache
X-TraceId
ea9700829cb7f8cb72cd78e9e054baab
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=oath&uid=UP7056a3fc-a129-11ec-b6e3-0210df448c65
date
Fri, 11 Mar 2022 10:53:11 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
getuid
ib.adnxs.com/ Frame 38AF
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24UID%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu%0A
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2b...
0
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu%0A&b64_redirect=aHR0cHM6Ly9zeW5jLm91dGJyYWluLmNvbS9jb29raWUtc3luYz9wPWVteCZ1aWQ9JEVNWFVJRCZvYlVpZD1xU1pzVnc3SVVqUWktZ3d5Q2JIczdrcUdiWU9ISWZwVjJicFZHdUc0QkdHamNlbVR6NGRhOHB4Q0hTQ240OXp1Cg==
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
68.67.161.212 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:10 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
8078ad30-1357-45e0-91e4-7ecb607b3015
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

location
https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Demx%26uid%3D%24EMXUID%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu%0A&b64_redirect=aHR0cHM6Ly9zeW5jLm91dGJyYWluLmNvbS9jb29raWUtc3luYz9wPWVteCZ1aWQ9JEVNWFVJRCZvYlVpZD1xU1pzVnc3SVVqUWktZ3d5Q2JIczdrcUdiWU9ISWZwVjJicFZHdUc0QkdHamNlbVR6NGRhOHB4Q0hTQ240OXp1Cg==
date
Fri, 11 Mar 2022 10:53:09 GMT
content-length
0
content-type
text/html
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://ice.360yield.com/server_match?partner_id=1863&r=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dimprove_digital%26uid%3D%7BPUB_USER_ID%7D%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVG...
  • https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=731aab81-526e-449a-8b81-5fa14fdcea13&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
0
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=731aab81-526e-449a-8b81-5fa14fdcea13&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:11 GMT
Cache-Control
no-cache
X-TraceId
0f22ea9654a2fd368ccc106dbc015be6
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=improve_digital&uid=731aab81-526e-449a-8b81-5fa14fdcea13&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
date
Fri, 11 Mar 2022 10:53:10 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=outbrain&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3D%24%7BUSER%7D%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcem...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4423958491
  • https://sync.1rx.io/usersync/tradedesk/6e0633dc-a403-42d4-8fdd-03bcf8268488
  • https://sync.targeting.unrulymedia.com/csync/RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005?redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dunruly%26uid%3DRX-32ed5efb-1c2d-44f6-b148-67108c9e...
  • https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005&obUid=$D
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005&obUid=$D
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:14 GMT
Cache-Control
no-cache
X-TraceId
57c0ce1a4e234ee96fc339d59b00a110
Content-Length
0

Redirect headers

Date
Fri, 11 Mar 2022 10:53:13 GMT
Server
Tengine
ETag
RX32ed5efb1c2d44f6b14867108c9e0044005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://sync.outbrain.com/cookie-sync?p=unruly&uid=RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005&obUid=$D
Connection
keep-alive
Content-Type
text/html
/
s.ad.smaato.net/c/ Frame 38AF 		0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?adExInit=o&redir=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmaato%26uid%3D%24UID%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2140:6400:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:10 GMT
via
1.1 edf4d9eb8e5d775f8b1cd6b4e97dd4c6.cloudfront.net (CloudFront)
server
CloudFront
cache-control
no-cache, must-revalidate
x-amz-cf-pop
EWR52-C1
x-amz-cf-id
eNNL3SQ8q4cD-38MsEpgq22sbupCav-y2iTBRIPMKKqBNxbKfntYow==
x-cache
FunctionGeneratedResponse from cloudfront
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=30&gdpr=0&gdpr_consent=&redirectUri=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsmart%26uid%3D%5Bssb_sync_pid%5D%26obUid%3DqSZsVw7IUjQi-g...
  • https://sync.outbrain.com/cookie-sync?p=smart&uid=489781436322581848&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
0
290 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=smart&uid=489781436322581848&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:11 GMT
Cache-Control
no-cache
X-TraceId
7d7d5610553832c11162dccfd2c9c33e
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=smart&uid=489781436322581848&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING
date
Fri, 11 Mar 2022 10:53:10 GMT
content-length
0
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58523/occ?gdpr=0&gdpr_consent=&redir=true
  • https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-wieNCjlE2uEnDGV5ht6_4R0hTe9WyDUFX.ot.jQ-~A&gdpr=0&gdpr_consent=
0
323 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-wieNCjlE2uEnDGV5ht6_4R0hTe9WyDUFX.ot.jQ-~A&gdpr=0&gdpr_consent=
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:11 GMT
Cache-Control
no-cache
X-TraceId
d95f13ee9eaf9fac7e65e28d23a06f57
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=oath_display&uid=y-wieNCjlE2uEnDGV5ht6_4R0hTe9WyDUFX.ot.jQ-~A&gdpr=0&gdpr_consent=
date
Fri, 11 Mar 2022 10:53:10 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
c.gif
c.bing.com/ Frame 38AF 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?red3=MSOB_pd&uid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:09 GMT
etag
"7c5ed6a6f22cd81:0"
last-modified
Mon, 28 Feb 2022 22:29:30 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3BA0573B72B24C57BA910A2E514E7434 Ref B: YTO01EDGE0813 Ref C: 2022-03-11T10:53:10Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dsynacor%26uid%3D%5BUSER_ID%5D%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjce...
  • https://sync.outbrain.com/cookie-sync?p=synacor&uid=494D3CE41C99400BA621FD0E3E02E377&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
0
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=synacor&uid=494D3CE41C99400BA621FD0E3E02E377&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:11 GMT
Cache-Control
no-cache
X-TraceId
93cab894ae304e5457b691103c986943
Content-Length
0

Redirect headers

date
Fri, 11 Mar 2022 10:53:10 GMT
via
1.1 varnish
server
nginx
age
0
location
https://sync.outbrain.com/cookie-sync?p=synacor&uid=494D3CE41C99400BA621FD0E3E02E377&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain
access-control-allow-origin
https://widgets.outbrain.com/
access-control-allow-credentials
true
x-varnish
930725575
content-length
0
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://sync.hgrtb.com/outbrain?cb=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Dmediaforce_custom%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu%26uid%3D%7BUSER_I...
  • https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&uid=bcaf9e53-95b7-4356-9c31-3b956785f931
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&uid=bcaf9e53-95b7-4356-9c31-3b956785f931
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:12 GMT
Cache-Control
no-cache
X-TraceId
95def802eca73c17b898d1ac31e6bf64
Content-Length
0

Redirect headers

location
https://sync.outbrain.com/cookie-sync?p=mediaforce_custom&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu&uid=bcaf9e53-95b7-4356-9c31-3b956785f931
date
Fri, 11 Mar 2022 10:53:11 GMT
content-length
200
strict-transport-security
max-age=15724800; includeSubDomains
content-type
text/html; charset=utf-8
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 38AF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.outbrain.com%2Fcookie-sync%3Fp%3Drise%26uid%3D%5BpartnerId%5D%26obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu%26gdpr%3D%24GDPR_APPLIES%26gdpr_consent%3D%24CONSNT_STRING
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.7.157.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-7-157-94.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
cookie-sync
sync.outbrain.com/ Frame 38AF
Redirect Chain
  • https://id.rlcdn.com/711945.gif?cparams=obUid%3DqSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
  • https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
HTTP/1.1
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:12 GMT
Cache-Control
no-cache
X-TraceId
4b4e71f60cae95f978841928b4d824f7
Content-Length
0

Redirect headers

date
Fri, 11 Mar 2022 10:53:11 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://sync.outbrain.com/cookie-sync?p=liveramp&uid=&obUid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pr
s.amazon-adsystem.com/v3/ Frame FD6A 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
7762f62eb79f23ea31d953c69e508627a084a1770afefec9a7a073b51b7a8000
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&dcc=t

Response headers

Server
Server
Date
Fri, 11 Mar 2022 10:53:06 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
1886
Connection
keep-alive
x-amz-rid
6D74ZRW3E520PQKB4KT8
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()
pixel;r=1816830125;labels=Culture.Ars%20Technica.information%20technology.;source=gtm;rf=0;a=p-Jjy-Cyr1NZGRz;url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1816830125;labels=Culture.Ars%20Technica.information%20technology.;source=gtm;rf=0;a=p-Jjy-Cyr1NZGRz;url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F;uht=2;fpan=1;fpa=P0-932977213-1646995986898;pbc=55a4c788-9f1f-47f8-91ba-87fb177dd771;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;us_privacy=1---;ref=;d=arstechnica.com;je=0;sr=1600x1200x24;dst=0;et=1646995986898;tzo=0;ogl=site_name.Ars%20Technica%2Curl.https%3A%2F%2Farstechnica%252Ecom%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware%2Ctitle.Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week%2Cimage.https%3A%2F%2Fcdn%252Earstechnica%252Enet%2Fwp-content%2Fuploads%2F2022%2F03%2Fblurry-0s-and-1s-760x380%252E%2Cdescription.Man%20arriving%20from%20Ukraine%20accused%20of%20causing%20Kaseya%20supply%20chain%20attack%252E%2Ctype.article
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f716:921a:893c:c3d8 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:06 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
getpixels
pixels.ad.gt/api/v1/ 		0
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pixels.ad.gt/api/v1/getpixels?tagger_id=a30b532ad25d4ac226e27bda64e76dee&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&code=%27none%27
Requested by
Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/57
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.239.202 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-239-202.us-west-2.compute.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 11 Mar 2022 10:53:07 GMT
server
nginx/1.18.0
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods
GET, POST, OPTIONS
access-control-expose-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
ecommerce.js
www.google-analytics.com/plugins/ua/ 		1 KB
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ecommerce.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:42:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
623
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 11 Mar 2022 11:42:44 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:45:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
434
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1129
x-xss-protection
0
last-modified
Thu, 30 Dec 2021 12:48:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Fri, 11 Mar 2022 11:45:53 GMT
conde_nast_xid
ids.ad.gt/api/v1/put/ 		43 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/put/conde_nast_xid?conde_nast_xid=8a88dde5-85d6-4eb8-99f5-d9efef957024
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.184.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-184-96.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:07 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Fri, 11 Mar 2022 22:53:07 GMT
container.html
56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F4E3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Mar 2022 10:53:03 GMT
expires
Sat, 11 Mar 2023 10:53:03 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-11T10%3A53%3A07.181Z&_t=renderEnded&cBr=Ars%20Technica&cKe=criminal%20justice%7Cextortion%7Cindictments%7Cransomware&cCh=information%20technology&cTi=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=775&cId=1840246&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pWw=1600&pWh=1200&pPw=1600&pPh=5200&pSw=1600&pSh=1200&uID=0884e157-1f7d-4567-95c8-d99c9013a3c8&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&uDt=desktop&dim1=%7B%22channel%22%3A%22information-technology%22%2C%22platform%22%3A%22wordpress%22%2C%22template%22%3A%22article%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Afalse%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22hero%22%2C%22size%22%3A%22970x250%22%7D&_o=ars-technica&_c=ad_metrics&xID=8a88dde5-85d6-4eb8-99f5-d9efef957024&environment=prod&origin=ars-technica
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:07 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CONDENAST_PREBID_HEADER1&hp=1&zMoatAdUnit1=conde.ars&zMoatAdUnit2=hero&zMoatAdUnit3=information-technology&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=11&f=0&j=&t=1646995982584&de=901890910919&rx=604451054343&m=0&ar=359f21c1e97-clean&iw=8105762&q=1&cb=0&cu=1646995982584&ll=2&lm=0&ln=0&em=0&en=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&bo=conde.ars&bd=1&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=condenastprebidheader987326845656&fd=1&ac=1&it=500&pe=1%3A1145%3A1145%3A0%3A1743&fs=197273&na=341664202&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:07 GMT
p-Jjy-Cyr1NZGRz.gif
pixel.quantserve.com/pixel/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Jjy-Cyr1NZGRz.gif?labels=_campaign.media.Advertiser%20ID.4660981638.Campaign%20ID.2443012271.Line%20Item%20ID.programmatic
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f716:921a:893c:c3d8 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:07 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
0ec1194c-a41c-4599-906e-effc3339bd9f
https://arstechnica.com/ Frame 8A4E 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://arstechnica.com/0ec1194c-a41c-4599-906e-effc3339bd9f
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
sf-ui-display-medium-webfont.woff2
d2c8v52ll5s99u.cloudfront.net/assets/fonts/ Frame A5A1 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-839c3e98ef8199d5df9c.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.81.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-81-81.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

Referer
https://d2c8v52ll5s99u.cloudfront.net/player/player-style-839c3e98ef8199d5df9c.css
Origin
https://arstechnica.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
ETag
"7d18db04f980971f2a9c5026bbc34bed"
X-Amz-Cf-Pop
EWR52-C1
X-Cache
RefreshHit from cloudfront
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
29632
Access-Control-Allow-Origin
*
Last-Modified
Mon, 26 Jun 2017 15:24:42 GMT
Server
AmazonS3
Date
Fri, 11 Mar 2022 10:53:08 GMT
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff2
Via
1.1 0b202e2428f14940b06527255fa020ea.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
Accept-Ranges
bytes
X-Amz-Cf-Id
UwEhiRc5FCDU1mwhNIQDzQrsG6cetrAR4FwzNy0jaZwOozlHVkHrJA==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
bridge3.503.0_en.html
imasdk.googleapis.com/js/core/ Frame FFB5 		589 KB
191 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.503.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae01f81568274cd06b5147c59eddad07b73d10799cfc76b67223dfc30abfb95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
195823
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 09 Mar 2022 06:45:57 GMT
expires
Thu, 09 Mar 2023 06:45:57 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 03 Mar 2022 18:56:31 GMT
content-type
text/html
age
187630
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame A5A1 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Mar 2022 10:53:08 GMT
fbevents.js
connect.facebook.net/en_US/ Frame A5A1 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26291
x-xss-protection
0
pragma
public
x-fb-debug
VKcu6oxYHYfL54Fwk6PUQNSaptZqqmw0QttQRlvMM0pyLRbSLSCYCcBNaN7cG935IoJhnRIL/834iQtHaGyQDQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 11 Mar 2022 10:53:07 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
comscore-min.js
d2c8v52ll5s99u.cloudfront.net/player/ Frame A5A1 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/comscore-min.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.81.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-81-81.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 24 May 2017 18:19:15 GMT
Server
AmazonS3
Age
205
ETag
W/"054acb6fbd2b2a6c1ac561705bffb0cc"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 bdc824c8e03ec386d5eb83e9ff916440.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Fri, 11 Mar 2022 10:49:44 GMT
X-Amz-Cf-Pop
EWR52-C1
X-Amz-Cf-Id
f88vLu83hZB7iEAQqUKy3jyPbQCEzqACGUVR9y5R1GqeE7svjsIafw==
js
www.googletagmanager.com/gtag/ 		164 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-P1P55J3LNW&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLXNPCQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2008 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
02930a3c5f2c4d7916106255cd842ea509198e9f7c99160537aeb892eb3764e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:08 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62192
x-xss-protection
0
expires
Fri, 11 Mar 2022 10:53:08 GMT
track
capture.condenastdigital.com/ Frame A5A1 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A07.375Z&_c=&_t=Player%20Requested&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:08 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ Frame A5A1 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A07.938Z&_c=initial&_t=gptData&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&dim1=%7B%22adBlocked%22%3Afalse%2C%22adUnits%22%3A%5B%223379%2Fconde.ars%2Finterstitial%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fhero%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F2%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F3%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F2%22%5D%2C%22embedLocation%22%3A%22arstechnica%22%2C%22error%22%3A%22%22%2C%22lineItems%22%3A%5B%5D%2C%22publicaEnabled%22%3Afalse%2C%22videoId%22%3A%2260abade4dc31e5375248cba6%22%7D
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:08 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame A5A1 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 25b4c4372feadf7e1722c01c8c9eeea0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
166
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:50:30 GMT
Server-Timing
fastly;dur=2;cpu=0;start=2022-03-06T11:38:33.914Z;desc=hit,rtt;dur=3
Content-Length
51500
Last-Modified
Tue, 25 May 2021 15:04:45 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"1631177d1131925333a3b2b652f3d8b2"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
MDQuSK7K2LJF-MJFPFlRr-YSCsI5aPPrp01MvSNXWxyXgQMIwugCLA==
1409
check.analytics.rlcdn.com/check/ 		23 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1409
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-95.ewr52.r.cloudfront.net
Software
/
Resource Hash
d0ef936654ba84031c1ef90617069aceaab3dac1dd0912b76ebd449f9a566e55

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Mar 2022 10:53:08 GMT
via
1.1 233fdf58f872ee4c13da2719cf945c9c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C3
x-amzn-requestid
83f01bce-63c8-49eb-ac39-4b551e5788d0
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-622b2a14-440df1ca25e836427ecd05c6
x-amz-apigw-id
O0ODOE6ZDoEFbgA=
content-length
23
x-amz-cf-id
mhGcC02Oqh4FVZDAaTa_6xYgzj9s6N-T0ZzveW2ERYNUqYeLmwRXkw==
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=228464857488266&ev=PageView&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&rl=&if=false&ts=1646995988232&cd[SiteSection]=information%20technology&cd[PageTags]=criminal%20justice%7Cextortion%7Cindictments%7Cransomware&cd[Brand]=Pitchfork&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646995988224.403967254&it=1646995984979&coo=false&dpo=&exp=p1&rqm=GET
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Fri, 11 Mar 2022 10:53:08 GMT
/
srv-1970-01-01-00.pixel.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://srv-1970-01-01-00.pixel.parsely.com/plogger/
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.224.102.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-224-102-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:08 GMT
Cache-Control
no-cache
Last-Modified
Friday, 11-Mar-2022 10:53:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
fpa-events.arstechnica.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fpa-events.arstechnica.com/plogger/?rand=1646995988300&plid=3523782&idsite=arstechnica.com&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&sref=&sts=1646995988259&slts=0&title=Feds+extradite+ransomware+suspects+from+2+prolific+gangs+in+a+single+week+%7C+Ars+Technica&date=Fri+Mar+11+2022+10%3A53%3A08+GMT%2B0000+(GMT)&action=pageview&pvid=35054762&u=pid%3D9df2d1daf213a964c0d4ceb65e9db394
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.226.175.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-226-175-205.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:08 GMT
Cache-Control
no-cache
Last-Modified
Friday, 11-Mar-2022 10:53:08 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ibs:dpid=21&dpuuid=163850804087006939230
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=68547252942253779170798061318171033219
  • https://dpm.demdex.net/ibs:dpid=21&dpuuid=163850804087006939230
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=21&dpuuid=163850804087006939230
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v026-0568cc9d6.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
8dpOposRReQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:08 GMT
server
AAWebServer
location
https://dpm.demdex.net/ibs:dpid=21&dpuuid=163850804087006939230
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&app=playerservice&cCh=videos%2Fshow&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=&_ts=2022-03-11T10%3A53%3A08.349Z&_c=error&_t=PrebidError&dim1=%7B%22errorData%22%3A%7B%22body%22%3A%5B%5D%7D%7D&dim3=Empty
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:08 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
sf-ui-display-medium-webfont.woff2
d2c8v52ll5s99u.cloudfront.net/assets/fonts/ Frame 8A4E 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/assets/fonts/sf-ui-display-medium-webfont.woff2
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/player-style-839c3e98ef8199d5df9c.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.81.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-81-81.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3

Request headers

Referer
https://d2c8v52ll5s99u.cloudfront.net/player/player-style-839c3e98ef8199d5df9c.css
Origin
https://arstechnica.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
ETag
"7d18db04f980971f2a9c5026bbc34bed"
X-Amz-Cf-Pop
EWR52-C1
X-Cache
RefreshHit from cloudfront
Access-Control-Max-Age
3000
Connection
keep-alive
Content-Length
29632
Access-Control-Allow-Origin
*
Last-Modified
Mon, 26 Jun 2017 15:24:42 GMT
Server
AmazonS3
Date
Fri, 11 Mar 2022 10:53:09 GMT
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Access-Control-Allow-Methods
GET
Content-Type
application/font-woff2
Via
1.1 0b202e2428f14940b06527255fa020ea.cloudfront.net (CloudFront)
Cache-Control
max-age=63072000, public
Accept-Ranges
bytes
X-Amz-Cf-Id
1quf2hf4p6RSmlzDIZhbO1qZe7kHhz7SH6k_q5IFa2JRlBU2lsX77w==
Expires
Tue, 01 Jan 2030 00:00:00 GMT
bridge3.503.0_en.html
imasdk.googleapis.com/js/core/ Frame B849 		589 KB
191 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.503.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae01f81568274cd06b5147c59eddad07b73d10799cfc76b67223dfc30abfb95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
195823
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Wed, 09 Mar 2022 06:45:57 GMT
expires
Thu, 09 Mar 2023 06:45:57 GMT
cache-control
public, max-age=31536000
last-modified
Thu, 03 Mar 2022 18:56:31 GMT
content-type
text/html
age
187631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 8A4E 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Mar 2022 10:53:08 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 8A4E 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26291
x-xss-protection
0
pragma
public
x-fb-debug
VKcu6oxYHYfL54Fwk6PUQNSaptZqqmw0QttQRlvMM0pyLRbSLSCYCcBNaN7cG935IoJhnRIL/834iQtHaGyQDQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Fri, 11 Mar 2022 10:53:08 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
comscore-min.js
d2c8v52ll5s99u.cloudfront.net/player/ Frame 8A4E 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2c8v52ll5s99u.cloudfront.net/player/comscore-min.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.33.81.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-81-81.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
Vary
Accept-Encoding
Last-Modified
Wed, 24 May 2017 18:19:15 GMT
Server
AmazonS3
Age
205
ETag
W/"054acb6fbd2b2a6c1ac561705bffb0cc"
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 bdc824c8e03ec386d5eb83e9ff916440.cloudfront.net (CloudFront)
Connection
keep-alive
Date
Fri, 11 Mar 2022 10:49:44 GMT
X-Amz-Cf-Pop
EWR52-C1
X-Amz-Cf-Id
jpJYdnc7qJnQ6CyhPfIicA4yPpW5x4oFQzLfe7qstzHL6HzvkI9VZA==
track
capture.condenastdigital.com/ Frame 8A4E 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A08.375Z&_c=&_t=Player%20Requested&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:08 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ Frame 8A4E 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A08.612Z&_c=initial&_t=gptData&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&dim1=%7B%22adBlocked%22%3Afalse%2C%22adUnits%22%3A%5B%223379%2Fconde.ars%2Finterstitial%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fhero%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F2%22%2C%223379%2Fconde.ars%2Frail%2Finformation-technology%2Farticle%2F3%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F1%22%2C%223379%2Fconde.ars%2Fmid-content%2Finformation-technology%2Farticle%2F2%22%5D%2C%22embedLocation%22%3A%22arstechnica%22%2C%22error%22%3A%22%22%2C%22lineItems%22%3A%5B%5D%2C%22publicaEnabled%22%3Afalse%2C%22videoId%22%3A%225f90976042b5f03ec594bace%22%7D
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:08 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
arstechnica_war-stories-gail-tilden.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1603899385/ Frame 8A4E 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1603899385/arstechnica_war-stories-gail-tilden.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
5d076962515986764e40e0d4d8ba48e9ea4b61189b10d4de9365822e7f821098
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 25b4c4372feadf7e1722c01c8c9eeea0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
6
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:08 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-06T07:09:13.288Z;desc=hit,rtt;dur=3
Content-Length
65640
Last-Modified
Thu, 29 Oct 2020 15:19:46 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"37eb408a26d0e945f1fa03c18b4b949f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
dZ8HHJk-_TxszBbgndofBdaRgXKKnwhvdk9Yha-idaJGAsG5mNxm_A==
local_storage_frame16.min.html
assets.bounceexchange.com/assets/bounce/ Frame 52ED 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://assets.bounceexchange.com/assets/bounce/local_storage_frame16.min.html
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_bbc32662d3ff8adbbac6de6e5ec04c71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.72.95 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
95.72.98.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

x-guploader-uploadid
ADPycdsHaMhIPmz1y8zixuqmSr8jUQH7b6mLqnRaWR5ncGz54tQyl-tb5YJbnwSiUjE_nPe_NP-gY6HGzUwE52qVABBCDhAriA
x-goog-generation
1641484422456784
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
x-goog-stored-content-length
1055
content-encoding
gzip
x-goog-hash
crc32c=/MB/Rw== md5=w2jAMmD4CbqHf/KAt5/Fjg==
x-goog-storage-class
MULTI_REGIONAL
accept-ranges
bytes
vary
Accept-Encoding
content-length
1055
access-control-allow-origin
*
access-control-expose-headers
etag Content-Type
server
UploadServer
date
Sun, 13 Feb 2022 21:46:38 GMT
expires
Mon, 13 Feb 2023 21:46:38 GMT
cache-control
public,max-age=31536000
age
2207190
last-modified
Thu, 06 Jan 2022 15:53:42 GMT
etag
"c368c03260f809ba877ff280b79fc58e"
content-type
text/html; charset=UTF-8
alt-svc
clear
pixel
analytics.tiktok.com/api/v2/ 		0
711 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.tiktok.com/api/v2/pixel
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=C1IQID9FKFK1PHD4UBH0&lib=ttq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.132.60 Piscataway, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-132-60.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

x-akamai-request-id
19cfbd59.be1fcb8
date
Fri, 11 Mar 2022 10:53:09 GMT
x-cache-remote
TCP_MISS from a96-6-42-68.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-216-133-188.deploy.akamaitechnologies.com (AkamaiGHost/10.7.3-39449967) (-)
x-parent-response-time
724,23.216.133.188
server-timing
cdn-cache; desc=MISS, edge; dur=534, origin; dur=190, inner; dur=8
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
2022031110530901011300607117DDBF23
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
190,96.6.42.68
x-tt-trace-host
01727f9c048f346e5634670cad583716de583029bb8aaddd1e02a65842bce1af00aee247ffb0e9824129844f5a59c0db4f5b93a9cf0a6316944c4537b3aeba48c9d0399ae0964b9692ff706bfad55a6735aa4d2f7f04aa04df73271d19188866b03bfd2e5d2f2d997cce6daa033cf5d77f
expires
Fri, 11 Mar 2022 10:53:09 GMT
container.html
56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FEB5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Mar 2022 10:53:03 GMT
expires
Sat, 11 Mar 2023 10:53:03 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-11T10%3A53%3A08.974Z&_t=renderEnded&cBr=Ars%20Technica&cKe=criminal%20justice%7Cextortion%7Cindictments%7Cransomware&cCh=information%20technology&cTi=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=775&cId=1840246&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pWw=1600&pWh=1200&pPw=1600&pPh=5200&pSw=1600&pSh=1200&uID=0884e157-1f7d-4567-95c8-d99c9013a3c8&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&uDt=desktop&dim1=%7B%22channel%22%3A%22information-technology%22%2C%22platform%22%3A%22wordpress%22%2C%22template%22%3A%22article%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Afalse%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22rail%22%2C%22size%22%3A%22300x600%22%7D&_o=ars-technica&_c=ad_metrics&xID=8a88dde5-85d6-4eb8-99f5-d9efef957024&environment=prod&origin=ars-technica
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:09 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
p-Jjy-Cyr1NZGRz.gif
pixel.quantserve.com/pixel/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Jjy-Cyr1NZGRz.gif?labels=_campaign.media.Advertiser%20ID.4475647908.Campaign%20ID.2610313398.Line%20Item%20ID.5203039836
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f716:921a:893c:c3d8 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:09 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
openx
ids.ad.gt/api/v1/
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8...
  • https://ids.ad.gt/api/v1/openx?openx_id=af48e1b4-bf14-47f3-9897-5b4364252b88&id=0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1e...
43 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/openx?openx_id=af48e1b4-bf14-47f3-9897-5b4364252b88&id=0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
44.240.184.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-184-96.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:10 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Fri, 11 Mar 2022 22:53:10 GMT

Redirect headers

date
Fri, 11 Mar 2022 10:53:09 GMT
content-encoding
gzip
server
OXGW/17.2.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ids.ad.gt/api/v1/openx?openx_id=af48e1b4-bf14-47f3-9897-5b4364252b88&id=0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
halo_match
ids.ad.gt/api/v1/ 		43 B
652 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ids.ad.gt/api/v1/halo_match?id=d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9&halo_id=0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.240.184.96 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-240-184-96.us-west-2.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:09 GMT
cache-control
public, max-age=43200
server
nginx/1.20.0
content-type
image/gif
expires
Fri, 11 Mar 2022 22:53:09 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 01A6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEwK8EbYWdWgzVUbFAcfQ5JppKoc8ygkwWbxLDvdEsQqHEH5v9g1JIsownJrFTbaLjZm_XM46dnV5WVpmUI7vntSjeupiJvDPvy26FHjEOpTKhHyoFtbR4y83KELDoQnCTrIsG8-2sdbFSTgRAJ9FsJBrPdSO1GMMep5_ZCGXrHy0_BPf3tOcmBMCguIXQDv4VK6aeW9CWAAiZTVtKMHINVInwmLUJQFOJeVzFM39VI10Ul9f2Wm0jVh9Gl9zA2dV_LYbo3--dd9ILLnV_OQnnE0ap1eNPo6faGE6PXeKfGMuyXcTyuC7gbrl_E7lDCzfmG-Qt7m0KEMlQKY1H_kjQvSUCSC2MXsKNMak&sig=Cg0ArKJSzOh2-Vqajh8dEAE&uach_m=[UACH]&adurl=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 01A6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Mar 2022 10:45:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 01A6 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 11 Mar 2022 10:53:09 GMT
l
www.google.com/ads/measurement/ Frame 01A6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQm3U01Pc3S1ivCjKkAKlTQ5t9Kxg7pxhYcxZjTB2wAXBZgjMDxmbKsKWYnGdG6DERYOR8lHCp_Dqxly6ksC3a9-c-lUg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
moatad.js
z.moatads.com/condenastdfp9588492144/ Frame 01A6 		329 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastdfp9588492144/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e312bc18779e0d9c6626ee0bdb426676ebb2835346604c114191b3ffe4251527

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:09 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 17:16:15 GMT
server
AmazonS3
x-amz-request-id
TWNZ1TVDCY58YB3Z
etag
"f0806f26c367a53146efd2e6b7b36d5f"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=9493
accept-ranges
bytes
content-length
112460
x-amz-id-2
LvkP12XD4LjHNvFIaYKBww79zPguhbpcSOsKP6oLovTYb81nsgaOzKM/uYmSuq9q8m0rqz7am+M=
10232530115121911219
tpc.googlesyndication.com/simgad/ Frame 01A6 		162 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10232530115121911219
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd239cbc31f0976120b6649fe926ccd9f043e8155452b986658ed4bfdcd3471e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 21:21:24 GMT
x-content-type-options
nosniff
age
221505
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
165676
x-xss-protection
0
last-modified
Thu, 17 Oct 2019 15:26:04 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 08 Mar 2023 21:21:24 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-11T10%3A53%3A09.139Z&_t=renderEnded&cBr=Ars%20Technica&cKe=criminal%20justice%7Cextortion%7Cindictments%7Cransomware&cCh=information%20technology&cTi=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=775&cId=1840246&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pWw=1600&pWh=1200&pPw=1600&pPh=5200&pSw=1600&pSh=1200&uID=0884e157-1f7d-4567-95c8-d99c9013a3c8&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&uDt=desktop&dim1=%7B%22channel%22%3A%22information-technology%22%2C%22platform%22%3A%22wordpress%22%2C%22template%22%3A%22article%22%2C%22viewport%22%3A%22desktop%22%2C%22isEmpty%22%3Afalse%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22mid-content%22%2C%22size%22%3A%22728x90%22%7D&_o=ars-technica&_c=ad_metrics&xID=8a88dde5-85d6-4eb8-99f5-d9efef957024&environment=prod&origin=ars-technica
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:09 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
p-Jjy-Cyr1NZGRz.gif
pixel.quantserve.com/pixel/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-Jjy-Cyr1NZGRz.gif?labels=_campaign.media.Advertiser%20ID.4552798968.Campaign%20ID.2683864530.Line%20Item%20ID.5342964441
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800b:21:f716:921a:893c:c3d8 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:09 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
42a92f36-6c00-4111-9a14-f623e91f83c1
https://arstechnica.com/ Frame A5A1 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://arstechnica.com/42a92f36-6c00-4111-9a14-f623e91f83c1
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame F269 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:45:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
431
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 11 Mar 2022 11:45:58 GMT
1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame A5A1 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://arstechnica.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 11 Mar 2022 07:25:39 GMT
Via
1.1 fd5bb5b63be18c34495bdbea44226476.cloudfront.net (CloudFront)
Last-Modified
Mon, 24 May 2021 13:51:20 GMT
Server
AmazonS3
Age
12451
ETag
"580642a938142bddde48207109f78d2b"
X-Cache
Hit from cloudfront
Content-Type
video/mp4
Content-Range
bytes 0-2480938/2480939
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Content-Length
2480939
X-Amz-Cf-Id
3B1aqp64nAAHBTw5dP9SaKxWP0EWnqW1bzyMThkYGjTs4_C-PwMISg==
1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame A5A1 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dthumbs.mp4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://arstechnica.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 11 Mar 2022 07:25:39 GMT
Via
1.1 d0299d2f29e90578dc5a017ee02130a2.cloudfront.net (CloudFront)
Last-Modified
Mon, 24 May 2021 13:51:20 GMT
Server
AmazonS3
Age
12451
ETag
"580642a938142bddde48207109f78d2b"
X-Cache
Hit from cloudfront
Content-Type
video/mp4
Content-Range
bytes 0-2480938/2480939
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Content-Length
2480939
X-Amz-Cf-Id
Xsky8aPKfuslfda7P-woAk5Xv44vKvxKemI3U4pzIwrhfRwVUV-GeQ==
1409
check.analytics.rlcdn.com/check/ 		23 B
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1409
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-95.ewr52.r.cloudfront.net
Software
/
Resource Hash
d0ef936654ba84031c1ef90617069aceaab3dac1dd0912b76ebd449f9a566e55

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Mar 2022 10:53:09 GMT
via
1.1 233fdf58f872ee4c13da2719cf945c9c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C3
x-amzn-requestid
106ea9fc-f8f7-4f8c-a657-a49a66f65b55
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-622b2a15-36ac08ce1f31372243e51e3b
x-amz-apigw-id
O0ODbHY-DoEFh7Q=
content-length
23
x-amz-cf-id
oFC73pUAcEUAw4Fo8R56nVNIkexZwQ3RMRh0xt-6Kw8st6IRzfleYQ==
track
capture.condenastdigital.com/ Frame A5A1 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A09.547Z&_c=Player%20Event&_t=Player%20Loaded&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&cId=60abade4dc31e5375248cba6&cKe=Unsolved%20Mysteries%2CArs%20Technica%20Unsolved%20Mysteries%2CQuantum%20Leap%2CUnsolved%20Mysteries%20Quantum%20Leap%2CQuantum%20leap%20show%2Cquantum%20leap%20ending%2Cquantum%20leap%20bakula%2CDonald%20P%20Bellisario%2CQuantum%20Leap%20Finale%2CQuantum%20Leap%20JFK%2CQuantum%20Leap%20Lee%20Harvey%20Oswald%2CQuantum%20Leap%20interview%2CScott%20Bakula%2CDean%20Stockwell%2CQuantum%20Leap%20Ziggy%2CQuantum%20Leap%20Al%2CQuantum%20Leap%20NBC%2CNBC%20Quantum%20Leap%2CQuantum%20Leap%20Episodes%2Cquantum%20leap%20intro%2Cquantum%20leap%20ars%20technica%2Cars%20technica%20quantum%20leap&cPd=2021-05-25T15%3A00%3A00%2B00%3A00&cTi=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario&mDu=854&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pWw=584&pWh=328.5&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=8a88dde5-85d6-4eb8-99f5-d9efef957024&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2201b4160%22%2C%22guid%22%3A%2252ffba68-ac11-d07e-f7e1-1bf842fa5181%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22manual%22%2C%22playerDepth%22%3A3725.75%2C%22playerType%22%3A%22video-continuous%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3Anull%2C%22recStrategy%22%3Anull%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3Anull%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:09 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
action_links.json
fr-actions.trackonomics.net/prod/arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/ 		243 B
587 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fr-actions.trackonomics.net/prod/arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/action_links.json
Requested by
Host: cdn-magiclinks.trackonomics.net
URL: https://cdn-magiclinks.trackonomics.net/client/static/v2/condenast_eujdmc753_arstechnica.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-103.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79d97d01b2e5c628e364124d57c548587469395b86bde5cd81a7ac0899ca7228

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:09 GMT
via
1.1 3c6fb804e042beb7f78515bd450ae3a2.cloudfront.net (CloudFront)
server
AmazonS3
x-amz-cf-pop
EWR52-C3
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache
Error from cloudfront
content-type
application/xml
access-control-allow-origin
*
access-control-allow-methods
GET
x-amz-cf-id
rbmm6i8RUuxLb37Osq4ttXTxktw7nwREvzrWPbydXIM7e0M5aXsovA==
i.png
trx-hub.com/i/m/ 		128 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trx-hub.com/i/m/i.png?q=N4IghgLhBOD6BmB7aB3M0AmBLAdgcxAC5gBfAGhAFsBTCMDSMI0AY0Rwmo4EkARIkAEYAHABYADACZRANhAU2iANZZqAYQByA4WGHCMGagFYAtMKMYZJ0dQBGwkwE5H8UxkfV4nx0YDsU0XkQPDBYFgAbVQ5YLAwBAHEAQUEAOkkUwUkZSX9HQUdhDJlZZyMCgGYggGcAB3RoRBRYAFcq6jhYgXE9G0E-E0F4XwxrIxlfJyMWB3dHFkdxQXKwcunquugGpraqqqx2GLjCIUddSSnBE2lJcWthFlNhakkHYXKsmVdxeBk7INx4LgsBAAJ6HbS6fSGR4WKw2exOFxuDxeeA+fzSEDkEAQLCUXAEYjY5rQcJVZggaCedpU6ACf5VWAwAAesCpXk27SI8DAZOo2MgMFgYBqNS4R1IFDqeGoTOgYBY1CIAG1QFVECTFQIABZQGpVQgAekN6CqnBY2pwWBYYBSbEohoByEokH2OBM5stiHCiDwIMNN0kkkN4nKhq8GCqJmozJg9GB1BM8pw6soaCpJiqrTFLAgUfgDUoVxMNQakUBLBMIXwUdwJjAmYJ4UTKGo1CUhqC7JpXOOQUFcCQqHQ2HwzBIJAAugpWhBEJRYDQ6OOpQ0xdBQeDjgAFABKAHltwBRXcAFQAmrA+EEWLP5+0tyA2DhDDgwGbYNRmgArDCUFi+EY5TCtAZrUBaVo2jesQ1IIAjPq+74QJ+P5-gBQHQRgNSSAIpqepBTAUOqmpKscuoQPqRomqB+HWra9qOjgQ4uri7AeuBXo+n6AZSMGobhtQkbRrG8rYJwSZgCm87pomWa1OBeYmAW87FqW3pYBWVaSXgtbug2ez4M2Jitu2nYUNQABuXDIaCYoCHipbULsbpdtSnJ0n2CjsJwPD8McIgSNIchecoqiaBCegGMYZiwtYdgOM4rgmO41Jon4ARBCEYSRNZj5JKk6SZNkuT5IUgjFDIpQVOs9SNC0bQdEcIDdGI1B9BMgzDKM4yTNMyXOPMizLKswg1ZsdU7HsBydP5pzCOcLCXNctyiPcjzPK87wyJ8RjfL8tj-ExQKbjNIA6JF0IxZYcUIolyKpeiGUKDl0S4jQAiBpIJihgMginoI4iEEBhDiI4KTbTIABaQTSrKuIQM2AgAGKCVUAAEMZxmJ1Bo8mqYyWjck5nmaPKZQaOSGjanltaaPVjpaO4GjYCE02OMmUoaMAD5o4koFo6eHEEf8p1YLE5UlD4BSOBDeBYNqWJAA
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-29.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 07:19:33 GMT
via
1.1 542aa1c3fd7431ac31b596fde254f388.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:40:25 GMT
server
AmazonS3
age
12817
etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
128
x-amz-cf-id
dOwTvhVNrpJ4PAN1IzT6lwzNazzVk-zpAnanWUBGBScVaQbqa-82pA==
i.png
trx-hub.com/i/x/ 		128 B
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trx-hub.com/i/x/i.png?q=N4IgDglgJiBcIGMD2A7KBTFBDAzgFwH10BXAKygFsEB2AVgGYCsAnfdBACxQgSxABoQEaHCHQAjADYALJICcc2nIAccyeoDmEDgJAAPaDjigAZsymyFS1TLkRyojnjxgcsAPTuA7j4B0EfCQEAGswDiQ8JF9kCncwiKR3ADcIZmIcAFoIFBN2PHQoDIosABsvFnQMkuJmYOyNDJiwYnzmDKgsPCwM1AycBGZ0TAyAI2yWAE9GpAx2pGIRksr0PTAkHBrKjQpxAAZ6emVpXfFaSQyAJmpJZXpxZXFqXTMLeUUVNWk5BFIdeCcXG5PD4vL4qFhcuhokhYoskBocO4Ihx0G04Qj3ODIVUsCNEV1gpVuih0HhyiVgj0UBk8CiMl4ICVCjhoOh3CAAL4coA
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-29.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 06:34:57 GMT
via
1.1 542aa1c3fd7431ac31b596fde254f388.cloudfront.net (CloudFront)
last-modified
Mon, 24 Aug 2020 04:40:42 GMT
server
AmazonS3
age
15493
etag
"90eb1bf3b49429bde87a3b5f0b53e6a5"
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
128
x-amz-cf-id
et-Wg3zKk2buAVpkm4PQpacmT6mT4N5J_k0jzE5P_2iMIR3y0ecuhQ==
envelope
api.rlcdn.com/api/identity/ 		0
252 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=1409
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.155.137 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
137.155.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Mar 2022 10:53:09 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
rid
match.adsrvr.org/track/ 		0
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=3egfyfq&fmt=json
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Mar 2022 10:53:09 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/javascript
access-control-allow-origin
https://arstechnica.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
0
expires
Sat, 11 Mar 2023 10:53:09 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame F352 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.160.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 12 Mar 2022 10:53:12 GMT
Date
Fri, 11 Mar 2022 10:53:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame 14BC 		672 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
56461278ff30f38c727c3303125d7de4992f0c8890bb6d2e314d5ee001400d0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 11 Mar 2022 10:53:09 GMT
content-type
text/html
content-length
427
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ixmatch.html
js-sec.indexww.com/um/ Frame 95A9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Server
Apache
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 11 Mar 2022 10:53:09 GMT
Content-Length
1388
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 4BFD 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?us_privacy=1---
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 11 Mar 2022 10:53:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame BBDF 		672 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
56461278ff30f38c727c3303125d7de4992f0c8890bb6d2e314d5ee001400d0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 11 Mar 2022 10:53:09 GMT
content-type
text/html
content-length
427
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
checksync.php
contextual.media.net/ Frame 36A0 		34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c5c2fc39b47e07e067b38ba1309842f5ae795265b7e447fe31036168a4982cda
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 13 Mar 2022 10:53:10 GMT
date
Fri, 11 Mar 2022 10:53:10 GMT
content-length
11618
async_usersync.html
acdn.adnxs.com/dmp/ Frame 893B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.160.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 12 Mar 2022 10:53:12 GMT
Date
Fri, 11 Mar 2022 10:53:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 8782 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Server
Apache
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 11 Mar 2022 10:53:10 GMT
Content-Length
1388
Connection
keep-alive
async_usersync.html
acdn.adnxs.com/dmp/ Frame 8D19 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.160.130 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-160-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Sat, 12 Mar 2022 10:53:12 GMT
Date
Fri, 11 Mar 2022 10:53:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
us-u.openx.net/w/1.0/ Frame 3228 		779 B
493 B 		Document
General
Check archive.org
Download Go to
Full URL
https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
837863ba5a4848de455d526a97db545f6c456a6c5dee1d20117d7e2f3034e90d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 11 Mar 2022 10:53:09 GMT
content-type
text/html
content-length
474
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
checksync.php
contextual.media.net/ Frame 9BA9 		34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c5c2fc39b47e07e067b38ba1309842f5ae795265b7e447fe31036168a4982cda
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 13 Mar 2022 10:53:10 GMT
date
Fri, 11 Mar 2022 10:53:10 GMT
content-length
11618
ixmatch.html
js-sec.indexww.com/um/ Frame 4D33 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

Server
Apache
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Date
Fri, 11 Mar 2022 10:53:10 GMT
Content-Length
1388
Connection
keep-alive
checksync.php
contextual.media.net/ Frame 99AA 		34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c5c2fc39b47e07e067b38ba1309842f5ae795265b7e447fe31036168a4982cda
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 13 Mar 2022 10:53:10 GMT
date
Fri, 11 Mar 2022 10:53:10 GMT
content-length
11618
1409
check.analytics.rlcdn.com/check/ 		23 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://check.analytics.rlcdn.com/check/1409
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/cns/prebid.min.js?v=1646995667
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-95.ewr52.r.cloudfront.net
Software
/
Resource Hash
d0ef936654ba84031c1ef90617069aceaab3dac1dd0912b76ebd449f9a566e55

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 11 Mar 2022 10:53:09 GMT
via
1.1 233fdf58f872ee4c13da2719cf945c9c.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C3
x-amzn-requestid
b614919f-8cbe-46c1-b331-5608df2b08b8
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-622b2a15-1fda044264d36aff6ca6f839
x-amz-apigw-id
O0ODdHkBjoEFcJg=
content-length
23
x-amz-cf-id
2NftjtKnBfjPIqGOvj9Ja1-VgMxge_W5I-hQFk2S7RiVcBQkainRuw==
1c5e052d-9221-44ad-9785-4ca784ceb60dmanifest-ios.m3u8
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame A5A1 		918 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dmanifest-ios.m3u8?videoIndex=0&requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
005f315d6f7cf50f04161a51e17287b5040b513267560b083a3cf39d0b892ba8

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 07:57:41 GMT
Via
1.1 3c6fb804e042beb7f78515bd450ae3a2.cloudfront.net (CloudFront)
Vary
Origin
Age
10530
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
918
Last-Modified
Mon, 24 May 2021 13:49:14 GMT
Server
AmazonS3
ETag
"4300fd3b9bba40f219ea54c572764fe0"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
FQbbMzkT5JNjcR2k2soCQNOsbv04ox5iQ5cAvwKfKeQ6mAUbdAsc5g==
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E000 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:45:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 11 Mar 2022 11:45:58 GMT
f888e2cc-72c4-4e8d-abbf-db2c8eebbfa9thumbs.mp4
dp8hsntg6do36.cloudfront.net/5f90976042b5f03ec594bace/ Frame 8A4E 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f90976042b5f03ec594bace/f888e2cc-72c4-4e8d-abbf-db2c8eebbfa9thumbs.mp4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://arstechnica.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 11 Mar 2022 08:03:45 GMT
Via
1.1 f8d8b16a7820702de048e041a1ec7840.cloudfront.net (CloudFront)
Last-Modified
Wed, 21 Oct 2020 20:40:52 GMT
Server
AmazonS3
Age
10166
ETag
"53a751be5ef0c4c49952af262eb53d3d"
X-Cache
Hit from cloudfront
Content-Type
video/mp4
Content-Range
bytes 0-2848585/2848586
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Content-Length
2848586
X-Amz-Cf-Id
mrVXYbtBBVztBMY-VWNA_yLAnNMMfMgrG3qWXLqBd4L_wZNnwHzMuA==
f888e2cc-72c4-4e8d-abbf-db2c8eebbfa9thumbs.mp4
dp8hsntg6do36.cloudfront.net/5f90976042b5f03ec594bace/ Frame 8A4E 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f90976042b5f03ec594bace/f888e2cc-72c4-4e8d-abbf-db2c8eebbfa9thumbs.mp4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://arstechnica.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 11 Mar 2022 08:03:45 GMT
Via
1.1 fa486964c67c2a458a5e0fcec0e6f602.cloudfront.net (CloudFront)
Last-Modified
Wed, 21 Oct 2020 20:40:52 GMT
Server
AmazonS3
Age
10166
ETag
"53a751be5ef0c4c49952af262eb53d3d"
X-Cache
Hit from cloudfront
Content-Type
video/mp4
Content-Range
bytes 0-2848585/2848586
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Content-Length
2848586
X-Amz-Cf-Id
efP0DmJpPJKjZ5-yQcsWK-Au1v13OBFDnq2wjnILJqs97-9C9fSYSg==
ibs:dpid=269&dpuuid=4f1b622b-2a11-4300-89bc-81aa7c7a5721&ddsuuid=68547252942253779170798061318171033219
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=10004&mt_exuid=68547252942253779170798061318171033219&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D269%26dpuuid%3D[MM_UUID]%26ddsuuid%3d68547252942253...
  • https://dpm.demdex.net/ibs:dpid=269&dpuuid=4f1b622b-2a11-4300-89bc-81aa7c7a5721&ddsuuid=68547252942253779170798061318171033219
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=269&dpuuid=4f1b622b-2a11-4300-89bc-81aa7c7a5721&ddsuuid=68547252942253779170798061318171033219
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v026-0eba3b44a.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
PyzSCcctQ/E=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Fri, 11 Mar 2022 10:53:10 GMT
Server
MT3 4256 109297d master iad-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=269&dpuuid=4f1b622b-2a11-4300-89bc-81aa7c7a5721&ddsuuid=68547252942253779170798061318171033219
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Mar 2022 10:53:09 GMT
track
capture.condenastdigital.com/ Frame 8A4E 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A10.185Z&_c=Player%20Event&_t=Player%20Loaded&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&cId=5f90976042b5f03ec594bace&cKe=war%20stories%2Cars%20war%20stories%2Cars%20technica%20war%20stories%2Cwar%20stories%20nintendo%2Cars%20technica%20nintendo%2Cars%20nintendo%2Cnintendo%20entertainment%20system%2Cnintendo%20power%2Cnintendo%20power%20magazine%2Cnintendo%201985%2Cnintendo%201986%2Cnintendo%20of%20america%2Cgail%20tilden%2Cnes%2Cn.e.s.%2Cnes%20launch%2Cnes%201985%2Cgail%20tilden%20nintendo%2Cg%20tilden%20nintendo%2Cgail%20tilden%20nintendo%20power%2Coriginal%20nes%2C8bit%20nes%2C8bit%20nintendo%2Chistory%20of%20nintendo%2Chistory%20of%20nes%2Cars%20nes%2Cars%20technica%20nes&cPd=2020-10-29T15%3A00%3A00%2B00%3A00&cTi=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&mDu=1582&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pWw=276&pWh=155.25&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=8a88dde5-85d6-4eb8-99f5-d9efef957024&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2201b4160%22%2C%22guid%22%3A%228b6d854e-a1a9-f2f2-b709-2dd5f43cd4e3%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3Anull%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:10 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ Frame 8A4E 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A10.258Z&_c=Player%20Event&_t=Player%20In%20Viewport&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&cId=5f90976042b5f03ec594bace&cKe=war%20stories%2Cars%20war%20stories%2Cars%20technica%20war%20stories%2Cwar%20stories%20nintendo%2Cars%20technica%20nintendo%2Cars%20nintendo%2Cnintendo%20entertainment%20system%2Cnintendo%20power%2Cnintendo%20power%20magazine%2Cnintendo%201985%2Cnintendo%201986%2Cnintendo%20of%20america%2Cgail%20tilden%2Cnes%2Cn.e.s.%2Cnes%20launch%2Cnes%201985%2Cgail%20tilden%20nintendo%2Cg%20tilden%20nintendo%2Cgail%20tilden%20nintendo%20power%2Coriginal%20nes%2C8bit%20nes%2C8bit%20nintendo%2Chistory%20of%20nintendo%2Chistory%20of%20nes%2Cars%20nes%2Cars%20technica%20nes&cPd=2020-10-29T15%3A00%3A00%2B00%3A00&cTi=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&mDu=1582&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pWw=276&pWh=155.25&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=8a88dde5-85d6-4eb8-99f5-d9efef957024&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2201b4160%22%2C%22guid%22%3A%228b6d854e-a1a9-f2f2-b709-2dd5f43cd4e3%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:10 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
f888e2cc-72c4-4e8d-abbf-db2c8eebbfa9manifest-ios.m3u8
dp8hsntg6do36.cloudfront.net/5f90976042b5f03ec594bace/ Frame 8A4E 		918 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f90976042b5f03ec594bace/f888e2cc-72c4-4e8d-abbf-db2c8eebbfa9manifest-ios.m3u8?videoIndex=0&requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b4e23165d9d11b0e205ec23438968fa03c06bbbb7d61fbcb34bd0067492aed5

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 06:27:27 GMT
Via
1.1 3c6fb804e042beb7f78515bd450ae3a2.cloudfront.net (CloudFront)
Vary
Origin
Age
15944
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
918
Last-Modified
Wed, 21 Oct 2020 20:37:11 GMT
Server
AmazonS3
ETag
"873085c78f53832a71a434db72626010"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
J943A18WITsYqsHcsmjuknUp55F9CQxCTVwatxX-5vk5i-ppOPiPWQ==
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=conde.ars&zMoatAdUnit2=hero&zMoatAdUnit3=information-technology&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=7&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2F56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=0&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=315&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995982584&de=901890910919&rx=604451054343&cu=1646995982584&m=7278&ar=359f21c1e97-clean&iw=8105762&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=0&ag=752&an=0&gf=752&gg=0&ix=752&ic=752&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=752&bx=0&dj=1&im=0&in=0&pd=0&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1504&cd=0&ah=1504&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.ars&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=197273&na=1589653109&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:10 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:10 GMT
arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame A5A1 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Origin
https://arstechnica.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 13eb5c0e05c1c43ed344f7e14dcf0a00.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
168
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:50:30 GMT
Server-Timing
fastly;dur=2;cpu=0;start=2022-03-06T11:38:33.914Z;desc=hit,rtt;dur=3
Content-Length
51500
Last-Modified
Tue, 25 May 2021 15:04:45 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"1631177d1131925333a3b2b652f3d8b2"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
xev8nmWFaYLFR9zoCsxqjaiSmUm2wquiLFyjcO6rBsT7dSKFr7aKkg==
arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/ Frame A5A1 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1621877260/arstechnica_unsolved-mysteries-unsolved-mysteries-of-quantum-leap.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 25b4c4372feadf7e1722c01c8c9eeea0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
168
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:50:30 GMT
Server-Timing
fastly;dur=2;cpu=0;start=2022-03-06T11:38:33.914Z;desc=hit,rtt;dur=3
Content-Length
51500
Last-Modified
Tue, 25 May 2021 15:04:45 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"1631177d1131925333a3b2b652f3d8b2"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
50ylZlX4w3Ipjt5sbG5nDAuI1_WQloE6GLZRh34IelRc2RxrMoC74A==
t
elsa.memoinsights.com/ 		104 B
346 B 		Script
General
Check archive.org
Download Go to
Full URL
https://elsa.memoinsights.com/t?pid=62012a7a19351c07620394e0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&author%5B%5D=Dan%20Goodin&title=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week&date=2022-03-10T22%3A01%3A39Z&referrer=&ref_url=&page_url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&cb=MEMO.API.callbacks.cbkampwl&v=v3.0.5&t=5000&e=5000&s=0
Requested by
Host: cdn.memo.co
URL: https://cdn.memo.co/js/memo.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.90.162 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-90-162.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
f9a1171fde453f3ece04daab3fb1fb9b801dec400d4ae2679ff0f374fc150c99

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:10 GMT
x-envoy-upstream-service-time
0
server
istio-envoy
Connection
keep-alive
Content-Length
104
x-request-id
7e0ec7f96e281b2a9bca9c7c2c3fdf51
content-type
application/javascript
ef00b7cb-a2f3-4475-a3c1-a4a6f6959d41
https://arstechnica.com/ Frame A5A1 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://arstechnica.com/ef00b7cb-a2f3-4475-a3c1-a4a6f6959d41
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
173d7c7e266672df75c4e048a934c55ee24d9a9028a87fd2957e74d1bd6a8d08

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
5409
Content-Type
application/javascript
/
id.sv.rkdms.com/identity/ 		66 B
348 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=CONDENAST&sv_domain=arstechnica.com
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.24.252 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-24-252.compute-1.amazonaws.com
Software
nginx/1.20.2 /
Resource Hash
ee5955c6046065755ce9fbbc2fad28d4fd1e739f2779955dd4332b5858363069

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://arstechnica.com
date
Fri, 11 Mar 2022 10:53:11 GMT
access-control-allow-credentials
true
server
nginx/1.20.2
content-length
66
vary
Origin
content-type
application/json
arstechnica_war-stories-gail-tilden.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1603899385/ Frame 8A4E 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1603899385/arstechnica_war-stories-gail-tilden.jpg
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
5d076962515986764e40e0d4d8ba48e9ea4b61189b10d4de9365822e7f821098
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Origin
https://arstechnica.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 13eb5c0e05c1c43ed344f7e14dcf0a00.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
8
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:08 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-06T07:09:13.288Z;desc=hit,rtt;dur=3
Content-Length
65640
Last-Modified
Thu, 29 Oct 2020 15:19:46 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"37eb408a26d0e945f1fa03c18b4b949f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
87uCwdwe--LvHCmM689sx255yoPz-0v4WndR_y45vB_oiSt5aE3tDg==
pixel.gif
load77.exelator.com/ Frame 83DF
Redirect Chain
  • https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=68547252942253779170798061318171033219
  • https://load77.exelator.com/pixel.gif
43 B
438 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://load77.exelator.com/pixel.gif
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
2a02:6ea0:c400::12 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-77-pop
newyorkUSNY
date
Fri, 11 Mar 2022 10:53:12 GMT
x-age-lb
19
x-77-nzt-ray
38q1WeCXo6U
x-77-cache
HIT
content-length
43
x-cache
HIT
x-age
1004060
x-77-nzt
Alm7sQ8sH8nvHFIPAJySO+jLG7X/EwAAAA
x-lb-ip
156.146.59.232
x-cache-lb
HIT
x-accel-expires
@1647028732
last-modified
Wed, 25 Oct 2017 17:03:56 GMT
server
CDN77-Turbo
etag
"59f0c3fc-2b"
x-lb-pop
newyorkUSNY
content-type
image/gif
access-control-allow-origin
*
accept-ranges
bytes
expires
Fri, 15 Jan 2021 19:58:16 GMT

Redirect headers

date
Fri, 11 Mar 2022 10:53:11 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://load77.exelator.com/pixel.gif
cache-control
no-cache
access-control-allow-credentials
true
content-type
image/gif
content-length
0
/
www.facebook.com/tr/ Frame ED5B 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
Origin
https://arstechnica.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0
date
Fri, 11 Mar 2022 10:53:11 GMT
1bc647ac-36da-4168-babe-53b6ffc4e4d9
https://arstechnica.com/ Frame 8A4E 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://arstechnica.com/1bc647ac-36da-4168-babe-53b6ffc4e4d9
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
173d7c7e266672df75c4e048a934c55ee24d9a9028a87fd2957e74d1bd6a8d08

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
5409
Content-Type
application/javascript
arstechnica_war-stories-gail-tilden.jpg
dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1603899385/ Frame 8A4E 		64 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dwgyu36up6iuz.cloudfront.net/heru80fdn/image/upload/c_fill,d_placeholder_arstechnica.png,fl_progressive,g_face,h_450,q_80,w_800/v1603899385/arstechnica_war-stories-gail-tilden.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.120.215 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-120-215.ewr52.r.cloudfront.net
Software
Cloudinary /
Resource Hash
5d076962515986764e40e0d4d8ba48e9ea4b61189b10d4de9365822e7f821098
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security
max-age=604800
Via
1.1 25b4c4372feadf7e1722c01c8c9eeea0.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Age
8
X-Cache
Hit from cloudfront
Date
Fri, 11 Mar 2022 10:53:08 GMT
Server-Timing
fastly;dur=1;cpu=0;start=2022-03-06T07:09:13.288Z;desc=hit,rtt;dur=3
Content-Length
65640
Last-Modified
Thu, 29 Oct 2020 15:19:46 GMT
Server
Cloudinary
Cache-Control
public, no-transform, max-age=300
ETag
"37eb408a26d0e945f1fa03c18b4b949f"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length,ETag,Server-Timing,X-Content-Type-Options
Connection
keep-alive
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
Timing-Allow-Origin
*
X-Amz-Cf-Id
B1ETxDk5Lk8uaf67nocdA7N7a-NQc7Qjv1uGH7kT1FLEFwYYokH4Nw==
usermatch
ssum-sec.casalemedia.com/ Frame 296F 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f584fecc26e454af055fc09703c4bd577eb2a5bc797910f0f69f2d017cc33131

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|45|230|241|206|131|3|105
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 11 Mar 2022 10:53:11 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:11 GMT
Content-Length
1878
Connection
keep-alive
usync.html
eus.rubiconproject.com/ Frame 87B0 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"402b2-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 11 Mar 2022 10:53:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
visitormatch
bh.contextweb.com/ Frame FD72 		930 B
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
da161a8783423e515443a9aa247ba42e83bea343431dccfa77e0fa7856f0f561
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-5799967b4-pc9d9
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-CA
content-type
text/html;charset=iso-8859-1
content-length
930
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
ecm3
s.amazon-adsystem.com/ Frame 3586
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58251/sync?redir=true
  • https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1ielZIVTVwRTJ1TEI1UktRc2czSkd5YjlXbGdnSldtbH5B
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1ielZIVTVwRTJ1TEI1UktRc2czSkd5YjlXbGdnSldtbH5B
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Fri, 11 Mar 2022 10:53:11 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
VYBW96V36ZX8KHA385B9
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Fri, 11 Mar 2022 10:53:11 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location
https://s.amazon-adsystem.com/ecm3?ex=vmg.com&id=eS1ielZIVTVwRTJ1TEI1UktRc2czSkd5YjlXbGdnSldtbH5B
age
0
server
ATS/9.1.0.33
cm
u.openx.net/w/1.0/ Frame 30D5 		629 B
423 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
5f051ce04c92470044891b9377a5b538bff2c906ed0159ad922688b362949552

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.2.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Fri, 11 Mar 2022 10:53:11 GMT
content-type
text/html
content-length
404
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ecm3
s.amazon-adsystem.com/ Frame 9C80
Redirect Chain
  • https://ssbsync-us.smartadserver.com/api/sync?callerId=2
  • https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=489781436322581848&gdpr=0&gdpr_consent=
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=489781436322581848&gdpr=0&gdpr_consent=
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Fri, 11 Mar 2022 10:53:11 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
AEBZKVZ5WS52WA0PHQPE
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

content-length
0
date
Fri, 11 Mar 2022 10:53:10 GMT
location
https://s.amazon-adsystem.com/ecm3?ex=smart.com&id=489781436322581848&gdpr=0&gdpr_consent=
ecm3
s.amazon-adsystem.com/ Frame 0F4A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://s.amazon-adsystem.com/ecm3?id=$UID&ex=appnexus.com
  • https://s.amazon-adsystem.com/ecm3?id=7380764466701486637&ex=appnexus.com
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?id=7380764466701486637&ex=appnexus.com
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Fri, 11 Mar 2022 10:53:11 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
EFBYDN2RWF3D2HQKSRV7
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

Server
nginx/1.17.9
Date
Fri, 11 Mar 2022 10:53:11 GMT
Content-Type
text/html; charset=utf-8
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, private
Pragma
no-cache
Expires
Sat, 15 Nov 2008 16:00:00 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection
0
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Location
https://s.amazon-adsystem.com/ecm3?id=7380764466701486637&ex=appnexus.com
AN-X-Request-Uuid
3a3fda90-6bc9-485c-afbb-b433e49e8526
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
ecm3
s.amazon-adsystem.com/ Frame 5FC3
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
  • https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3712844220807655623468
43 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3712844220807655623468
Requested by
Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=n-index_rbd_ppt_n-vmg_ox-db5_smrt_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9

Response headers

Server
Server
Date
Fri, 11 Mar 2022 10:53:11 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
x-amz-rid
YTBPMRKV3GSA0KP3BYZ1
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Permissions-Policy
interest-cohort=()

Redirect headers

date
Fri, 11 Mar 2022 10:53:11 GMT
content-length
0
location
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=3712844220807655623468
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4C40 		624 B
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYsJi0wwEwAQ&v=APEucNUz35vu33dz8oxirZ6aj7GD2fh08sLFmqYHJruoCKHp1aZ_E7FJQqDvMCKYOEhGe5u_n_nzQvweEleaqmqNqxGSeePuEg
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 11 Mar 2022 10:53:11 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame F4E3 		77 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpUnabg9PflzwgYysemLH4f_arI7ntBGbEBWKsVtjLXB75Nzen9rD54rjjm-vzETrOfAEujxH42mRVEyQnNwnfGy5WxRJCGi4sPShcV_ozDQWex-Ioluu0YzBSeSDq0NIYW93uqlMCZ80RNcmCBoNEYiOrTmkegXs5Pi-nhGfBb_0GgrY&cry=1&dbm_d=AKAmf-D7EVbXRM9rS0FmObfZ9yJNmLPLPXfMA8GAWQiz6Q0OzF9y5AJKH-NBU4XwgQJE-L-UdiPMkog153DZ25qSgP74omlN-jS8TYzpyR8tVFsmt-kpCWtAzokRZgELNt0R-IGkrvWAhIMPycB-KeDBukzPK0C8oOaz9ds5zKx-euruhOhMcwqoxMNeHcdXjQ2IYyDGLg1PWvCaMBsDN_C8v6qUl7K7YokZBQAcwzQjoUVtciu2FlngLUupeXBo7vCXEgQSw9PLxsGmecz0mmTI0dzgmCrqFBMpl0cPGGGyFXxEky98BhYeBR4l-hWg2IRnvM9jEOPWl7UrkxzOA96sJnVluS9_hwGUm-MRCOrQ6o6s0B0iV4-WwhiTK8TuC12_0i_jdrWtmUhaanaB9HD-GlaDkyv-V2xpa8Y0rFsD61zm7NarXp8IFYDTQD7aQwdKM5GbOUDJc-UNT4s08l6yc4PfufAYzz1f4auNHY0Q6HhtDnpqFoEgmNo1yaRnMOLf4u5ohmU2775XOEx95P2rrunHi0lxTCL31p-MTlEUmPUMZr8gPxmaFh6QwbhakX8l_eHijoYMDBkII0Yfd2PdGs34DrARp6FxaI0YESaxQ85xwSSFIGJ8zyTlzfDuihx9tqaKPkiEprwKUin-mHsAbgnedRtrTiCKNe5D-S7SVBHQKxWr2vohyO0eT0fRq36T24hI3yJus1FbqRJw5fs7fn1A1Etz5dc0dzRmMtFQVThpTeRiT-7oO2H8INVhauN4SOssGUKwz7koqRzF0n-yY4vd1GR0Wj8xNCBqqB529eJyyLLwnz5rqVO774P7Q7jLnd1UEpCNTRr9BCGMumnFj2Bmb9AGYnh-TkzBoP-xeRfmV9YJ2iZGGkS0qLtNRLJa5qO_A6tJ2VCpnB7bRX_ev-d1Iv1JsClBH-P9ADngZH_4_462kB5KY8eeVldBryy2NUqqFciGWDPHfsGHWMKzDnD2eN0OKje05lvnY7Ir2O9L9dn6NxjV_2zK9EQRtZKJUsflmgQikXVeRXV9yOLvHIEIA31QOFWlbjNhKsgvNR6uPqJywmQmAPqJEkDm9TLoD1cQJcS7fnogFi9l5rF0cnkBb8hc6YEM4xH5pBLj5SCc9VUxQbEWE_xfayg7iqQNpStj4gg89MBL9GIvUyH40Pa7K_muaOrpT2QdWzm9jye_u069ifbfdINtt54-vzryqDfyvFpZ5B8-fncByVu5Az_wcR6vBYNSUhVoXpUrZle4DhbzkNnqK6PV-baNLxXmPU5vy-jwLVKO-C7gFJi8PnST_xWsv85FELrZeoEm3tw5fEea31rF56uCJA5C9Dpxl-j09SZDE22-D0pmmjIUVlY3LvRoclWeMfD6G6HqAISzfghaZkqTzcl87No70goAEsTeB02Yf7Tsx9FiJDSyOJTYx1-OkPQhDD3tYmdLy9I84wqoAS2rIlUn0UneZPKaZKR67fZ4KY-biQV1FIG_hNDEcB-zF_POZy4f5Fpxhvuv8wmD-4T6OFzPDIJ3rw7twY3RFikDzK5DFP1L1ExnqTE4FHUq7cAhj0dFOg6hOedlaJ60DiaJ74U9d6zn4rA4AEq4fivH9NUAq54YP8iDvsjYv0shjA7xfZ8snUaf9rNZzk3eN5OH8WYgoQBCmUSC2KxH3HCqPvvX4D4Z-D8vMQ9DNXaNruJ5fldf5wG_chVubUmu-2-o5gzO7nqPoQQ7DsY_kdB5djjdvMjnQLuP_qqmcYObBta9QraZOesxT4BSasLRwZqOkgLv4W1fDcTQHzSmfhkPsNpVlTnqZYT6YLiJsVV7psOCVuM4euUFJ4f1UPHY6AKEno2fgEyxs-7zZR7yqQ1ALiJLBeFHhG-A43mC3QQStkZdzLGhz9drr0ToQpnY_5XgYZJfaiqpv547Z5T2iQ9k3FWjUzBgdtjDnA_evxsIHIsf_WjilAWprMevHeZOPM6RAC66j6Zv4Dp8ADAFClc3nbCSZ6O2I6wAGquxrhB8tJAplUi6QhZ-8aT6FbmPSlXhDaHM_ubthENm26l1j3FzSHIQ-rvXPF0KEDlJwYZZpjRwkTsCDmzW6AlApZ1DdmXQZ45J7uQBaR_PIcxGfigGZsGuC3W3Nhd4MWfyhXk_wFsUrmuVb8mhEnyPcsakMYTOUVFF1Ata88WrdHYTFPNt85oz-JrO2K2gSny8Nstznr0cpDhRyxQF1xhMRrkvUmy4EUp90YZVzJvcDPZEl9MmZyqxLmg1SI2rG6ytvqxuHbueATO5wGmLm077koFmChyrKdqRfobUSR0mmM2HHMZZaWYhIuYF9GA8neC_ShWFVQLH4HK1ihY4KyuTnqLSpxGT0AXJotvUfymqHwBGkMfA6IeSPnr5OKNyTRjB0QMIy6K_DHFk5kCwoSnda2zEyiItAVdeu5GUQOfQ7cy4WDshoC0owxRwCJZhgpW8e9S0Z7QoX3GEV12BG-xYrHBYfUtqF73F05zCiksu0UaI_kLld5UCEMbyq7hEtTE98bAq6Ggu8vhbLFcuFJmlhBUcKKJ4wTaLK6sqr20vE2CaluyMz8bsA50OpLZuVhz9GjtNIcfJcZ73XJDY3kaW5oax3gVtLuZVUB60oAY1b1enipbKdkq1vLvEVNgveYeRChWE0ng1_1ZkGBZnrzCG_ayCT2PRiw7A7rdgnq5-Yjf46dBQS9rdFKBuWxSY0CqQSsdZ7RkOuEHpBzbsEvN6lKnruz-Xtd9PcuQu0DZA32FQxM_gniils5VOczf-QU3ENiKWiw0aS_6ATB9PKrMqMIy9oeuDwR0KD9X0-rJAgYEL4dQ0XsT-zl-06GCTPL8iGD3tkVaxN-QZwSR57CBqP9klbvFhBQI3-brbEOksqEClcjdybHTrCo1yDbvz8ydnlWNTV89LpHSUv4F057pYin3RhN_0tmI5k6giHwtf8E1XL6SIRf5Izzm3Jm4R22BiRiJ49-E8bl32CPGCDTp6V8zUC2MdqjTvHHPFD9VbgoeGA96kCqP8vpfuc-ECFm9ZGOvIa4fTd1F0pBLJiWka7P35iCGME_X0bnw3VhyS7QdBaj4Vw6oXN_tqUgcalwO-4D7hwXbAA3sVlVB-T2czJ14e4ULBejtU5TXpE2vMlZoe4ueqdo6jgypFCg2MI-LSOS2nmmFylLdYsscAncFb_dI3SR16V8Y2bIxgg41es7VkxOa1UIWqUp_ZxWl4UiqfUOkf8tYYGceSHHE1XyuVzFqIbH24Xoifn_C6-QyaA8K_A895jWZettoG8V0hkxqSWHTyXqtGqTAg4w50mhAj9J8731-EvbZ2A5J5uE-YJKN1T2ia6i0Vui6ql6xVvDmcbgdHUeaissl3qUPx1rt0Je5KrrndsjcwwWgDmCksSNtmBrxB6oL2JRtQt7dPU0MgTDH4AeIDQu76OOqNY8MyH1l8m9IMINj27oxSCvinTwUT6ORKzSei2ogXAvpmkCImMPgc0LoXUmtZhA2pfd8bk7xFuzwshk3KhPeo8G4-mE202Uf3BIpWOLEt4HeiE30e_Jf1-8_lvGHkmhKkfUn7a5enFvrHJ4oK-jM7nYT6tImy1WOjISLYRj_qZvHAPt-8pZuGIpEGbLPisH3_EvkuFQ1qMGGedBxSJo3FZciv6OmARZfno5DrSFht9-Ydv_pECLSGd0q68MFA_cLMI44BjZn0xP8kzWf--l9yeWIPlAGKegLXZenmObK2lb7a2il5UmnfWJxicdd1_NNPI29_w8jv72U6RElimq6zUTTc8y_sQEE-b86BS6SyFLVl74KeitCFFWfmY_E9QAN2OMPJzKY3gEYnDbbXBiylKHuskGMbIZujVITPi9_cqEVh3Lz0D_MdKkt2-jIljU_wONhkFgqzVC2FIocWh5QK1lQSmR2Cf-VpWw9GktFwjBk40XQuLDLDDA&cid=CAASJeRo_O_07n-NJYFWsgRw8WV9erQo38iwoVQawUl4ArnrCPu3Q7k&rfl=1%2Chttps%253A%252F%252Farstechnica.com%252F%240
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17828d5067aa485c747a0e94d3a01d076f725d745d547e091cfebc2ebafa8af6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:11 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32992
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F4E3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AbzSGyj96ZSkZm8pFQ_NWsTyZ5Q8FsTSzYXuoCWMxjE6VQVDNyJHNLD5FRb1OXs-uSuwy8HsSl6KQ7J0LeDlRHESJy2aPcLOVQSgjltYSFH9iw_1s
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:11 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame F4E3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
454
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Mar 2022 10:45:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F4E3 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 11 Mar 2022 10:53:11 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame F4E3 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:43:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6397
x-xss-protection
0
server
cafe
etag
14404976697706490601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Mar 2022 10:43:04 GMT
l
www.google.com/ads/measurement/ Frame F4E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwn86VWWp2V3CsxX83cTcP9wzHj6g5ILG33ZWWHoGtgjjBDRYtC6Y2S702p-2QoO50LIVP1IaIyWVOD6loIYR4SdpHsg
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame 14BC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3480839182339453453&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3480839182339453453&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
via
1.1 google
server
OXGW/17.2.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3480839182339453453&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 11 Mar 2022 10:53:10 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 14BC
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YisqEAAAAByHOAQr
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YisqEAAAAByHOAQr
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
via
1.1 google
server
OXGW/17.2.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646995991.306352,VS0,VE0
x-served-by
cache-yul12822-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YisqEAAAAByHOAQr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
12cf9e95-a634-ea46-fabb-59e68c0d29c5
pr-bh.ybp.yahoo.com/sync/openx/ Frame 14BC 		43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/12cf9e95-a634-ea46-fabb-59e68c0d29c5?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:46a:34b7:83ca:e02c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame 14BC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=8608f8d1-3698-780f-cb6c-4f13735ae48c&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=6e0633dc-a403-42d4-8fdd-03bcf8268488&ttd_puid=8608f8d1-3698-780f-cb6c-4f13735ae48c&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6e0633dc-a403-42d4-8fdd-03bcf8268488&ttd_puid=8608f8d1-3698-780f-cb6c-4f13735ae48c&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
via
1.1 google
server
OXGW/17.2.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6e0633dc-a403-42d4-8fdd-03bcf8268488&ttd_puid=8608f8d1-3698-780f-cb6c-4f13735ae48c&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame 14BC 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWE2NzJiMWItZmZlZi0yNmFiLWRlOGMtMTVhYWI5YjgyYWVj
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 14BC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBQtiJ9e9L1hgBQbgByPk3o&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBQtiJ9e9L1hgBQbgByPk3o&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
via
1.1 google
server
OXGW/17.2.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBQtiJ9e9L1hgBQbgByPk3o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BBDF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3480839182339453453&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3480839182339453453&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
via
1.1 google
server
OXGW/17.2.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3480839182339453453&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 11 Mar 2022 10:53:10 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame BBDF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YisqEAAAAByHOAQr
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YisqEAAAAByHOAQr
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
via
1.1 google
server
OXGW/17.2.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:11 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646995991.306398,VS0,VE0
x-served-by
cache-yul12822-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YisqEAAAAByHOAQr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
12cf9e95-a634-ea46-fabb-59e68c0d29c5
pr-bh.ybp.yahoo.com/sync/openx/ Frame BBDF 		43 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/openx/12cf9e95-a634-ea46-fabb-59e68c0d29c5?gdpr=0
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:46a:34b7:83ca:e02c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:12 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
sd
us-u.openx.net/w/1.0/ Frame BBDF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=8608f8d1-3698-780f-cb6c-4f13735ae48c&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=6e0633dc-a403-42d4-8fdd-03bcf8268488&ttd_puid=8608f8d1-3698-780f-cb6c-4f13735ae48c&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6e0633dc-a403-42d4-8fdd-03bcf8268488&ttd_puid=8608f8d1-3698-780f-cb6c-4f13735ae48c&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
via
1.1 google
server
OXGW/17.2.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=6e0633dc-a403-42d4-8fdd-03bcf8268488&ttd_puid=8608f8d1-3698-780f-cb6c-4f13735ae48c&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
pixel
cm.g.doubleclick.net/ Frame BBDF 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWE2NzJiMWItZmZlZi0yNmFiLWRlOGMtMTVhYWI5YjgyYWVj
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BBDF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBQtiJ9e9L1hgBQbgByPk3o&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBQtiJ9e9L1hgBQbgByPk3o&google_cver=1
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
via
1.1 google
server
OXGW/17.2.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBQtiJ9e9L1hgBQbgByPk3o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 3228
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=4&gdpr=0
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072977&val=5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341&gdpr=0&gdpr_consent=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072977&val=5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341&gdpr=0&gdpr_consent=
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
via
1.1 google
server
OXGW/17.2.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:11 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://us-u.openx.net/w/1.0/sd?id=537072977&val=5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
receive
pixel.tapad.com/idsync/ex/ Frame 3228 		95 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=1955&partner_device_id=80768b2d-6d9f-4588-818d-d7c540d62580
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.246.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
49.246.178.107.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:11 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
sync
ups.analytics.yahoo.com/ups/58294/ Frame 3228
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9e0a35ea-c8e3-4b1b-9efa-4af6f54a373e&r=https://pixel.advertising.com/ups/58294/sync?_origin=1&uid={OPENX_ID}
  • https://pixel.advertising.com/ups/58294/sync?_origin=1&uid=a8cc7b58-eef2-4246-984b-8e19e4f910e5
  • https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=a8cc7b58-eef2-4246-984b-8e19e4f910e5&apid=UP7056a3fc-a129-11ec-b6e3-0210df448c65
0
167 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=a8cc7b58-eef2-4246-984b-8e19e4f910e5&apid=UP7056a3fc-a129-11ec-b6e3-0210df448c65
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:14 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58294/sync?_origin=1&uid=a8cc7b58-eef2-4246-984b-8e19e4f910e5&apid=UP7056a3fc-a129-11ec-b6e3-0210df448c65
date
Fri, 11 Mar 2022 10:53:13 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
47154.gif
idsync.rlcdn.com/ Frame 3228
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=e508c905-ddce-4732-92a4-0b0f5b72a28f&r=https%3A%2F%2Fid.rlcdn.com%2F464246.gif%3Fpartner_uid%3D
  • https://id.rlcdn.com/464246.gif?partner_uid=d3ce87b7-fbdf-4e6f-9415-cfe04ac18554
  • https://sync.mathtag.com/sync/img?mt_exid=10017&redir=https%3A%2F%2Fidsync.rlcdn.com%2F47154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%5BMM_UUID%5D
  • https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

Date
Fri, 11 Mar 2022 10:53:14 GMT
Server
MT3 4256 109297d master iad-pixel-x3 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://idsync.rlcdn.com/47154.gif?served_by=evergreen&partner_uid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Mar 2022 10:53:13 GMT
sd
us-u.openx.net/w/1.0/ Frame 3228
Redirect Chain
  • https://ib.adnxs.com/getuid?https://us-u.openx.net/w/1.0/sd?id=537072399&val=$UID
  • https://us-u.openx.net/w/1.0/sd?id=537072399&val=7380764466701486637
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7380764466701486637
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
via
1.1 google
server
OXGW/17.2.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:12 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
3101c1aa-276f-48da-82fd-b7f8a251a35e
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://us-u.openx.net/w/1.0/sd?id=537072399&val=7380764466701486637
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 3228 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6e1b1225-4dd8-4d7d-b277-465574a27014&id=dede84ac-2a32-c3f5-0b62-cd841b692f6c
Requested by
Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?plm=6&ph=92a42b2b-081a-4be8-96bc-8a959e4a3060&gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://us-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:12 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6JS8MJJVJRX5F9XYXRBH
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame A5A1 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x480|480x70&iu=/3379/conde.ars/player/information-technology/article&ciu_szs=300x60&gdfp_req=1&env=vp&output=vmap&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.5%26ctx_page_slug%3Dfeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%26cnt_tags%3Dcriminal-justice%252Cextortion%252Cindictments%252Cransomware%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D26%26usr_bkt_pv%3D64%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D%26ctx_line_items%3D%26height%3D329%26muted%3D0%26right_rail%3D0%26sensitive%3D0%26series%3D5c82bcebbcdfff6f132fc5e6%26width%3D584%26feature_flags%3Dclick-to-play&correlator=1247721029048928&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&vid=60abade4dc31e5375248cba6&cmsid=1495&ppid=8a88dde585d64eb899f5d9efef957024
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
60c3f2162f8079ebbcfacb99e8e83922b4c4b2da6f22b20c6b592072ae7aa51f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1226
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit-data
in.hotjar.com/api/v2/client/sites/1632543/ 		146 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/1632543/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.7d3f952308caf42c2b67.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.161.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-161-153.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 11 Mar 2022 10:53:11 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
usync.js
eus.rubiconproject.com/ Frame 4BFD 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
797c97257815c56cf48ec80a3ac309000ce91f6d2d1ee2e7bca5037a503eaa5e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:11 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76619
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9538
Expires
Sat, 12 Mar 2022 08:10:10 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 8A4E 		8 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x360|480x70&iu=/3379/conde.ars/inline-player/information-technology/article&ciu_szs=300x60&gdfp_req=1&env=vp&output=vmap&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.5%26ctx_page_slug%3Dfeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%26cnt_tags%3Dcriminal-justice%252Cextortion%252Cindictments%252Cransomware%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D26%26usr_bkt_pv%3D64%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D%26ctx_line_items%3D%26timeout%3D500%26height%3D155%26muted%3D1%26right_rail%3D0%26sensitive%3D0%26series%3D5c82bd18bcdfff6f1f2fc5e7%26width%3D276&correlator=1247721029048928&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&vid=5f90976042b5f03ec594bace&cmsid=1495&ppid=8a88dde585d64eb899f5d9efef957024
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
29bf31337ef99cc5bb0ae0fcd2b4626d863141c8900bd9175af03327d6285120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1280
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FEB5 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 23:55:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125874
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 09 Mar 2023 23:55:17 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame FEB5 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:11 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
10266
x-jsd-version
1.13.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19152-FRA, cache-yyz4539-YYZ
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"682b-2ihEYwqesMldd0dS8BiHEV2ELiA"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6ea3beb4df674bd1-YUL
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FEB5 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 11 Mar 2022 10:53:11 GMT
moatad.js
z.moatads.com/condenastdfp9588492144/ Frame FEB5 		329 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastdfp9588492144/moatad.js
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e312bc18779e0d9c6626ee0bdb426676ebb2835346604c114191b3ffe4251527

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:11 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 17:16:15 GMT
server
AmazonS3
x-amz-request-id
TWNZ1TVDCY58YB3Z
etag
"f0806f26c367a53146efd2e6b7b36d5f"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=9491
accept-ranges
bytes
content-length
112460
x-amz-id-2
LvkP12XD4LjHNvFIaYKBww79zPguhbpcSOsKP6oLovTYb81nsgaOzKM/uYmSuq9q8m0rqz7am+M=
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-11T10%3A53%3A11.925Z&_t=timespent&cBr=Ars%20Technica&cKe=criminal%20justice%7Cextortion%7Cindictments%7Cransomware&cCh=information%20technology&cTi=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=775&cId=1840246&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pWw=1600&pWh=1200&pPw=1600&pPh=5200&pSw=1600&pSh=1200&uID=0884e157-1f7d-4567-95c8-d99c9013a3c8&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&uDt=desktop&dim1=v1.0.25_iframe_query&_o=ars-technica&_c=general&xID=8a88dde5-85d6-4eb8-99f5-d9efef957024&_v=5000&environment=prod&origin=ars-technica
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:11 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
ibs:dpid=420&dpuuid=622b2a18a015d6b9
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://su.addthis.com/red/usync?pid=16&puid=68547252942253779170798061318171033219&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D420%26dpuuid%3D%7B%7Buid%7D%7D
  • https://dpm.demdex.net/ibs:dpid=420&dpuuid=622b2a18a015d6b9
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=420&dpuuid=622b2a18a015d6b9
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v026-06ffad653.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7ZM5hPCQQYo=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=420&dpuuid=622b2a18a015d6b9
pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NON ADM OUR DEV IND COM STA"
1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768.m3u8
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame A5A1 		11 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768.m3u8?requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4fb846048afd0ee79141b669572402fc0a024d937c00977e124405d11cd319fe

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 05:54:41 GMT
Content-Encoding
gzip
Vary
Accept-Encoding,Origin
Age
17912
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Mon, 24 May 2021 13:54:58 GMT
Server
AmazonS3
ETag
W/"cc4f278863bddb064b3e70268d5f02f8"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Via
1.1 3c6fb804e042beb7f78515bd450ae3a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR52-C3
X-Amz-Cf-Id
W8NiDIcsHaAKKD9ulPK7its-_bN1HhXnwPSLVCqW4_b_XAzqslPtkg==
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=conde.ars&zMoatAdUnit2=hero&zMoatAdUnit3=information-technology&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=7&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=1&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=315&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995982584&de=901890910919&rx=604451054343&cu=1646995982584&m=7681&ar=359f21c1e97-clean&iw=8105762&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=1&ag=1170&an=752&gi=1&gf=1170&gg=752&ix=1170&ic=1170&ez=1&ck=1170&kw=1504&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1170&bx=752&ci=1170&jz=1504&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1504&cd=1504&ah=1504&am=1504&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.ars&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=197273&na=855511879&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:12 GMT
moatvideo.js
z.moatads.com/condenastjsvideocontent160527792519/ Frame A5A1 		316 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastjsvideocontent160527792519/moatvideo.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fea322f456810170b635d0be50c4878688dfa63285f79768823c69a85626942c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:12 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 17:16:16 GMT
server
AmazonS3
x-amz-request-id
TC5WDVKQ8K7BQT24
etag
"62ba604f35a0eb0685da0cb2aa2a6336"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=9420
accept-ranges
bytes
content-length
107935
x-amz-id-2
GLOu3Co0AKYQa2SADPWUkKfVpuXGA3yRIYA+KGsWdsSWOdT8unydWez1Rb4EDxH4/+eXd84zJjU=
track
capture.condenastdigital.com/ Frame A5A1 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A12.508Z&_c=Video%20Ad&_t=Ad%20Call%20Made&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&cId=60abade4dc31e5375248cba6&cKe=Unsolved%20Mysteries%2CArs%20Technica%20Unsolved%20Mysteries%2CQuantum%20Leap%2CUnsolved%20Mysteries%20Quantum%20Leap%2CQuantum%20leap%20show%2Cquantum%20leap%20ending%2Cquantum%20leap%20bakula%2CDonald%20P%20Bellisario%2CQuantum%20Leap%20Finale%2CQuantum%20Leap%20JFK%2CQuantum%20Leap%20Lee%20Harvey%20Oswald%2CQuantum%20Leap%20interview%2CScott%20Bakula%2CDean%20Stockwell%2CQuantum%20Leap%20Ziggy%2CQuantum%20Leap%20Al%2CQuantum%20Leap%20NBC%2CNBC%20Quantum%20Leap%2CQuantum%20Leap%20Episodes%2Cquantum%20leap%20intro%2Cquantum%20leap%20ars%20technica%2Cars%20technica%20quantum%20leap&cPd=2021-05-25T15%3A00%3A00%2B00%3A00&cTi=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario&cTy=%2F3379%2Fconde.ars%2Fplayer%2Finformation-technology%2Farticle&mDu=854&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pWw=584&pWh=328.5&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=8a88dde5-85d6-4eb8-99f5-d9efef957024&dim1=%7B%22contentStartType%22%3A%22manual%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2201b4160%22%2C%22guid%22%3A%2252ffba68-ac11-d07e-f7e1-1bf842fa5181%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22manual%22%2C%22playerDepth%22%3A3725.75%2C%22playerType%22%3A%22video-continuous%22%2C%22playsOnPage%22%3A1%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3Anull%2C%22recStrategy%22%3Anull%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22OUT_OF_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:12 GMT
Connection
keep-alive
transfer-encoding
chunked
Content-Type
image/gif
async_usersync
ib.adnxs.com/ Frame F352 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:12 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
05b01028-8f3b-4814-8316-cdbad1f94578
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
f888e2cc-72c4-4e8d-abbf-db2c8eebbfa9file-1422k-128-48000-768.m3u8
dp8hsntg6do36.cloudfront.net/5f90976042b5f03ec594bace/ Frame 8A4E 		21 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f90976042b5f03ec594bace/f888e2cc-72c4-4e8d-abbf-db2c8eebbfa9file-1422k-128-48000-768.m3u8?requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c53c1e4fe935eca947511b36cc26c401f7f6f16042314d3e82c578e339e93f41

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 04:24:59 GMT
Content-Encoding
gzip
Vary
Accept-Encoding,Origin
Age
23294
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Access-Control-Allow-Origin
*
Last-Modified
Wed, 21 Oct 2020 20:45:09 GMT
Server
AmazonS3
ETag
W/"e095e6b433cc63b910d8fa67685129c8"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Via
1.1 3c6fb804e042beb7f78515bd450ae3a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
EWR52-C3
X-Amz-Cf-Id
9p4r5xODYSNDNT1Z2FzXNN9zn5EjKRpV8WZRYpk0pHlVlI1CBby3nA==
async_usersync
ib.adnxs.com/ Frame 893B 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:12 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
867da8df-1d07-442b-b0ca-d3259989b74c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8D19 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:12 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
379186a5-afa4-4e7f-9e24-acda04249e59
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pubcid.php
hbx.media.net/ Frame 99AA 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Fri, 11 Mar 2022 10:53:12 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 11:23:12 GMT
sync
gum.criteo.com/ Frame 99AA 		88 B
413 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
f90dbd1c287ed7162f3adf22f39fcb7f971ee8c26468d016ac21abc7a356d830
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:12 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
3781
strict-transport-security
max-age=31536000; preload;
content-length
206
expires
60
cksync.html
contextual.media.net/ Frame 5A5C
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Drkt%26refUrl%3D%26vid%3D699599273628999759014547490...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2899975901454749000V10&type=rkt&refUrl=&vid=69959927362899975901454749000V10&ovsid=1813050710406837267
219 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2899975901454749000V10&type=rkt&refUrl=&vid=69959927362899975901454749000V10&ovsid=1813050710406837267
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/

Response headers

server
Apache
content-length
219
content-type
text/html;charset=UTF-8
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:13 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT

Redirect headers

Date
Fri, 11 Mar 2022 10:53:13 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2899975901454749000V10&type=rkt&refUrl=&vid=69959927362899975901454749000V10&ovsid=1813050710406837267
Content-Length
0
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame 99AA
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=5793113d4adc1210&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=con&refUrl=&vid=69959927362899975901454749000V10&ovsid=AAAGahZLjM3i3QMH_QRbAAAAAAA&expiration=1647082394&is_secure=true
45 B
459 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=con&refUrl=&vid=69959927362899975901454749000V10&ovsid=AAAGahZLjM3i3QMH_QRbAAAAAAA&expiration=1647082394&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=con&refUrl=&vid=69959927362899975901454749000V10&ovsid=AAAGahZLjM3i3QMH_QRbAAAAAAA&expiration=1647082394&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame 99AA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dmma%26refUrl%3D%26vid%3D699599273628999759014547...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=mma&refUrl=&vid=69959927362899975901454749000V10&ovsid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
45 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=mma&refUrl=&vid=69959927362899975901454749000V10&ovsid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

Date
Fri, 11 Mar 2022 10:53:12 GMT
Server
MT3 4256 109297d master iad-pixel-x31 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=mma&refUrl=&vid=69959927362899975901454749000V10&ovsid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Mar 2022 10:53:11 GMT
cksync
cs.media.net/ Frame 99AA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjg5OTk3NTkwMTQ1NDc0OTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB4pejAekEEt_MjVRbcwjVY&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB4pejAekEEt_MjVRbcwjVY&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:13 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB4pejAekEEt_MjVRbcwjVY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 99AA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Ddxu%26refUrl%3D%26vid%3D69959927362899975901454...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Ddxu%26refUrl%3D%26vid%3D69959927362899975...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=dxu&refUrl=&vid=69959927362899975901454749000V10&ovsid=WmVnYQcI1NsCTu5
45 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=dxu&refUrl=&vid=69959927362899975901454749000V10&ovsid=WmVnYQcI1NsCTu5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:13 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-02da2fc23fed09ba1@us-east-1e@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=dxu&refUrl=&vid=69959927362899975901454749000V10&ovsid=WmVnYQcI1NsCTu5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 99AA
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fa7763bf-d917-451f-853b-cf8801daf3e6
45 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fa7763bf-d917-451f-853b-cf8801daf3e6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fa7763bf-d917-451f-853b-cf8801daf3e6
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2064897
content-length
0
expires
Fri, 11 Mar 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 99AA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://server.cpmstar.com/usersync.aspx?bsw_custom_parameter=82063e31-d895-4c78-815b-e5685b556304&gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D440%26ss...
  • https://x.bidswitch.net/sync?dsp_id=440&ssp=medianet&user_id=JWH03wyZvpQ6VgSnIn510
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=82063e31-d895-4c78-815b-e5685b556304&gdpr=&gdpr_consent=&gdpr_pd=
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=82063e31-d895-4c78-815b-e5685b556304&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:15 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=82063e31-d895-4c78-815b-e5685b556304&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 11 Mar 2022 10:53:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cksync.php
contextual.media.net/ Frame 99AA
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dzem%26refUrl%3D%26vid%3D69959927362899975901454749...
  • https://stags.bluekai.com/site/23178?id=M2AFWxq8fWs1QCyO1OUy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKNGJAUMV3YOE4GMV3TGFIUG6KPGFHVK...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=M2AFWxq8fWs1QCyO1OUy&refUrl=&type=zem&vid=69959927362899975901454749000V10&vsid=2899975901454749000V10
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=M2AFWxq8fWs1QCyO1OUy&refUrl=&type=zem&vid=69959927362899975901454749000V10&vsid=2899975901454749000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:15 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=M2AFWxq8fWs1QCyO1OUy&refUrl=&type=zem&vid=69959927362899975901454749000V10&vsid=2899975901454749000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
/
dmp.adblade.com/srv/sync/gateway/ Frame 99AA 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:12 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 99AA
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2899975901454749000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=59125365-6b70-4daa-8987-45b896b15e4d&cs=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=59125365-6b70-4daa-8987-45b896b15e4d&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=59125365-6b70-4daa-8987-45b896b15e4d&cs=1
date
Fri, 11 Mar 2022 10:53:12 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
710489.gif
id.rlcdn.com/ Frame 99AA 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:12 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 99AA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6e0633dc-a403-42d4-8fdd-03bcf8268488
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6e0633dc-a403-42d4-8fdd-03bcf8268488
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6e0633dc-a403-42d4-8fdd-03bcf8268488
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
sync
ups.analytics.yahoo.com/ups/58222/ Frame 99AA
Redirect Chain
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2899975901454749000V10
0
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2899975901454749000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:13 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2899975901454749000V10
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=0, no-cache, no-store
expires
Fri, 11 Mar 2022 10:53:12 GMT
date
Fri, 11 Mar 2022 10:53:12 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pubcid.php
hbx.media.net/ Frame 36A0 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Fri, 11 Mar 2022 10:53:12 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 11:23:12 GMT
sync
gum.criteo.com/ Frame 36A0 		88 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
a2366a1c3a0c9cfd2f98e11d6183507debc057e4736139ba4cb4218943ae1971
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:12 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
3480
strict-transport-security
max-age=31536000; preload;
content-length
209
expires
60
cksync
cs.media.net/ Frame 36A0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjg5OTk3NTkwMTQ1NDc0OTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB4pejAekEEt_MjVRbcwjVY&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB4pejAekEEt_MjVRbcwjVY&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB4pejAekEEt_MjVRbcwjVY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.html
contextual.media.net/ Frame 568D
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Drkt%26refUrl%3D%26vid%3D699599284828999759014547490...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2899975901454749000V10&type=rkt&refUrl=&vid=69959928482899975901454749000V10&ovsid=1791377137828703288
219 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2899975901454749000V10&type=rkt&refUrl=&vid=69959928482899975901454749000V10&ovsid=1791377137828703288
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/

Response headers

server
Apache
content-length
219
content-type
text/html;charset=UTF-8
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:13 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT

Redirect headers

Date
Fri, 11 Mar 2022 10:53:13 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2899975901454749000V10&type=rkt&refUrl=&vid=69959928482899975901454749000V10&ovsid=1791377137828703288
Content-Length
0
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame 36A0
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fa7763bf-d917-451f-853b-cf8801daf3e6
45 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fa7763bf-d917-451f-853b-cf8801daf3e6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fa7763bf-d917-451f-853b-cf8801daf3e6
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1882570
content-length
0
expires
Fri, 11 Mar 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 36A0
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=medianet&bsw_user_id=82063e31-d895-4c78-815b-e5685b556304
  • https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=59125365-6b70-4daa-8987-45b896b15e4d&ssp=medianet
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=82063e31-d895-4c78-815b-e5685b556304&gdpr=&gdpr_consent=&gdpr_pd=
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=82063e31-d895-4c78-815b-e5685b556304&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:15 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=82063e31-d895-4c78-815b-e5685b556304&gdpr=&gdpr_consent=&gdpr_pd=
Date
Fri, 11 Mar 2022 10:53:14 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
dmp.adblade.com/srv/sync/gateway/ Frame 36A0 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:12 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 36A0
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2899975901454749000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=59125365-6b70-4daa-8987-45b896b15e4d&cs=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=59125365-6b70-4daa-8987-45b896b15e4d&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=59125365-6b70-4daa-8987-45b896b15e4d&cs=1
date
Fri, 11 Mar 2022 10:53:12 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
710489.gif
id.rlcdn.com/ Frame 36A0 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:12 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 36A0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6e0633dc-a403-42d4-8fdd-03bcf8268488
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6e0633dc-a403-42d4-8fdd-03bcf8268488
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6e0633dc-a403-42d4-8fdd-03bcf8268488
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
sync
ups.analytics.yahoo.com/ups/58222/ Frame 36A0
Redirect Chain
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2899975901454749000V10
0
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2899975901454749000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:14 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2899975901454749000V10
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=0, no-cache, no-store
expires
Fri, 11 Mar 2022 10:53:12 GMT
date
Fri, 11 Mar 2022 10:53:12 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cksync.php
contextual.media.net/ Frame 36A0
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=7f2e9b0ac968120d&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=con&refUrl=&vid=69959928482899975901454749000V10&ovsid=AAAGanE-nQtayANHnmXKAAAAAAA&expiration=1647082394&is_secure=true
45 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=con&refUrl=&vid=69959928482899975901454749000V10&ovsid=AAAGanE-nQtayANHnmXKAAAAAAA&expiration=1647082394&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=con&refUrl=&vid=69959928482899975901454749000V10&ovsid=AAAGanE-nQtayANHnmXKAAAAAAA&expiration=1647082394&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame 36A0
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dmma%26refUrl%3D%26vid%3D699599284828999759014547...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=mma&refUrl=&vid=69959928482899975901454749000V10&ovsid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
45 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=mma&refUrl=&vid=69959928482899975901454749000V10&ovsid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

Date
Fri, 11 Mar 2022 10:53:12 GMT
Server
MT3 4256 109297d master iad-pixel-x3 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=mma&refUrl=&vid=69959928482899975901454749000V10&ovsid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Mar 2022 10:53:11 GMT
cksync.php
contextual.media.net/ Frame 36A0
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Ddxu%26refUrl%3D%26vid%3D69959928482899975901454...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=dxu&refUrl=&vid=69959928482899975901454749000V10&ovsid=WmVnYQcI1NsCTu5
45 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=dxu&refUrl=&vid=69959928482899975901454749000V10&ovsid=WmVnYQcI1NsCTu5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:12 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0cc57b327582b3ba9@us-east-1d@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=dxu&refUrl=&vid=69959928482899975901454749000V10&ovsid=WmVnYQcI1NsCTu5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 36A0
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dzem%26refUrl%3D%26vid%3D69959928482899975901454749...
  • https://stags.bluekai.com/site/23178?id=M2AFWxq8fWs1QCyO1OUy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKNGJAUMV3YOE4GMV3TGFIUG6KPGFHVK...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=M2AFWxq8fWs1QCyO1OUy&refUrl=&type=zem&vid=69959928482899975901454749000V10&vsid=2899975901454749000V10
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=M2AFWxq8fWs1QCyO1OUy&refUrl=&type=zem&vid=69959928482899975901454749000V10&vsid=2899975901454749000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:15 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=M2AFWxq8fWs1QCyO1OUy&refUrl=&type=zem&vid=69959928482899975901454749000V10&vsid=2899975901454749000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
pubcid.php
hbx.media.net/ Frame 9BA9 		57 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hbx.media.net/pubcid.php?itype=HB&cb=window.advBidxc.mnetCoRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Fri, 11 Mar 2022 10:53:13 GMT
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=1800
content-length
18543
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 11:23:13 GMT
sync
gum.criteo.com/ Frame 9BA9 		88 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
2b34ca04fed55adeaadd1818db50026eddd64e7438ee8ef577a8ad3ce395a74f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:12 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2547
strict-transport-security
max-age=31536000; preload;
content-length
208
expires
60
cksync
cs.media.net/ Frame 9BA9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=Mjg5OTk3NTkwMTQ1NDc0OTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB4pejAekEEt_MjVRbcwjVY&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB4pejAekEEt_MjVRbcwjVY&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEB4pejAekEEt_MjVRbcwjVY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.html
contextual.media.net/ Frame 8511
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Drkt%26refUrl%3D%26vid%3D699599300728999759014547490...
  • https://contextual.media.net/cksync.html?cs=8&vsid=2899975901454749000V10&type=rkt&refUrl=&vid=69959930072899975901454749000V10&ovsid=1791377137828703288
219 B
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=2899975901454749000V10&type=rkt&refUrl=&vid=69959930072899975901454749000V10&ovsid=1791377137828703288
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/

Response headers

server
Apache
content-length
219
content-type
text/html;charset=UTF-8
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security
max-age=604800
vary
Accept-Encoding
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:13 GMT
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT

Redirect headers

Date
Fri, 11 Mar 2022 10:53:13 GMT
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.html?cs=8&vsid=2899975901454749000V10&type=rkt&refUrl=&vid=69959930072899975901454749000V10&ovsid=1791377137828703288
Content-Length
0
Server
Jetty(9.3.29.v20201019)
cksync.php
contextual.media.net/ Frame 9BA9
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fa7763bf-d917-451f-853b-cf8801daf3e6
45 B
614 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fa7763bf-d917-451f-853b-cf8801daf3e6
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:12 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=fa7763bf-d917-451f-853b-cf8801daf3e6
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
636230
content-length
0
expires
Fri, 11 Mar 2022 00:00:00 GMT
sync
x.bidswitch.net/ Frame 9BA9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=82063e31-d895-4c78-815b-e5685b556304&ssp=medianet&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10601403155718488451&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5&ssp=medianet&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=163850804087006939230&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10601403155718488451&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10601403155718488451&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:17 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:16 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10601403155718488451&ssp=<SSP_VALUE>&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
dmp.adblade.com/srv/sync/gateway/ Frame 9BA9 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:13 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 9BA9
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2899975901454749000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=59125365-6b70-4daa-8987-45b896b15e4d&cs=1
45 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=59125365-6b70-4daa-8987-45b896b15e4d&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

location
//contextual.media.net/cksync.php?type=mf&ovsid=59125365-6b70-4daa-8987-45b896b15e4d&cs=1
date
Fri, 11 Mar 2022 10:53:13 GMT
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
via
1.1 google
710489.gif
id.rlcdn.com/ Frame 9BA9 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
cksync
cs.media.net/ Frame 9BA9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6e0633dc-a403-42d4-8fdd-03bcf8268488
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6e0633dc-a403-42d4-8fdd-03bcf8268488
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=6e0633dc-a403-42d4-8fdd-03bcf8268488
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
sync
ups.analytics.yahoo.com/ups/58222/ Frame 9BA9
Redirect Chain
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2899975901454749000V10
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2899975901454749000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:14 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2899975901454749000V10
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=0, no-cache, no-store
expires
Fri, 11 Mar 2022 10:53:13 GMT
date
Fri, 11 Mar 2022 10:53:13 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cksync.php
contextual.media.net/ Frame 9BA9
Redirect Chain
  • https://medianet-match.dotomi.com/match/bounce/current?version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dcon%26refUrl...
  • https://medianet-match.dotomi.com/match/bounce/current?DotomiTest=5632becb0ad5120e&is_secure=true&version=1&networkId=57734&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=con&refUrl=&vid=69959930072899975901454749000V10&ovsid=AAAGaswxrVgJGwM8nBtoAAAAAAA&expiration=1647082394&is_secure=true
45 B
458 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=con&refUrl=&vid=69959930072899975901454749000V10&ovsid=AAAGaswxrVgJGwM8nBtoAAAAAAA&expiration=1647082394&is_secure=true
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=con&refUrl=&vid=69959930072899975901454749000V10&ovsid=AAAGaswxrVgJGwM8nBtoAAAAAAA&expiration=1647082394&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
cksync.php
contextual.media.net/ Frame 9BA9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dmma%26refUrl%3D%26vid%3D699599300728999759014547...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=mma&refUrl=&vid=69959930072899975901454749000V10&ovsid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
45 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=mma&refUrl=&vid=69959930072899975901454749000V10&ovsid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

Date
Fri, 11 Mar 2022 10:53:13 GMT
Server
MT3 4256 109297d master iad-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=mma&refUrl=&vid=69959930072899975901454749000V10&ovsid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Mar 2022 10:53:12 GMT
cksync.php
contextual.media.net/ Frame 9BA9
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Ddxu%26refUrl%3D%26vid%3D69959930072899975901454...
  • https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=dxu&refUrl=&vid=69959930072899975901454749000V10&ovsid=WmVnYQcI1NsCTu5
45 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=dxu&refUrl=&vid=69959930072899975901454749000V10&ovsid=WmVnYQcI1NsCTu5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:14 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:12 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-059dfca1b1154d5e1@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=2899975901454749000V10&type=dxu&refUrl=&vid=69959930072899975901454749000V10&ovsid=WmVnYQcI1NsCTu5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 9BA9
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2899975901454749000V10%26type%3Dzem%26refUrl%3D%26vid%3D69959930072899975901454749...
  • https://stags.bluekai.com/site/23178?id=M2AFWxq8fWs1QCyO1OUy&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKNGJAUMV3YOE4GMV3TGFIUG6KPGFHVK...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=M2AFWxq8fWs1QCyO1OUy&refUrl=&type=zem&vid=69959930072899975901454749000V10&vsid=2899975901454749000V10
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=M2AFWxq8fWs1QCyO1OUy&refUrl=&type=zem&vid=69959930072899975901454749000V10&vsid=2899975901454749000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:15 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:15 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
P3p
CP="We do not support P3P header."
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=M2AFWxq8fWs1QCyO1OUy&refUrl=&type=zem&vid=69959930072899975901454749000V10&vsid=2899975901454749000V10
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
moatvideo.js
z.moatads.com/condenastjsvideocontent160527792519/ Frame 8A4E 		316 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastjsvideocontent160527792519/moatvideo.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fea322f456810170b635d0be50c4878688dfa63285f79768823c69a85626942c

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:13 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 17:16:16 GMT
server
AmazonS3
x-amz-request-id
TC5WDVKQ8K7BQT24
etag
"62ba604f35a0eb0685da0cb2aa2a6336"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=9419
accept-ranges
bytes
content-length
107935
x-amz-id-2
GLOu3Co0AKYQa2SADPWUkKfVpuXGA3yRIYA+KGsWdsSWOdT8unydWez1Rb4EDxH4/+eXd84zJjU=
track
capture.condenastdigital.com/ Frame 8A4E 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A13.186Z&_c=Video%20Ad&_t=Ad%20Call%20Made&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&cId=5f90976042b5f03ec594bace&cKe=war%20stories%2Cars%20war%20stories%2Cars%20technica%20war%20stories%2Cwar%20stories%20nintendo%2Cars%20technica%20nintendo%2Cars%20nintendo%2Cnintendo%20entertainment%20system%2Cnintendo%20power%2Cnintendo%20power%20magazine%2Cnintendo%201985%2Cnintendo%201986%2Cnintendo%20of%20america%2Cgail%20tilden%2Cnes%2Cn.e.s.%2Cnes%20launch%2Cnes%201985%2Cgail%20tilden%20nintendo%2Cg%20tilden%20nintendo%2Cgail%20tilden%20nintendo%20power%2Coriginal%20nes%2C8bit%20nes%2C8bit%20nintendo%2Chistory%20of%20nintendo%2Chistory%20of%20nes%2Cars%20nes%2Cars%20technica%20nes&cPd=2020-10-29T15%3A00%3A00%2B00%3A00&cTi=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=1582&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pWw=276&pWh=155.25&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=8a88dde5-85d6-4eb8-99f5-d9efef957024&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2201b4160%22%2C%22guid%22%3A%228b6d854e-a1a9-f2f2-b709-2dd5f43cd4e3%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:13 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
usync.js
eus.rubiconproject.com/ Frame 87B0 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-73-244-44.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
797c97257815c56cf48ec80a3ac309000ce91f6d2d1ee2e7bca5037a503eaa5e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:13 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Mar 2022 16:28:01 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=76617
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9538
Expires
Sat, 12 Mar 2022 08:10:10 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-P1P55J3LNW&gtm=2oe370&_p=798283911&sr=1600x1200&_gaz=1&ul=en-us&cid=1262709198.1646995983&_s=1&dl=%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&dr=%2F&dt=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week%20%7C%20Ars%20Technica&sid=1646995988&sct=1&seg=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P1P55J3LNW&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-P1P55J3LNW&cid=1262709198.1646995983&gtm=2oe370&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P1P55J3LNW&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c0b::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.ca/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-P1P55J3LNW&cid=1262709198.1646995983&gtm=2oe370&aip=1&z=741340035
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 296F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6e0633dc-a403-42d4-8fdd-03bcf8268488&expiration=1649587993&gdpr=0&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6e0633dc-a403-42d4-8fdd-03bcf8268488&expiration=1649587993&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=6e0633dc-a403-42d4-8fdd-03bcf8268488&expiration=1649587993&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
crum
dsum-sec.casalemedia.com/ Frame 296F
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YisqEwvGNa5jhI2NpW1I0QAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEK1lANW2foKcTnOMEJh9gU0&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEK1lANW2foKcTnOMEJh9gU0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEK1lANW2foKcTnOMEJh9gU0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 296F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMtJMIuJ65AnkBkkDRnsnaw&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMtJMIuJ65AnkBkkDRnsnaw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMtJMIuJ65AnkBkkDRnsnaw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 296F 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PDP7ZG1QNECC2VJHF9N1
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 296F
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB
43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
H2
Server
2600:1f18:4e9:5a02:46a:34b7:83ca:e02c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:14 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB
date
Fri, 11 Mar 2022 10:53:14 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 296F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.casa...
  • https://s.tribalfusion.com/z/i.match?p=b20&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com/crum%3Fcm_dsp_id%3D131%26external_user_id%3D%24TF_USER_ID_ENC%24&cm_callback_url=https%3A%2F%2Fdsum-sec.ca...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662291208079361
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662291208079361
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:15 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:15 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
24
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
6ea3bec91dcfecee-YUL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=131&external_user_id=18072662291208079361
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 296F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4f1b622b-2a11-4300-89bc-81aa7c7a5721
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

Date
Fri, 11 Mar 2022 10:53:14 GMT
Server
MT3 4256 109297d master iad-pixel-x4 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Mar 2022 10:53:13 GMT
crum
dsum-sec.casalemedia.com/ Frame 296F
Redirect Chain
  • https://d.adroll.com/cm/index/ssp
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=105&external_user_id=0
date
Fri, 11 Mar 2022 10:53:14 GMT
server
nginx/1.20.0
content-length
76
ecm3
s.amazon-adsystem.com/ Frame 296F 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=index.com&id=YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=192259&cb=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dindex.com%26id%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
G1FJQAJFJCVAXAW6Q5PS
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 01A6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8S9PKewlgTVO3spKYQC5UWkV5JVzSr7H6JsxwyFTzWbMxP-TXPO-2jpAki_an3-UsjFKaFqynvS_ZrXtryFizWsf-dL16bQK1zk-DGOPeLNf5Biea055JFHemg0he2ooZN_k0c6h5uBi-q4HNkh926IbWLE4ht5R0V2SSPfi3thDwsxkRcP84psmDyqgpjeCVzJrXF0bsZMtcLDH5o6WY_HpffevlCO5lzRPexhkPrdCDZ7BaFTjgJg1pAjYEvhEEZ0gC5eXVWSyJlowLX0020ft5zJksi3qWkKdnARxuANOopjun1TGWkz3Y6eA-o_d8H7syAmITEnLseYWLjKYuMnfBO_9sBcBeJG_lKA&sig=Cg0ArKJSzFLtAcYtGX7REAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:13 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 11 Mar 2022 10:53:13 GMT
truncated
/ Frame 01A6 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87efb9be0146779593bbe426eafa97ec5bbc95f44db4cbce67c9ba9681429a9d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
ecm3
s.amazon-adsystem.com/ Frame 30D5 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=dede84ac-2a32-c3f5-0b62-cd841b692f6c
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:13 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
CPCN3VTJ2NG88RHKEWP6
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
0da6eaa82d2e44738c0a5b0503cfcb5c
i.liadm.com/s/e/53233/0/ Frame 30D5
Redirect Chain
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=86be2455-0142-427e-89ea-b315f9cc2563
  • https://i.liadm.com/s/57424?bidder_id=206088&bidder_uuid=86be2455-0142-427e-89ea-b315f9cc2563&_li_chk=true&previous_uuid=5ffee8427fab447d985e82044640f2ab
  • https://i.liadm.com/s/64716?md5=&sha1=&sha2=&bidder_id=206088&bidder_uuid=86be2455-0142-427e-89ea-b315f9cc2563&previous_uuid=5ea95301c2bd41ddb3aba565db08b0d0
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/http://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!{TURN_UUID}
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=3480839182339453453
  • https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F53233%2F0%2F0da6eaa82d2e44738c0a5b0503cfcb5c%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&5ffee842-7fab-447d-985e-8204...
  • https://i.liadm.com/s/e/53233/0/0da6eaa82d2e44738c0a5b0503cfcb5c?mpid=7156&muid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.liadm.com/s/e/53233/0/0da6eaa82d2e44738c0a5b0503cfcb5c?mpid=7156&muid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
HTTP/1.1
Server
54.156.48.24 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-156-48-24.compute-1.amazonaws.com
Software
/
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:16 GMT
Cache-Control
no-store
Connection
keep-alive
Content-Length
43
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Type
image/gif

Redirect headers

Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
MT3 4256 109297d master iad-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://i.liadm.com/s/e/53233/0/0da6eaa82d2e44738c0a5b0503cfcb5c?mpid=7156&muid=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Mar 2022 10:53:15 GMT
709996.gif
id.rlcdn.com/ Frame 30D5 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709996.gif
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:14 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
dds
rtb.openx.net/sync/ Frame 30D5
Redirect Chain
  • https://rtb.openx.net/sync/dds
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=WV5y7Z8ewSEtGAOkoEPeNg==&ox_sc=1&ox_init=1
  • https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:15 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
5s3t1pqa9gcnmmabfc254d0p55h8sg7c

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:15 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 30D5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://us-u.openx.net/w/1.0/sd?id=536872786&val=4f1b622b-2a11-4300-89bc-81aa7c7a5721
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=536872786&val=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
via
1.1 google
server
OXGW/17.2.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Fri, 11 Mar 2022 10:53:14 GMT
Server
MT3 4256 109297d master iad-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://us-u.openx.net/w/1.0/sd?id=536872786&val=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Mar 2022 10:53:13 GMT
sd
us-u.openx.net/w/1.0/ Frame 30D5
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://us-u.openx.net/w/1.0/sd?id=537073028&val=${ADELPHIC_CUID}
  • https://us-u.openx.net/w/1.0/sd?id=537073028&val=738e2803-a129-11ec-a977-0544ef27bb02
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073028&val=738e2803-a129-11ec-a977-0544ef27bb02
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:15 GMT
via
1.1 google
server
OXGW/17.2.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location
https://us-u.openx.net/w/1.0/sd?id=537073028&val=738e2803-a129-11ec-a977-0544ef27bb02
Date
Fri, 11 Mar 2022 10:53:14 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
738e2804-a129-11ec-a977-0544ef27bb02
headerstats
as-sec.casalemedia.com/ 		0
430 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=383250&u=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/183973-93942139695505.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:13 GMT
X-AK-INITIAL-GEO
CC:[CA], RC:[QC], CN:[NA], CIP:[149.56.153.179], XFF:[]
Server
Apache
Access-Control-Allow-Origin
https://arstechnica.com
X-CS-CLIENT-GEO
19
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-AK-CLIENT-GEO
19
Expires
Fri, 11 Mar 2022 10:53:13 GMT
rum
dsum-sec.casalemedia.com/ Frame 4C40
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK1lANW2foKcTnOMEJh9gU0&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK1lANW2foKcTnOMEJh9gU0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYsJi0wwEwAQ&v=APEucNUz35vu33dz8oxirZ6aj7GD2fh08sLFmqYHJruoCKHp1aZ_E7FJQqDvMCKYOEhGe5u_n_nzQvweEleaqmqNqxGSeePuEg
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:14 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK1lANW2foKcTnOMEJh9gU0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4C40
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YisqEwvGNa5jhI2NpW1I0QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK1lANW2foKcTnOMEJh9gU0&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK1lANW2foKcTnOMEJh9gU0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYsJi0wwEwAQ&v=APEucNUz35vu33dz8oxirZ6aj7GD2fh08sLFmqYHJruoCKHp1aZ_E7FJQqDvMCKYOEhGe5u_n_nzQvweEleaqmqNqxGSeePuEg
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:15 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:15 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK1lANW2foKcTnOMEJh9gU0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4C40
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESENHgmVQs1nI37tKM7D4LCR4&google_cver=1
43 B
1006 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESENHgmVQs1nI37tKM7D4LCR4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYsJi0wwEwAQ&v=APEucNUz35vu33dz8oxirZ6aj7GD2fh08sLFmqYHJruoCKHp1aZ_E7FJQqDvMCKYOEhGe5u_n_nzQvweEleaqmqNqxGSeePuEg
Protocol
HTTP/1.1
Server
68.67.161.212 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
8995f099-d327-4214-b20d-3a8bf1a7cf53
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESENHgmVQs1nI37tKM7D4LCR4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4C40
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM4MDc2NDQ2NjcwMTQ4NjYzNw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM4MDc2NDQ2NjcwMTQ4NjYzNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuyqAEQ9-7khwMYsJi0wwEwAQ&v=APEucNUz35vu33dz8oxirZ6aj7GD2fh08sLFmqYHJruoCKHp1aZ_E7FJQqDvMCKYOEhGe5u_n_nzQvweEleaqmqNqxGSeePuEg
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
f8c89e94-fbba-4896-9f56-8d3b60938549
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzM4MDc2NDQ2NjcwMTQ4NjYzNw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame FD72
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=contextweb&google_cm&google_sc&google_hm=TzgyMHZncHllQ1B6ZHRUZzJxVElIQQ&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEH1ioGvot0rjvbXHYIxnCLw&google_cver=1
49 B
651 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEH1ioGvot0rjvbXHYIxnCLw&google_cver=1
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-5799967b4-pc9d9
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:13 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=547259&gdpr=0&gdpr_consent=&ev=CAESEH1ioGvot0rjvbXHYIxnCLw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
335
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rtset
bh.contextweb.com/bh/ Frame FD72
Redirect Chain
  • https://pulsepoint-match.dotomi.com/match/bounce/current?networkId=14200&version=1&nuid=
  • https://pulsepoint-match.dotomi.com/match/bounce/current?DotomiTest=da273c09c101210&is_secure=true&networkId=14200&version=1&nuid=
  • https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAGabtYezLYaQMDhsA2AAAAAAA&expiration=1647082394&nuid=&is_secure=true
49 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAGabtYezLYaQMDhsA2AAAAAAA&expiration=1647082394&nuid=&is_secure=true
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-5799967b4-pc9d9
expires
-1

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://bh.contextweb.com/bh/rtset?do=add&pid=530912&ev=AAAGabtYezLYaQMDhsA2AAAAAAA&expiration=1647082394&nuid=&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
rtset
bh.contextweb.com/bh/ Frame FD72
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=95&gdpr=0&gdpr_consent=
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341&partner_url=https%3A%2F%2Fbh.contextweb.com%2Fbh%2Frtset%3Fdo%3Dadd%26pid...
  • https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341&gdpr_in_effect=0&gdpr_consent=
49 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341&gdpr_in_effect=0&gdpr_consent=
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
H2
Server
198.148.27.140 New York, United States, ASN19189 (PULSEPOINT, US),
Reverse DNS
Software
Jetty(9.4.14.v20181114) /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
content-language
en-CA
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
content-type
image/gif;charset=iso-8859-1
cw-server
bh-deployment-5799967b4-pc9d9
expires
-1

Redirect headers

location
https://bh.contextweb.com/bh/rtset?do=add&pid=543793&ev=5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341&gdpr_in_effect=0&gdpr_consent=
date
Fri, 11 Mar 2022 10:53:15 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
ecm3
s.amazon-adsystem.com/ Frame FD72 		43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=AAVDZjpMrsEP&ex=Pulsepoint
Requested by
Host: bh.contextweb.com
URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PE758F72XA629CQ2GMZG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
express_html_obb_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame F4E3 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a57cecd2bf4d6d3b8498c67487333f6dc9e102371f5e48ffc7fcf18a6e8487e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
Origin
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 06:15:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16666
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42555
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:53 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Mar 2022 06:15:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/elements/html/ Frame F4E3 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpUnabg9PflzwgYysemLH4f_arI7ntBGbEBWKsVtjLXB75Nzen9rD54rjjm-vzETrOfAEujxH42mRVEyQnNwnfGy5WxRJCGi4sPShcV_ozDQWex-Ioluu0YzBSeSDq0NIYW93uqlMCZ80RNcmCBoNEYiOrTmkegXs5Pi-nhGfBb_0GgrY&cry=1&dbm_d=AKAmf-D7EVbXRM9rS0FmObfZ9yJNmLPLPXfMA8GAWQiz6Q0OzF9y5AJKH-NBU4XwgQJE-L-UdiPMkog153DZ25qSgP74omlN-jS8TYzpyR8tVFsmt-kpCWtAzokRZgELNt0R-IGkrvWAhIMPycB-KeDBukzPK0C8oOaz9ds5zKx-euruhOhMcwqoxMNeHcdXjQ2IYyDGLg1PWvCaMBsDN_C8v6qUl7K7YokZBQAcwzQjoUVtciu2FlngLUupeXBo7vCXEgQSw9PLxsGmecz0mmTI0dzgmCrqFBMpl0cPGGGyFXxEky98BhYeBR4l-hWg2IRnvM9jEOPWl7UrkxzOA96sJnVluS9_hwGUm-MRCOrQ6o6s0B0iV4-WwhiTK8TuC12_0i_jdrWtmUhaanaB9HD-GlaDkyv-V2xpa8Y0rFsD61zm7NarXp8IFYDTQD7aQwdKM5GbOUDJc-UNT4s08l6yc4PfufAYzz1f4auNHY0Q6HhtDnpqFoEgmNo1yaRnMOLf4u5ohmU2775XOEx95P2rrunHi0lxTCL31p-MTlEUmPUMZr8gPxmaFh6QwbhakX8l_eHijoYMDBkII0Yfd2PdGs34DrARp6FxaI0YESaxQ85xwSSFIGJ8zyTlzfDuihx9tqaKPkiEprwKUin-mHsAbgnedRtrTiCKNe5D-S7SVBHQKxWr2vohyO0eT0fRq36T24hI3yJus1FbqRJw5fs7fn1A1Etz5dc0dzRmMtFQVThpTeRiT-7oO2H8INVhauN4SOssGUKwz7koqRzF0n-yY4vd1GR0Wj8xNCBqqB529eJyyLLwnz5rqVO774P7Q7jLnd1UEpCNTRr9BCGMumnFj2Bmb9AGYnh-TkzBoP-xeRfmV9YJ2iZGGkS0qLtNRLJa5qO_A6tJ2VCpnB7bRX_ev-d1Iv1JsClBH-P9ADngZH_4_462kB5KY8eeVldBryy2NUqqFciGWDPHfsGHWMKzDnD2eN0OKje05lvnY7Ir2O9L9dn6NxjV_2zK9EQRtZKJUsflmgQikXVeRXV9yOLvHIEIA31QOFWlbjNhKsgvNR6uPqJywmQmAPqJEkDm9TLoD1cQJcS7fnogFi9l5rF0cnkBb8hc6YEM4xH5pBLj5SCc9VUxQbEWE_xfayg7iqQNpStj4gg89MBL9GIvUyH40Pa7K_muaOrpT2QdWzm9jye_u069ifbfdINtt54-vzryqDfyvFpZ5B8-fncByVu5Az_wcR6vBYNSUhVoXpUrZle4DhbzkNnqK6PV-baNLxXmPU5vy-jwLVKO-C7gFJi8PnST_xWsv85FELrZeoEm3tw5fEea31rF56uCJA5C9Dpxl-j09SZDE22-D0pmmjIUVlY3LvRoclWeMfD6G6HqAISzfghaZkqTzcl87No70goAEsTeB02Yf7Tsx9FiJDSyOJTYx1-OkPQhDD3tYmdLy9I84wqoAS2rIlUn0UneZPKaZKR67fZ4KY-biQV1FIG_hNDEcB-zF_POZy4f5Fpxhvuv8wmD-4T6OFzPDIJ3rw7twY3RFikDzK5DFP1L1ExnqTE4FHUq7cAhj0dFOg6hOedlaJ60DiaJ74U9d6zn4rA4AEq4fivH9NUAq54YP8iDvsjYv0shjA7xfZ8snUaf9rNZzk3eN5OH8WYgoQBCmUSC2KxH3HCqPvvX4D4Z-D8vMQ9DNXaNruJ5fldf5wG_chVubUmu-2-o5gzO7nqPoQQ7DsY_kdB5djjdvMjnQLuP_qqmcYObBta9QraZOesxT4BSasLRwZqOkgLv4W1fDcTQHzSmfhkPsNpVlTnqZYT6YLiJsVV7psOCVuM4euUFJ4f1UPHY6AKEno2fgEyxs-7zZR7yqQ1ALiJLBeFHhG-A43mC3QQStkZdzLGhz9drr0ToQpnY_5XgYZJfaiqpv547Z5T2iQ9k3FWjUzBgdtjDnA_evxsIHIsf_WjilAWprMevHeZOPM6RAC66j6Zv4Dp8ADAFClc3nbCSZ6O2I6wAGquxrhB8tJAplUi6QhZ-8aT6FbmPSlXhDaHM_ubthENm26l1j3FzSHIQ-rvXPF0KEDlJwYZZpjRwkTsCDmzW6AlApZ1DdmXQZ45J7uQBaR_PIcxGfigGZsGuC3W3Nhd4MWfyhXk_wFsUrmuVb8mhEnyPcsakMYTOUVFF1Ata88WrdHYTFPNt85oz-JrO2K2gSny8Nstznr0cpDhRyxQF1xhMRrkvUmy4EUp90YZVzJvcDPZEl9MmZyqxLmg1SI2rG6ytvqxuHbueATO5wGmLm077koFmChyrKdqRfobUSR0mmM2HHMZZaWYhIuYF9GA8neC_ShWFVQLH4HK1ihY4KyuTnqLSpxGT0AXJotvUfymqHwBGkMfA6IeSPnr5OKNyTRjB0QMIy6K_DHFk5kCwoSnda2zEyiItAVdeu5GUQOfQ7cy4WDshoC0owxRwCJZhgpW8e9S0Z7QoX3GEV12BG-xYrHBYfUtqF73F05zCiksu0UaI_kLld5UCEMbyq7hEtTE98bAq6Ggu8vhbLFcuFJmlhBUcKKJ4wTaLK6sqr20vE2CaluyMz8bsA50OpLZuVhz9GjtNIcfJcZ73XJDY3kaW5oax3gVtLuZVUB60oAY1b1enipbKdkq1vLvEVNgveYeRChWE0ng1_1ZkGBZnrzCG_ayCT2PRiw7A7rdgnq5-Yjf46dBQS9rdFKBuWxSY0CqQSsdZ7RkOuEHpBzbsEvN6lKnruz-Xtd9PcuQu0DZA32FQxM_gniils5VOczf-QU3ENiKWiw0aS_6ATB9PKrMqMIy9oeuDwR0KD9X0-rJAgYEL4dQ0XsT-zl-06GCTPL8iGD3tkVaxN-QZwSR57CBqP9klbvFhBQI3-brbEOksqEClcjdybHTrCo1yDbvz8ydnlWNTV89LpHSUv4F057pYin3RhN_0tmI5k6giHwtf8E1XL6SIRf5Izzm3Jm4R22BiRiJ49-E8bl32CPGCDTp6V8zUC2MdqjTvHHPFD9VbgoeGA96kCqP8vpfuc-ECFm9ZGOvIa4fTd1F0pBLJiWka7P35iCGME_X0bnw3VhyS7QdBaj4Vw6oXN_tqUgcalwO-4D7hwXbAA3sVlVB-T2czJ14e4ULBejtU5TXpE2vMlZoe4ueqdo6jgypFCg2MI-LSOS2nmmFylLdYsscAncFb_dI3SR16V8Y2bIxgg41es7VkxOa1UIWqUp_ZxWl4UiqfUOkf8tYYGceSHHE1XyuVzFqIbH24Xoifn_C6-QyaA8K_A895jWZettoG8V0hkxqSWHTyXqtGqTAg4w50mhAj9J8731-EvbZ2A5J5uE-YJKN1T2ia6i0Vui6ql6xVvDmcbgdHUeaissl3qUPx1rt0Je5KrrndsjcwwWgDmCksSNtmBrxB6oL2JRtQt7dPU0MgTDH4AeIDQu76OOqNY8MyH1l8m9IMINj27oxSCvinTwUT6ORKzSei2ogXAvpmkCImMPgc0LoXUmtZhA2pfd8bk7xFuzwshk3KhPeo8G4-mE202Uf3BIpWOLEt4HeiE30e_Jf1-8_lvGHkmhKkfUn7a5enFvrHJ4oK-jM7nYT6tImy1WOjISLYRj_qZvHAPt-8pZuGIpEGbLPisH3_EvkuFQ1qMGGedBxSJo3FZciv6OmARZfno5DrSFht9-Ydv_pECLSGd0q68MFA_cLMI44BjZn0xP8kzWf--l9yeWIPlAGKegLXZenmObK2lb7a2il5UmnfWJxicdd1_NNPI29_w8jv72U6RElimq6zUTTc8y_sQEE-b86BS6SyFLVl74KeitCFFWfmY_E9QAN2OMPJzKY3gEYnDbbXBiylKHuskGMbIZujVITPi9_cqEVh3Lz0D_MdKkt2-jIljU_wONhkFgqzVC2FIocWh5QK1lQSmR2Cf-VpWw9GktFwjBk40XQuLDLDDA&cid=CAASJeRo_O_07n-NJYFWsgRw8WV9erQo38iwoVQawUl4ArnrCPu3Q7k&rfl=1%2Chttps%253A%252F%252Farstechnica.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
995
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Mar 2022 10:36:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame F4E3 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BpUnabg9PflzwgYysemLH4f_arI7ntBGbEBWKsVtjLXB75Nzen9rD54rjjm-vzETrOfAEujxH42mRVEyQnNwnfGy5WxRJCGi4sPShcV_ozDQWex-Ioluu0YzBSeSDq0NIYW93uqlMCZ80RNcmCBoNEYiOrTmkegXs5Pi-nhGfBb_0GgrY&cry=1&dbm_d=AKAmf-D7EVbXRM9rS0FmObfZ9yJNmLPLPXfMA8GAWQiz6Q0OzF9y5AJKH-NBU4XwgQJE-L-UdiPMkog153DZ25qSgP74omlN-jS8TYzpyR8tVFsmt-kpCWtAzokRZgELNt0R-IGkrvWAhIMPycB-KeDBukzPK0C8oOaz9ds5zKx-euruhOhMcwqoxMNeHcdXjQ2IYyDGLg1PWvCaMBsDN_C8v6qUl7K7YokZBQAcwzQjoUVtciu2FlngLUupeXBo7vCXEgQSw9PLxsGmecz0mmTI0dzgmCrqFBMpl0cPGGGyFXxEky98BhYeBR4l-hWg2IRnvM9jEOPWl7UrkxzOA96sJnVluS9_hwGUm-MRCOrQ6o6s0B0iV4-WwhiTK8TuC12_0i_jdrWtmUhaanaB9HD-GlaDkyv-V2xpa8Y0rFsD61zm7NarXp8IFYDTQD7aQwdKM5GbOUDJc-UNT4s08l6yc4PfufAYzz1f4auNHY0Q6HhtDnpqFoEgmNo1yaRnMOLf4u5ohmU2775XOEx95P2rrunHi0lxTCL31p-MTlEUmPUMZr8gPxmaFh6QwbhakX8l_eHijoYMDBkII0Yfd2PdGs34DrARp6FxaI0YESaxQ85xwSSFIGJ8zyTlzfDuihx9tqaKPkiEprwKUin-mHsAbgnedRtrTiCKNe5D-S7SVBHQKxWr2vohyO0eT0fRq36T24hI3yJus1FbqRJw5fs7fn1A1Etz5dc0dzRmMtFQVThpTeRiT-7oO2H8INVhauN4SOssGUKwz7koqRzF0n-yY4vd1GR0Wj8xNCBqqB529eJyyLLwnz5rqVO774P7Q7jLnd1UEpCNTRr9BCGMumnFj2Bmb9AGYnh-TkzBoP-xeRfmV9YJ2iZGGkS0qLtNRLJa5qO_A6tJ2VCpnB7bRX_ev-d1Iv1JsClBH-P9ADngZH_4_462kB5KY8eeVldBryy2NUqqFciGWDPHfsGHWMKzDnD2eN0OKje05lvnY7Ir2O9L9dn6NxjV_2zK9EQRtZKJUsflmgQikXVeRXV9yOLvHIEIA31QOFWlbjNhKsgvNR6uPqJywmQmAPqJEkDm9TLoD1cQJcS7fnogFi9l5rF0cnkBb8hc6YEM4xH5pBLj5SCc9VUxQbEWE_xfayg7iqQNpStj4gg89MBL9GIvUyH40Pa7K_muaOrpT2QdWzm9jye_u069ifbfdINtt54-vzryqDfyvFpZ5B8-fncByVu5Az_wcR6vBYNSUhVoXpUrZle4DhbzkNnqK6PV-baNLxXmPU5vy-jwLVKO-C7gFJi8PnST_xWsv85FELrZeoEm3tw5fEea31rF56uCJA5C9Dpxl-j09SZDE22-D0pmmjIUVlY3LvRoclWeMfD6G6HqAISzfghaZkqTzcl87No70goAEsTeB02Yf7Tsx9FiJDSyOJTYx1-OkPQhDD3tYmdLy9I84wqoAS2rIlUn0UneZPKaZKR67fZ4KY-biQV1FIG_hNDEcB-zF_POZy4f5Fpxhvuv8wmD-4T6OFzPDIJ3rw7twY3RFikDzK5DFP1L1ExnqTE4FHUq7cAhj0dFOg6hOedlaJ60DiaJ74U9d6zn4rA4AEq4fivH9NUAq54YP8iDvsjYv0shjA7xfZ8snUaf9rNZzk3eN5OH8WYgoQBCmUSC2KxH3HCqPvvX4D4Z-D8vMQ9DNXaNruJ5fldf5wG_chVubUmu-2-o5gzO7nqPoQQ7DsY_kdB5djjdvMjnQLuP_qqmcYObBta9QraZOesxT4BSasLRwZqOkgLv4W1fDcTQHzSmfhkPsNpVlTnqZYT6YLiJsVV7psOCVuM4euUFJ4f1UPHY6AKEno2fgEyxs-7zZR7yqQ1ALiJLBeFHhG-A43mC3QQStkZdzLGhz9drr0ToQpnY_5XgYZJfaiqpv547Z5T2iQ9k3FWjUzBgdtjDnA_evxsIHIsf_WjilAWprMevHeZOPM6RAC66j6Zv4Dp8ADAFClc3nbCSZ6O2I6wAGquxrhB8tJAplUi6QhZ-8aT6FbmPSlXhDaHM_ubthENm26l1j3FzSHIQ-rvXPF0KEDlJwYZZpjRwkTsCDmzW6AlApZ1DdmXQZ45J7uQBaR_PIcxGfigGZsGuC3W3Nhd4MWfyhXk_wFsUrmuVb8mhEnyPcsakMYTOUVFF1Ata88WrdHYTFPNt85oz-JrO2K2gSny8Nstznr0cpDhRyxQF1xhMRrkvUmy4EUp90YZVzJvcDPZEl9MmZyqxLmg1SI2rG6ytvqxuHbueATO5wGmLm077koFmChyrKdqRfobUSR0mmM2HHMZZaWYhIuYF9GA8neC_ShWFVQLH4HK1ihY4KyuTnqLSpxGT0AXJotvUfymqHwBGkMfA6IeSPnr5OKNyTRjB0QMIy6K_DHFk5kCwoSnda2zEyiItAVdeu5GUQOfQ7cy4WDshoC0owxRwCJZhgpW8e9S0Z7QoX3GEV12BG-xYrHBYfUtqF73F05zCiksu0UaI_kLld5UCEMbyq7hEtTE98bAq6Ggu8vhbLFcuFJmlhBUcKKJ4wTaLK6sqr20vE2CaluyMz8bsA50OpLZuVhz9GjtNIcfJcZ73XJDY3kaW5oax3gVtLuZVUB60oAY1b1enipbKdkq1vLvEVNgveYeRChWE0ng1_1ZkGBZnrzCG_ayCT2PRiw7A7rdgnq5-Yjf46dBQS9rdFKBuWxSY0CqQSsdZ7RkOuEHpBzbsEvN6lKnruz-Xtd9PcuQu0DZA32FQxM_gniils5VOczf-QU3ENiKWiw0aS_6ATB9PKrMqMIy9oeuDwR0KD9X0-rJAgYEL4dQ0XsT-zl-06GCTPL8iGD3tkVaxN-QZwSR57CBqP9klbvFhBQI3-brbEOksqEClcjdybHTrCo1yDbvz8ydnlWNTV89LpHSUv4F057pYin3RhN_0tmI5k6giHwtf8E1XL6SIRf5Izzm3Jm4R22BiRiJ49-E8bl32CPGCDTp6V8zUC2MdqjTvHHPFD9VbgoeGA96kCqP8vpfuc-ECFm9ZGOvIa4fTd1F0pBLJiWka7P35iCGME_X0bnw3VhyS7QdBaj4Vw6oXN_tqUgcalwO-4D7hwXbAA3sVlVB-T2czJ14e4ULBejtU5TXpE2vMlZoe4ueqdo6jgypFCg2MI-LSOS2nmmFylLdYsscAncFb_dI3SR16V8Y2bIxgg41es7VkxOa1UIWqUp_ZxWl4UiqfUOkf8tYYGceSHHE1XyuVzFqIbH24Xoifn_C6-QyaA8K_A895jWZettoG8V0hkxqSWHTyXqtGqTAg4w50mhAj9J8731-EvbZ2A5J5uE-YJKN1T2ia6i0Vui6ql6xVvDmcbgdHUeaissl3qUPx1rt0Je5KrrndsjcwwWgDmCksSNtmBrxB6oL2JRtQt7dPU0MgTDH4AeIDQu76OOqNY8MyH1l8m9IMINj27oxSCvinTwUT6ORKzSei2ogXAvpmkCImMPgc0LoXUmtZhA2pfd8bk7xFuzwshk3KhPeo8G4-mE202Uf3BIpWOLEt4HeiE30e_Jf1-8_lvGHkmhKkfUn7a5enFvrHJ4oK-jM7nYT6tImy1WOjISLYRj_qZvHAPt-8pZuGIpEGbLPisH3_EvkuFQ1qMGGedBxSJo3FZciv6OmARZfno5DrSFht9-Ydv_pECLSGd0q68MFA_cLMI44BjZn0xP8kzWf--l9yeWIPlAGKegLXZenmObK2lb7a2il5UmnfWJxicdd1_NNPI29_w8jv72U6RElimq6zUTTc8y_sQEE-b86BS6SyFLVl74KeitCFFWfmY_E9QAN2OMPJzKY3gEYnDbbXBiylKHuskGMbIZujVITPi9_cqEVh3Lz0D_MdKkt2-jIljU_wONhkFgqzVC2FIocWh5QK1lQSmR2Cf-VpWw9GktFwjBk40XQuLDLDDA&cid=CAASJeRo_O_07n-NJYFWsgRw8WV9erQo38iwoVQawUl4ArnrCPu3Q7k&rfl=1%2Chttps%253A%252F%252Farstechnica.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:48:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
5177785407398320510
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Mar 2022 10:48:20 GMT
1663130473914833
connect.facebook.net/signals/config/ Frame A5A1 		308 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1663130473914833?v=2.9.55&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
298b271ee28d46aa6c13d93172661d524489854b36cbeec1601cb605207284d3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89534
x-xss-protection
0
pragma
public
x-fb-debug
fYepoJPmgx7tdelgBXi2PLSv0FMWp7SPYSzT7yYzck4oHlOfTrV4F+J3keZJCM/667uTB8wgMgf+jtpnVMq0zg==
x-frame-options
DENY
date
Fri, 11 Mar 2022 10:53:13 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ibs:dpid=477&dpuuid=ada7b65a27ea464647c99bc27ba059a29e62f0756bade7a40c8c6c1b95f73c4db0da87c991749652
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://idsync.rlcdn.com/365868.gif?partner_uid=68547252942253779170798061318171033219
  • https://dpm.demdex.net/ibs:dpid=477&dpuuid=ada7b65a27ea464647c99bc27ba059a29e62f0756bade7a40c8c6c1b95f73c4db0da87c991749652
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=477&dpuuid=ada7b65a27ea464647c99bc27ba059a29e62f0756bade7a40c8c6c1b95f73c4db0da87c991749652
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v026-078b3eb9a.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7CPB0fbCQhQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Fri, 11 Mar 2022 10:53:13 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dpm.demdex.net/ibs:dpid=477&dpuuid=ada7b65a27ea464647c99bc27ba059a29e62f0756bade7a40c8c6c1b95f73c4db0da87c991749652
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p
sb.scorecardresearch.com/ Frame 8A4E 		64 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1646995993902_1&ns_st_ec=1&ns_st_sp=1&ns_st_sq=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=1582680&ns_st_pb=1&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_ci=5f90976042b5f03ec594bace&ns_ts=1646995993902&ns_st_bt=0&ns_st_bp=0&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&c8=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-43.ewr52.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:13 GMT
via
1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
3NpGn1tMCyTYNS-Cj7x3dMvD5Z9pHMpo91TLaDsJi9y2aL2nOMA5Dg==
1663130473914833
connect.facebook.net/signals/config/ Frame 8A4E 		308 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1663130473914833?v=2.9.55&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
298b271ee28d46aa6c13d93172661d524489854b36cbeec1601cb605207284d3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
89534
x-xss-protection
0
pragma
public
x-fb-debug
fYepoJPmgx7tdelgBXi2PLSv0FMWp7SPYSzT7yYzck4oHlOfTrV4F+J3keZJCM/667uTB8wgMgf+jtpnVMq0zg==
x-frame-options
DENY
date
Fri, 11 Mar 2022 10:53:13 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame A5A1 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame F352 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
00abb36e-dcc3-46a2-a2b8-47c52422ae41
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame 8A4E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=arstechnica.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81c::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
async_usersync
ib.adnxs.com/ Frame 893B 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
e07f48b8-e28c-4d82-995a-f4bf84ace4c0
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 8D19 		0
733 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
68.67.161.212 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
14b15196-2527-489c-8d85-4d242481fd66
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 0DA3 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
4bd22d2964c3d797dad33a2241e583a00349cb77e39f238a14fefe58e35e2598

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|73|4|130|90|40|196|206
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 11 Mar 2022 10:53:14 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
Content-Length
1449
Connection
keep-alive
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=conde.ars&zMoatAdUnit2=hero&zMoatAdUnit3=information-technology&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=7&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=2&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=315&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995982584&de=901890910919&rx=604451054343&cu=1646995982584&m=7682&ar=359f21c1e97-clean&iw=8105762&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=1&ag=1170&an=1170&gi=1&gf=1170&gg=1170&ix=1170&ic=1170&ez=1&ck=1170&kw=1504&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1170&bx=1170&ci=1170&jz=1504&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1504&cd=1504&ah=1504&am=1504&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.ars&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=197273&na=743032095&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:14 GMT
usermatch
ssum-sec.casalemedia.com/ Frame F9F8 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d47d74fef90dbe66799550c8b75f6f0366b243cd963395a48cbd6949600ae5e1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
73|46|130|4|230|57|176|196
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 11 Mar 2022 10:53:14 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
Content-Length
1339
Connection
keep-alive
ibs:dpid=358&dpuuid=7380764466701486637
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=7380764466701486637
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7380764466701486637
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v026-09a6d3124.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
wNSznCHDQJA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
860e055f-0166-4b70-a371-6549e829f2c8
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7380764466701486637
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame DB69 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e63b3c685cf3c6357e32397d0c704f3071df41ae8c3721e2f325e87661c42b01

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
88|65|90|111|196|57|195|221
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Fri, 11 Mar 2022 10:53:14 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:14 GMT
Content-Length
1558
Connection
keep-alive
init1.js
api.bounceexchange.com/bounce/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/init1.js?wklzs=801&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAWQgTjIFYLiB2ADns2AC8QoAGTAdwFMAjHKmC8A+qgAmUAEz0OhTACdeOEABs4aDAUIcOAD3zS9S3jF6LliqNgCGatagQBzUXEVqoAC2DAADjgApADMAIKB0gBiEZG2ijgiSF4IqEi2AHRIIAC2MU4wIIrZtloIALSJyeogzgCeMcbS0jEcwTHmEjhlvPrAirYSwrxl-Qiq2dxxwzhwOH68uGUwijll0mV+K44wqWXOti5dTmW2ZUIuasN8vADWMZgAbqhCwKJZIDeovFCBtABCEWkaj8gJC4SaPn8QWklDCEUoUXhUTiCQWyVSGSyuRhUXyhWKpQqaIQ1TqSMijWaOMirXJHS6PT6AyGIwO40myjOs3mi2Wq3Wm3UqB2SD2B2cR3Kp3OzkuZWud2poOkAGFAYpQXCmqDaAARbAgD5fH7-QEPTXhU1NXgPCyiNQ1Zy8CTiBAWmD2HC8X66n2PFEAbSeEl4IFETyE-EuAF1YJ7eP74gG-LYnaJgLV5rG4mgkJdEzgA9kQBJ7OHnqgo7xYx61F6CwGc6lLqIELZstW43WEw9A0282I0iJnIVajX4w39g4LLVW+3O7X672k1PLopZ0PeCP1+Puw2Hc4nS6nLul4GbXaD0fXaee4GJDA-KJFFGQEgbrGSa9lANag2kAgoi8MUqBqKIMyCEgiiVhYt4NhB2TCCILrAbYoGiIU-DCHB7yfGIoBhmocROl29b8H4nCYLw-hQAG0aYH4wB4Aa2R+I4BxIGIMBEc4UBAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_bbc32662d3ff8adbbac6de6e5ec04c71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
a074bf9875c16892d6fc4869e9a7ad603810ba93cce9dc5370c728240fb214ff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 10:53:14 GMT
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
13
content-type
text/javascript;charset=UTF-8
alt-svc
clear
via
1.1 google
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame FEB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEKM8V4hd17hjWk6k3BJ-7vXmgDuOD8tHAZuV-Vqj0Qo21KjBV04rAmytrTwm5HFZEJ8zXMmj5GwKKHMBb9yelZqyJJbIs3yYL4_c4OOdOhKQ0Vr2nOrhXXs4DXEWD6oGDU5gQRTapRwgw_L9pPKQ5UIqswG9oxRe7ovveJ97e7a56w1lOchdEzUmWiF_VKnCKeFRXpNskAlaV5nw6_c4Ga2LSHQDZ1mfB0HoROI_ZvFQ6lNJqENZYAQhGVbB-IuJqZqr9aXTCTl5alBcXYeDLm2x7uss1Fe3NouDDMhmi-2hIihy8K3NPcl29tD2kqDf-tAmVXE9xsjJeSplrqf1YPfVQ5SQbzBkT5A&sig=Cg0ArKJSzD45A2PRMgMTEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
709414.gif
id.rlcdn.com/ Frame 4BFD 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:14 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
tap.php
pixel.rubiconproject.com/ Frame 4BFD
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6e0633dc-a403-42d4-8fdd-03bcf8268488&gdpr=0&gdpr_consent=&expires=30
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6e0633dc-a403-42d4-8fdd-03bcf8268488&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=6e0633dc-a403-42d4-8fdd-03bcf8268488&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 4BFD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/LeQDokTvBecDWTwV5HXYdcn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6498286330912587107
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6498286330912587107
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Content-Type
image/gif

Redirect headers

date
Fri, 11 Mar 2022 10:53:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=6498286330912587107
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4BFD 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.223.37 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:15 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
77TVPEGAEMHDK5RH4JS5
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 4BFD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0MAVUNK-24-AM7U&us_privacy=1---
0
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0MAVUNK-24-AM7U&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:15 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: B19FF6F9AA3240E6B0A07BF3E8230445 Ref B: YTO01EDGE0512 Ref C: 2022-03-11T10:53:15Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXZ7yNIwAPBE5VN14Wh8g==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L0MAVUNK-24-AM7U&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f31d5fb12ac7ec11f837ad8263e0f6c
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 4BFD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&us_privacy=1---
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=vdB8myR-TX2mpJ9kIcXqXw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vdB8myR-TX2mpJ9kIcXqXw
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vdB8myR-TX2mpJ9kIcXqXw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:16 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
29QR8Z9MW8FTZ6V772HG
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=vdB8myR-TX2mpJ9kIcXqXw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ace9692b4e77bdf741ff63add80edaca
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4BFD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMV5qaK-tcD_G2yLOu6cyc0&google_cver=1
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMV5qaK-tcD_G2yLOu6cyc0&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:14 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMV5qaK-tcD_G2yLOu6cyc0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4BFD
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBNQVZVTkstMjQtQU03VQ==&us_privacy=1---
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBNQVZVTkstMjQtQU03VQ==&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?us_privacy=1---
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDBNQVZVTkstMjQtQU03VQ==&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
2e73ed8a-f543-4dad-92c5-f2ef2dd4e746
https://arstechnica.com/ Frame A5A1 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://arstechnica.com/2e73ed8a-f543-4dad-92c5-f2ef2dd4e746
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87b2408523892f375c00a9d521c67f6eb516ecac25c479a7b15705bfab08fcd3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
64606
Content-Type
application/javascript
1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768-00001.ts
dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/ Frame A5A1 		821 KB
822 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/60abade4dc31e5375248cba6/1c5e052d-9221-44ad-9785-4ca784ceb60dfile-1422k-128-48000-768-00001.ts?requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e944e6d1b0904bc0c1298fe828ec727bc6a9b46f0b4799e197a1a2acc46fb685

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 10 Mar 2022 13:12:00 GMT
Via
1.1 3c6fb804e042beb7f78515bd450ae3a2.cloudfront.net (CloudFront)
Vary
Origin
Age
78075
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
841112
Last-Modified
Mon, 24 May 2021 13:54:44 GMT
Server
AmazonS3
ETag
"9c6e79c618e52ccae61fce8e62e8cd50"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
Lvzfsg6_SBREyByemiKouKTeNWhdHWWbTVYKU8h7MlNiSwAZjefwlQ==
log
c21lg-d.media.net/ Frame 99AA 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=01b714ee-b2a2-4946-bde0-2867d695f201&cs=15&vsid=2899975901454749000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:15 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 11 Mar 2022 10:53:15 GMT
log
c21lg-d.media.net/ Frame 36A0 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=01b714ee-b2a2-4946-bde0-2867d695f201&cs=15&vsid=2899975901454749000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:15 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 11 Mar 2022 10:53:15 GMT
log
c21lg-d.media.net/ Frame 9BA9 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-con&ovsid=01b714ee-b2a2-4946-bde0-2867d695f201&cs=15&vsid=2899975901454749000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:15 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 11 Mar 2022 10:53:15 GMT
365868.gif
idsync.rlcdn.com/ Frame 83DF 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/365868.gif?partner_uid=68547252942253779170798061318171033219
Requested by
Host: condenast.demdex.net
URL: https://condenast.demdex.net/dest5.html?d_nsid=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:15 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
f888e2cc-72c4-4e8d-abbf-db2c8eebbfa9file-1422k-128-48000-768-00001.ts
dp8hsntg6do36.cloudfront.net/5f90976042b5f03ec594bace/ Frame 8A4E 		461 KB
461 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f90976042b5f03ec594bace/f888e2cc-72c4-4e8d-abbf-db2c8eebbfa9file-1422k-128-48000-768-00001.ts?requester=oo
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05ef4e52a9136146e829b903f03d6ceacafa049c481f5cca118c93a03663e12b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 04:45:51 GMT
Via
1.1 3c6fb804e042beb7f78515bd450ae3a2.cloudfront.net (CloudFront)
Vary
Origin
Age
22045
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
471880
Last-Modified
Wed, 21 Oct 2020 20:44:55 GMT
Server
AmazonS3
ETag
"7c801822659791b45912f15705e29c4b"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
hwVI2t3V_XaGXq1VRZLiBYVjux2WqhEioMP2pfs0W295dvO7beM16Q==
fde24fec-d9a3-44af-a7a9-afef9056e0f2
https://arstechnica.com/ Frame 8A4E 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://arstechnica.com/fde24fec-d9a3-44af-a7a9-afef9056e0f2
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87b2408523892f375c00a9d521c67f6eb516ecac25c479a7b15705bfab08fcd3

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
64606
Content-Type
application/javascript
truncated
/ Frame FEB5 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff22ba41f2fece3b0143db4953ff5d0b14429e0d151836a01fdf12fed589882d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
CR_popcornews.com_BL_CA_PC_Nongoogle_creative.html
s0.2mdn.net/sadbundle/13230765150597808128/ Frame 2441 		73 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13230765150597808128/CR_popcornews.com_BL_CA_PC_Nongoogle_creative.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7de3444a426229074eb923a3f4ff2cf46c61939fb2be252112952ed088e252f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
18758
date
Thu, 10 Mar 2022 03:16:36 GMT
expires
Fri, 10 Mar 2023 03:16:36 GMT
cache-control
public, max-age=31536000
age
113799
last-modified
Sun, 27 Feb 2022 15:17:50 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame F4E3 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZLGK6FGFND3HkslQsiTQb-4xnqe4MT3hv4_7f_XsCnmrG4bV_zNS7_KfDZzGN-rP0o-P12aZqqql7WaYDWfw5Z79Gt-1cdj9qnj-G0KrkVWyDmmUN2BxTNy_LAP0yyiqC0pkPknpHPXCXWaWTtFAB9SSjqraOyYF8WDuh_wN85OBZ0kZ6-f7Uhwnkjfe_ATalZPWFOthVr89vBThpc_zmz3OZ0WQwOYQGNON22U_p8_-AseeHdQsoE02-1K_JPo5gSnDgHoDirwQ4rGzTeoSID0rE74O3YtDcCrgwMByLwopRpz7vE4EK9Hp1UrMvVruql02b9XfEiPd2AhgJpkmBqOrb79_cA74xJOmZL0po_k087FadN6A9HNMA6XT5goxLdJNU-sRL9oQdPMQP3JQmn3ZMsd0o1mJxdjmR-Te6x8LmMSvI8-O5pl0KL_CmPsQ95rU748nQW2LIDDLDUfw4KfUhXG2iFm2RvG-pxHSM4lJ0fwv0E8GuLoMwy3BjvQm_Ad6EcH1p2oS9PJn5esXGwMoyrTF1RXMNzfo6mhVbWSowg3nMLG48JG7_2EFr1yYhiZTBZRfKjvfG1Fr8047b0A4su_zNEjuk7BVm0sJw0q3pWMr06dRWdcHvt6NtC-_eWJfPiC_-DlKtso6juUGcgQX3aBBBaM6HtBfIJwB239lDW0aZgK0pZ3A67PGMILU4RmK7P60Dx4ZkxlNUXWwSOPPw0zf6a-Bm9xjSDEqjy2ecxQ6H5l7hvkC3TvQ3QH8PresEgW4UW18ntmMprR1m4avQzTo9DWgzbMDHcP4RZO3DFKL_i0PLqhdcN6DmYaBjxSFR5gEYUQg3TVnPIeOGdicsab-NzgEFDMviiNoXn6XQHxPryALqbzlWrtNP0YK640__IHdcZ9Pv_K9y1Yf_q42UqHXLbV0FARQ9q7Dljw-Mh6sMtGa4QFAFN_KEncs7WjiB5oqOCxhmt-9zI2sIwqRUTHdXK2jyeMWw7LImcP2ZYdrgIIQ9v1hIeHS9ylHLCYrinH2H7eN9I__jbrXCfRWdomsUeIm4WelMW11rnMzmjbXNK5vO1qaPW5FpLr8cVvVGL8ElDnpXSDiCpDHK1gdEvsPRhYiBfJZkHYQ-rmzICaXJSFNXUGhIIkDiBjvXGOR1p87M4FrFESdvqaL9gFEgiWbyhuacpAvEbFxAJV-27uIy5qeY_I4mR6ZBB5O5IJRDVNzm593YitZYN-TaZ9gR_iRwUnRey26qv_bpi4ADdfAlbr4vslMFEKiaJK3ZQuJm2V53DAkgITWtgr9YTxs&sai=AMfl-YQiwQGbbrYXUhOSG5snkeODIUGZ08gNMrwjmTNYixCzcpwlA73dPZd0LVvYVvEdUjfvlHmGliMFXVO-iNF7TeW0KRAXPVn4gERtaKmeV1vy9KD18KD83_Wu4Hnta3RoX6IGpfqNnS1XavPxvzryzHuHa5BNLYQ8WLPe3Mq6yAXe5gO8BXyMZK5T3cA1Mj1khSnaV5pLjAcDyOo31pmJNfoR&sig=Cg0ArKJSzL14iRaAuEPREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2034&cbvp=1&cstd=2027&cisv=r20220308.33336&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 11 Mar 2022 10:53:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=conde.ars&zMoatAdUnit2=hero&zMoatAdUnit3=information-technology&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=7&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=3&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=315&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995982584&de=901890910919&rx=604451054343&cu=1646995982584&m=7683&ar=359f21c1e97-clean&iw=8105762&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=1&ag=1170&an=1170&gi=1&gf=1170&gg=1170&ix=1170&ic=1170&ez=1&ck=1170&kw=1504&aj=1&pg=100&pf=100&ib=0&cc=1&bw=1170&bx=1170&ci=1170&jz=1504&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1504&cd=1504&ah=1504&am=1504&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.ars&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=197273&na=1106953021&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:15 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:15 GMT
crum
dsum-sec.casalemedia.com/ Frame 0DA3
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7380764466701486637
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7380764466701486637
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:16 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:15 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 805.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
30f9761f-0ca5-4ad1-96d5-64bf1a5fdd87
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7380764466701486637
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0DA3 		43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:46a:34b7:83ca:e02c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
rum
dsum-sec.casalemedia.com/ Frame 0DA3
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3480839182339453453
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3480839182339453453
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:16 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3480839182339453453
pragma
no-cache
date
Fri, 11 Mar 2022 10:53:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 0DA3
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHhLk7EVlQAACvQi0gD4w&expiration=1648205596
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHhLk7EVlQAACvQi0gD4w&expiration=1648205596
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:17 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHhLk7EVlQAACvQi0gD4w&expiration=1648205596
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
crum
dsum-sec.casalemedia.com/ Frame 0DA3
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=88A43826E64D4192B957B7C4E6FE616D
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=88A43826E64D4192B957B7C4E6FE616D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:16 GMT

Redirect headers

date
Fri, 11 Mar 2022 10:53:16 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=88A43826E64D4192B957B7C4E6FE616D
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 10 Mar 2022 10:53:16 GMT
crum
dsum-sec.casalemedia.com/ Frame 0DA3
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030002_622b2a1c52878&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_622b2a1c582d2
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_622b2a1c582d2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:17 GMT

Redirect headers

date
Fri, 11 Mar 2022 10:53:16 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_622b2a1c582d2
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0DA3
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB
43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
2600:1f18:4e9:5a02:46a:34b7:83ca:e02c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:16 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB
date
Fri, 11 Mar 2022 10:53:16 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 0DA3 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YisqEwvGNa5jhI2NpW1I0QAA%26992
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:16 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2391
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 11:33:07 GMT
YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame F9F8 		43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:46a:34b7:83ca:e02c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:15 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame F9F8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7380764466701486637
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7380764466701486637
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:16 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:16 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 805.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
321cdb5c-9764-40ce-a3ce-7e054184dd27
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7380764466701486637
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F9F8
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADDLE7EVlQAACtnjd2l6Q&expiration=1648205596
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADDLE7EVlQAACtnjd2l6Q&expiration=1648205596
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:17 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADDLE7EVlQAACtnjd2l6Q&expiration=1648205596
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
strict-transport-security
max-age=2592000; includeSubDomains
rum
dsum-sec.casalemedia.com/ Frame F9F8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3480839182339453453
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3480839182339453453
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:16 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3480839182339453453
pragma
no-cache
date
Fri, 11 Mar 2022 10:53:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
usermatchredir
ssum-sec.casalemedia.com/ Frame F9F8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMtJMIuJ65AnkBkkDRnsnaw&google_cver=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMtJMIuJ65AnkBkkDRnsnaw&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:16 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:16 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEMtJMIuJ65AnkBkkDRnsnaw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame F9F8
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377137828703288
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377137828703288
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:16 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377137828703288
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
113
match.deepintent.com/usersync/ Frame F9F8 		0
221 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/113
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:15 GMT
server
b
content-type
image/gif
content-length
0
p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
crum
dsum-sec.casalemedia.com/ Frame F9F8
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030001_622b2a1c582d2&knw=0
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_622b2a1c582d2
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_622b2a1c582d2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:17 GMT

Redirect headers

date
Fri, 11 Mar 2022 10:53:16 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_622b2a1c582d2
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
htw-pixel.gif
js-sec.indexww.com/ht/ Frame F9F8 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YisqEwvGNa5jhI2NpW1I0QAA%26992
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:16 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2391
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 11:33:07 GMT
rum
dsum-sec.casalemedia.com/ Frame DB69
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YisqEAAAAByHOAQr
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YisqEAAAAByHOAQr
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:16 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:16 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646995996.070475,VS0,VE0
x-served-by
cache-yul12822-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YisqEAAAAByHOAQr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum.casalemedia.com/ Frame DB69
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://casale-match.dotomi.com/match/bounce/current?DotomiTest=18bb3545107b120f&is_secure=true&networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGahZLjM3jAAMHSkHTAAAAAAA&expiration=1647082396&is_secure=true
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGahZLjM3jAAMHSkHTAAAAAAA&expiration=1647082396&is_secure=true
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:16 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:16 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=AAAGahZLjM3jAAMHSkHTAAAAAAA&expiration=1647082396&is_secure=true
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
crum
dsum-sec.casalemedia.com/ Frame DB69
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=88A43826E64D4192B957B7C4E6FE616D
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=88A43826E64D4192B957B7C4E6FE616D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:16 GMT

Redirect headers

date
Fri, 11 Mar 2022 10:53:16 GMT
x-content-type-options
nosniff
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=88A43826E64D4192B957B7C4E6FE616D
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Thu, 10 Mar 2022 10:53:16 GMT
crum
dsum-sec.casalemedia.com/ Frame DB69
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3647879326392102687&expiration=1648205596
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3647879326392102687&expiration=1648205596
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:17 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:16 GMT
server
nginx
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=3647879326392102687&expiration=1648205596
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame DB69
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=04030001_622b2a1c582d2&knw=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_622b2a1c582d2
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_622b2a1c582d2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:17 GMT

Redirect headers

date
Fri, 11 Mar 2022 10:53:16 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=196&external_user_id=04030001_622b2a1c582d2
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
crum
dsum-sec.casalemedia.com/ Frame DB69
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377137828703288
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377137828703288
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:16 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=1791377137828703288
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame DB69
Redirect Chain
  • https://nep.advangelists.com/xp/user-sync?acctid=405&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D195%26external_user_id%3D%7BPARTNER_VISITOR_ID%7D%0A
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-be6ce8a0-7d69-40ce-a8e6-a9c55b12db41
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-be6ce8a0-7d69-40ce-a8e6-a9c55b12db41
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:16 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=195&external_user_id=av-be6ce8a0-7d69-40ce-a8e6-a9c55b12db41
date
Fri, 11 Mar 2022 10:53:16 GMT
server
Apache-Coyote/1.1
content-length
0
qmap
sync.crwdcntrl.net/ Frame DB69
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YisqEwvGNa5jhI2NpW1I0QAA%26992&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YisqEwvGNa5jhI2NpW1I0QAA%26992&gdpr=&gdpr_consent=&us_privacy=&ct=y
49 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YisqEwvGNa5jhI2NpW1I0QAA%26992&gdpr=&gdpr_consent=&us_privacy=&ct=y
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
52.206.174.18 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-174-18.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:16 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.15.73
content-type
image/gif
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:16 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=6725&tp=INDX&tpid=YisqEwvGNa5jhI2NpW1I0QAA%26992&gdpr=&gdpr_consent=&us_privacy=&ct=y
cache-control
no-cache
x-server
10.40.11.85
content-length
0
expires
0
htw-pixel.gif
js-sec.indexww.com/ht/ Frame DB69 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YisqEwvGNa5jhI2NpW1I0QAA%26992
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:16 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=2391
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 11:33:07 GMT
log
qsearch-a.akamaihd.net/ 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=projectevents&project=prebid&acid=fd3ab600-26c2-41e1-af23-34ba07f933eb&cid=8CU65UN7R&crid=330789210&adunit_count=1&dn=arstechnica.com&requrl=https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/&istop=true&event=client_bid_won&value=1.151&rd=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.53.184 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-53-184.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 11 Mar 2022 10:53:16 GMT
ibs:dpid=481&dpuuid=L0MAVUNK-24-AM7U
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=6404&puid=68547252942253779170798061318171033219&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=481&dpuuid=L0MAVUNK-24-AM7U?gdpr=0
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=481&dpuuid=L0MAVUNK-24-AM7U?gdpr=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v026-0a4e5be64.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
ElZC1BwuTK4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=481&dpuuid=L0MAVUNK-24-AM7U?gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ab995a74221271a8dc253760ec78ee1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
log
c21lg-d.media.net/ Frame 99AA 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=dh7qnZ0CnFFWd3yqDfRdNrnWn4wP4WeB&cs=15&vsid=2899975901454749000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:16 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 11 Mar 2022 10:53:16 GMT
log
c21lg-d.media.net/ Frame 36A0 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=plpq9DqIfXa2eZAKgl1x2B_vQYG9WIb3&cs=15&vsid=2899975901454749000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:16 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 11 Mar 2022 10:53:16 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 14D7
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?us_privacy=1---&d=https%3A%2F%2Farstechnica.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.214.21 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-214-21.compute-1.amazonaws.com
Software
/
Resource Hash
22b4738b19f4538b2b4e0e8fa9893dc9bd9aa2a9905d8cd04f22c03f7dfc8c94

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Fri, 11 Mar 2022 10:53:16 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Fri, 11 Mar 2022 10:53:16 GMT
pragma
no-cache

Redirect headers

date
Fri, 11 Mar 2022 10:53:16 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
log
c21lg-d.media.net/ Frame 9BA9 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c21lg-d.media.net/log?logid=kfk&evtid=cs&origin=1&pvgid=data-c&ovsid=A7vZOa2zviukNBKB0burXH6gSjs4Yz7z&cs=15&vsid=2899975901454749000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:16 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 11 Mar 2022 10:53:16 GMT
ads.js
presentation-atl1.turn.com/server/ Frame 84BC 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://presentation-atl1.turn.com/server/ads.js?code=181621418&aid=52361067&tuid=3333326546105296117&duid=2540974486664799477&uimpd=1-e0wV8KO7_6OpDUsrFHkFImqC2Mq6iijWw-q5J_b9_AoavTxZxc3-FRoPAbRARuGhzmXRNAsUGCV2SRhiWXBJQVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiPH8aNlM8Mg0HcjiYdfEhoO8K0XGVTAg2AHN5sPe8leOswD9bP6BDOMs3U90ToOThit5LDa5AzomEr7Vp98inouTNZdACyFHTyx7ymaICVaUaEcLK7AsKBSjzDi_-b69IVnr6v1HrATFo0W-HabdiuQKPneOyWL79xqGFgw5I59gIgJqIglsM1r52PvRQE7x6E_1rTYHileDcSEp9i2oWw3iZilkvx4S2Cbyb1aMiA9F7mavDOFe_vDZKj_smRTbZr1yCA20upKigXe2kHNY2tlq1bwWl57NhRm-8GgzvVh_ZM9nsHFzegwuqKuUdD2wuc_bGfkzy1aGMcshAut-SZSuiJt7Qv_kLWZbnCJLYkrcKNzZEkI3DQvqeQdfNgdyucWD8T6TdEdNNiqAaHS7A6IPoVU1A18zIbbfV545S3zTpUfAzA35TgmHnjB4IxBplp4Cis0LGAJvkHxk0Wo3iEEvj-E6JfnC1Z_junwiDVJ5RpvrsgCgO6i-RM03HMiXSs6ieHdpHqi8fHOXrxms5y5tOCN0LerxR5PvvtzVEpAbF91DgYK07eqYO8zC--3zX-568vzPAkyGYJeBaH4GIUZjtUZzeY2lZpTcqb4U2zn4k8KJRqPEYtbDOJ3mzd-UOnrNN28D_RQenYik--OyFyi5yEc7BPqQl-9vRqtJ-gIcVbGL5CW6FRKhIzXplIU338BQfBjuTuu25DmenG5yZ1iBSe8TYepIvn4kLjwLtzqThmgveRQJhVd2T3MdJEGvLsJf_ukC3905z5Ioh7dGFz6SJI7QdQSBzXD7LPTM7CV39HlchXohJLSmW1H-UtlkfNVnxFU4jH5dGJisS5JZX6U&acp=1.279
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
35fdad62baf3ffcea320584d286822a561c05dde8f52d72bed13bd3c861f7f82

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:15 GMT
content-encoding
gzip
expires
Sun, 13 Mar 2022 10:53:16 GMT
cache-control
public, max-age=172800, must-revalidate
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
vary
accept-encoding
content-type
text/javascript;charset=UTF-8
imptrack
presentation-atl1.turn.com/r/ Frame 84BC 		43 B
620 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://presentation-atl1.turn.com/r/imptrack?tuid=3333326546105296117&uimpd=1-e0wV8KO7_6OpDUsrFHkFImqC2Mq6iijWw-q5J_b9_AoavTxZxc3-FRoPAbRARuGhzmXRNAsUGCV2SRhiWXBJQVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiPH8aNlM8Mg0HcjiYdfEhoO8K0XGVTAg2AHN5sPe8leOswD9bP6BDOMs3U90ToOThit5LDa5AzomEr7Vp98inouTNZdACyFHTyx7ymaICVaUaEcLK7AsKBSjzDi_-b69IVnr6v1HrATFo0W-HabdiuQKPneOyWL79xqGFgw5I59gIgJqIglsM1r52PvRQE7x6E_1rTYHileDcSEp9i2oWw3iZilkvx4S2Cbyb1aMiA9F7mavDOFe_vDZKj_smRTbZr1yCA20upKigXe2kHNY2tlq1bwWl57NhRm-8GgzvVh_ZM9nsHFzegwuqKuUdD2wuc_bGfkzy1aGMcshAut-SZSuiJt7Qv_kLWZbnCJLYkrcKNzZEkI3DQvqeQdfNgdyucWD8T6TdEdNNiqAaHS7A6IPoVU1A18zIbbfV545S3zTpUfAzA35TgmHnjB4IxBplp4Cis0LGAJvkHxk0Wo3iEEvj-E6JfnC1Z_junwiDVJ5RpvrsgCgO6i-RM03HMiXSs6ieHdpHqi8fHOXrxms5y5tOCN0LerxR5PvvtzVEpAbF91DgYK07eqYO8zC--3zX-568vzPAkyGYJeBaH4GIUZjtUZzeY2lZpTcqb4U2zn4k8KJRqPEYtbDOJ3mzd-UOnrNN28D_RQenYik--OyFyi5yEc7BPqQl-9vRqtJ-gIcVbGL5CW6FRKhIzXplIU338BQfBjuTuu25DmenG5yZ1iBSe8TYepIvn4kLjwLtzqThmgveRQJhVd2T3MdJEGvLsJf_ukC3905z5Ioh7dGFz6SJI7QdQSBzXD7LPTM7CV39HlchXohJLSmW1H-UtlkfNVnxFU4jH5dGJisS5JZX6U&acp=1.279
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:15 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
log
qsearch-a.akamaihd.net/ Frame 84BC 		35 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&splid=rail_300x250_300x600&app_type=&bdr_typ=3&ogerpm=0.0&dn=arstechnica.com&stid=rail_300x250_300x600&other_prv=201&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F99.0.4844.51+Safari%2F537.36&jar_err=&buyer_id=1608435242&bdp_wider_bucket=2&adtyp=0&acid=a047d3e1c3964bcc94d8a48d86740289&req_id=fd3ab600-26c2-41e1-af23-34ba07f933eb&bidfp=0.0500&pvag_id=&ugd=4&infl=0&o_ver=NT+10.0&br_ver=99.0.4844.51&exp=0&ver=8.11.0&totalTimeBucket=0&visibility=0&second_bidder=*&totalTime=43420&e_rpm=&dmm_m22=&gpid_format=&gdpr=&vsid=&seat=1566&size=300x600&f_seg=&prdp=1.1511&gpid_sent=false&ogerpm_used=&cid=8CU65UN7R&bcrid=16320108461493&ogcbdp=1.1511&dfpbd=1.1511&server=&ogerpm_wd_bkt=1-2&viewability=-0.01&rawbid=1.279&dmm_r=&dmm_l=&sub_bidder=&tcyerpm=&sc=QC&send_erpm=false&pst=EMS&sd=-1&hb_exp=&pbshr=90.0000&seg=&dmm_d10=&o_id=101&clisp=rtb-control-common-84d6d6dc9-dg62x.SC&adblk=&ugd_ver=&requrl=arstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&itype=prebid&pvid_seat=201_1566&bidrestime=1646995984657&cc=CA&strg=no_strategy&ss=1600x1200&cliIP=2503514547&advurl=discoversouthcarolina.com&crid=210143284&time_stamp=2022-03-11+10%3A53%3A04&sat=0&rvshhon=1&bdp=1.2790&br_id=265&ct=montreal&akey=&mnckfl=0&gpid=&iwb=1&second_bid=0.0&sc_pvid=201&capd=0&algo=no_strategy&other_bids=1.1511&dc=east_sc
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.53.184 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-53-184.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:16 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Fri, 11 Mar 2022 10:53:16 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 73DC 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Fri, 11 Mar 2022 10:53:16 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=9273
access-control-allow-credentials
true
content-length
62892
expires
Fri, 11 Mar 2022 13:27:49 GMT
log
hblg.media.net/ Frame 73DC 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&ctr=-1.0&app=0&cc=CA&viewability=-1&cbdp=1.151&slotVisibility=0&dn=arstechnica.com&acid=a047d3e1c3964bcc94d8a48d86740289&ugd=4&size=300x600&pvid=201&csip=rtb-control-common-84d6d6dc9-dg62x.SC&ogbdp=1.279&prvReqId=7724748547169_1333141290_2101432842011&itype=PREBID&requrl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&mang=1&bidrestime=1646995984657&cid=8CU65UN7R&rme=adm&cpr=0.39503907410616335
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:16 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 11 Mar 2022 10:53:16 GMT
clog
hblg.media.net/ Frame 73DC 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=2&spSource=0&ifst=0&vid=fd3ab600-26c2-41e1-af23-34ba07f933eb&s_city=montreal&ugd=4&exp=sfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7CssProfile%3D0%7Cdbr%3D1&app=0&ctr=-1.0&ae=false&mx_UCC=2&prspt=headerBid&usp_status=0&seat=1566&og_cbdp=1.151&screeninfo=1600x1200&size=300x600&mx_gpid_sent=false&xtmax=350&commit_id=5f59afe1&itypeid=3&mx_SPRIG=1&viewability=-1&renderer=0&be=0&rtime=39.0&adj0=0.0&s_ip=149.56.153.179&adj2=10.0&adj1=0.0&usp_string=1---&mx_lr_seg_cnt=0&adtypes=0&mx_aabpc=0&reqid=fd3ab600-26c2-41e1-af23-34ba07f933eb&sc=QC&sd=-1&mowxReqId=a047d3e1c3964bcc94d8a48d86740289_3&ifdp=0&requrl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&bidrestime=1646995984657&pv_adtype=0&cc=CA&strg=no_strategy&pcrid=1608461493&pbasrc=0&coppa_enf=true&is_rewarded=false&bdp=1.279&ct=montreal&spIsReq=3&s=1&abs=0%7C0%7Cnxblock%3D-1%7Cno_strategy%7Cbrr%3D1&mx_epbc=8CU65UN7R&dnt_enf=false&mx_ssBucket=0&vls=0&asn=16276&mang=1&mx_isLossNtf=false&advUrl=discoversouthcarolina.com&dn=arstechnica.com&pgcatiab2=596&dt=O&acid=a047d3e1c3964bcc94d8a48d86740289&actltime=94&act=headerBid&iframingState=0&ufca=0&mx_lr_seg_deal=0&dfpBd=1.151&sckfl=0&mx_lr=0&coppa_applied=N&mx_adid=52361067&bfs=103&rfc=1&prvApiId=8CU65UN7R&epcexp=false&pubid=pub-8CU65UN7R&mx_bsProfile=3&cid=8CU65UN7R&bcrid=16320108461493&omul=1.0&res_mtype=0&apPrfs%3C%3E=13&pgcatiab=IAB19&chnl=no_strategy&pst=0&reqsize=300x600&adpos=0&itype=PREBID&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CU65UN7R&tgtval=pub-8CU65UN7R&__expireat=1646997784911&gsi=0&reftype=0&prvAccId=210143284&ckfl=0&pgcatsprig=1227&lper=1&mx_tgs=300x250%7C300x600&cbdp=1.151&pvdTmax=299&ltime=91.0&epc=210143284&prvReqId=7724748547169_1333141290_2101432842011&bId=1608435242&exid=78&spFst=0&mx_GCID=0&cliIPType=v4&pexid=PREBID-8CU65UN7R&brsrclk=0&mx_g_uid_cvrg%3C%3E=pubcid&rtttime=96&apTags%3C%3E=75&mx_PC=1&wsip=mowx-754d75bc5d-8qckq&currsrc_date=2022-03-09+00%3A00%3A00&mx_divid=rail_300x250_300x600&geoll=false&debug_ts=2022-03-11+10%3A53%3A04&mx_ssProfile=0&mx_SC=0&reftime=15000&pbidflr=0.056&spbf=0&currsrc=API&fpusp=false&mnrfc=1&moau=false&ocurr=USD&stagid=rail_300x250_300x600&snm=SUCCESS&mx_IAB2=1&usp_enf=1&bidflr=0.050&coppa_status=N&pid=8PRL4E7N3&spTo=3&pvid=201&mx_mrpp_key=profile_1&is_ortb=false&mx_aurl_hc=0&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=0&csip=rtb-control-common-84d6d6dc9-dg62x.SC&mx_bsBucket=4&mx_aurt=0&spIvt=3&dsid=rail_300x250_300x600&ptype=23&media=0&smsrc=1&acsn=1&dtc=east_sc&cat=IAB20-8&mx_aqcpl_crid=4&ogbdp=1.279&tpbTkn=false&fpuReq=0&vcmplrt=-1.0&crid=210143284&geo_source=2&sat=0&mnet_ckfl=0&mp_seg%3C%3E=44629%23%2315607%23%2317212%23%2361085%23%237685%23%2317191%23%2358550%23%2361049%23%2361052%23%2361967&dfpDiv=rail_300x250_300x600&opbidflr=0.056&impId=493aa5787fa4d5a&rme=adm&utime=11744&sf=0&cpr=0.706743255930224
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
max-age=3600
date
Fri, 11 Mar 2022 10:53:16 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Fri, 11 Mar 2022 16:53:16 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F4E3 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 00:44:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36522
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2023 00:44:34 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 661A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Thu, 10 Mar 2022 19:21:12 GMT
expires
Fri, 11 Mar 2022 19:21:12 GMT
cache-control
public, max-age=86400
age
55924
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0975 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_bbc32662d3ff8adbbac6de6e5ec04c71.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=140362
expires
Sun, 13 Mar 2022 01:52:38 GMT
date
Fri, 11 Mar 2022 10:53:16 GMT
vary
Accept-Encoding
visit
events.bouncex.net/track.gif/ 		42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/visit?wklz=G4SwziAuBcCuYFMBOBDA5ggdpAvAWQHsAvEAG1JQFIAmAMQFYA6ABhuYAoB1ETAEwIDuYNgDkAKmwCMzFpQDMAITbdMANgAs8pdWYAPDQEo2AQQAOp0gk4IARgGkoNBnIDsjOarbs7ACTF4AGRoAYTZSEABrBDYAcQQAYwiCIx1ggAskAgBbaLoATjyWRnUADnV1RnpJNgBlFAAzFCQQJ3pXd1UAMlAIGCQEeuR+pBxu8ChoCj4eNFN0BFgkUhw0yEhTYWo24xp6Ol26JrBIBLTMEHiURnjsg9oeeoIkLJRIEAJMAFoT+LOCUgIaAAnncdNRqHdmHI7oNeGBPghdJBULwoAhPqhMGBsgImuiwPBTAlIPD6pksp9qJ9TJlwvULp80ChMGh4TxPihPhAWZZPgIEAgIncxr1oP1saRYG8ProcJJVMxmCKJuL-lL3pggXKdEqehN4vBINlgE0QCgbJYwDhKC5tNRQLwEAQAPp6i25CFyHbgxqkRA0CHUULguYYZ2QIFEgPyb3UJpveKWaNBgNZAi8FCkV3jd3Rr0B33+8EhAPxi6WZ2YFA5POxwsekvgsuJhDOy4nNBPEHF-M+zNFwPB6hM8jIIGV6sN3vUevJocjyxIcfthCdpe1gv9hsp8EAtAYXjOngbvt+7dDhDAZDOvcHo+YE8zrdzgO8eqmZ1IC0ERKPzAESBPwQFBeG7QcA3iTBnQQF4yGdAkbDAeJmhsZBH1nYsd2oBCsigE5DxglA4KeGxHB7Otn2LFwABFlRgG4CAiEAEGtW0A2ADc2JoxsZ2ASBa3ldRVAKegCk0LCHQEjRhLyUS8lKEpJDkISeJQAha1YLDSFMR9VnWTZtjuO4jh+M4LiuG4sjuB4nheaUvlM-8927PZaDBQNXKhGEEDhBEkRRNEMWZbEslxfouUJYlSXJSlqVpEB6XiRlmVZT52U5bk0F5flBSMzChxQTZPWMTSh2AUwOPI6osN4R9avygMkEfF9wXiPipKEkSxJ4iB6uKz5qvnZDaxcTwsKs8jStfEA+pjAMSmYSQ8kkeh1BcdRFTkehVGodQqjG8Dd3aqrpK6+SbVo+BkHmbBoBsTIhGQHB0nJBBOiu1AMFuq8kAgD4cAKIpSnKSpJHexBPqwGALFeR5nhwFR+CEKQlQ+m6YEdUB4gQCMiRwR0wAiI1TE6A1jmyZBoDSQqbkwH78JwJUMAIaAblgbAlxuR1nuMTpmdZgh2eRIEuYQOQeZEPmnQFoWlyrHJnuZECUClln+jQDUcAARWCVWxVXDV5ZYrXYFsBI9fiKAtUIDngNIPXTAIY5M1FnAfDkGILY+N5MCh12RF5tNuaVflELRGacGoBauj1N5eDlU7ZLEkpFOUrpMYuBAI4WpaVrWjaoW23b9s6UNL2YgQI7BxAAEdTcwbGI6VRNmOwN4cmdrJTATzqk7yVR6GYehSfCKGUFMEAfr+zAcEgdA5E6DPsfxzpsUWZfQ86dGcA+oA
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:16 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
pageview
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/pageview?wklz=A4Qw5gpgbglhDuAuArgJwDYF4AWAXXwAzgKQDMAgsQEwBi1NIqhuEAxtgHYysgB0rAewC29GBwBmA1EJC4YAjgFoW7DgPQCwAT3pUADFSr09peuIgATQoogAPXKhAWYLRY46Fh8RhEWFkhMBsuNbiqMKKVIrA4egw4tyKYCAcYNZiiiB+YmDovvAQEADW9ABkoJCwCIisAbjCUIwwIABGeYSYxADsAELUVLAWEAIA+rCEMG0Q-WSUhuIg6ITThtQAwv0VECO4WkEzFP2Mcqx5M1QbhkICFotjMBNTB3NUC0srRhdHqCd5IxwgIQfWb9N7Lc6XKjHbh-HgsMBSHSrQ7zRbg1ZfQzJdB5VBaf6A4Eo15o4GYqjY3H4uEQBF456g0kQ-oaMCQCwjMQM1HvZmGaAQVAjVnszkcbkk3kYyEWcTAEaoNoCVglZEvNS4BUQJxIz6Q1gcEYQGQwdAjfwtQisVCTQUSsFkyEWoQuFgc40gU0jKQtFz2pmrLoAEXK4GgcCQggERTgEwAXhBMKQACwAVlK1yGmD0pQKlpcEBgFkwVAAHHoAGylcYuIuYACMFeTFYAnC3U23k6XS-WU1WhrBWIXi+X6y366nk11k3oTKmK1Q043Q5UI3X66VlgBHZAQDhD9elU5wDj4GBA5iA4ANput9ttiupvQto9xPe4EDAGBQQUTBSYD8wFIUoB24RMLE3AQ0CHTA81KMNT0wAJBSAA
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:16 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
article_view
events.bouncex.net/track.gif/ 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/article_view?wklz=IYJwLglgxgNgpgXgKQHYBCSBMmkBYAMYAngA5xY4DMAghaJLOdlgMIXFkVI13jTxdMbbJDADmPbADE4AEwDOWfHAAeYEMFkQwTfBoB28gPYBbAO6hd8gK7yyUMIsz4AZiFNKczku5gQX0EoA5sD6QU74EPpKwEryUUHi+GZwcADWgsKY1iAwXJKYABZgYCSKklJYUqDyOlCF+tDAAHRQHphSUS5GICbAkEb6ALR1DUYwRkFEVc7MHfiUVS5y8kOq6pracEMGxuaWQzZ2cA6rbqZDmEM+4-7QQyFhq1FDwIcJ8EMp6VWZFBB9IJMKi0bDFUrlUGVDpQWT6Zo1UaNKAtfRwMBVMwkIZtfQ6PFVawkCaaJxSWZeKQLKoAIxgORARCG+FWoVkQwAjKsUAA2fAqSgADnwzQAVmQgn9sLI4PIoCAICQBtEJKDMABZUIxEAKgBuCSU5xMSgAqmkNFFdMAoFBbHIlEYXEoUbYDc4ANLAeRwIixZw2EjE6bOerAKIxErWtLNLgoAAiADITEYZQh8AmUjT4joILIEJhhTyE-rs7mEByebgeQBOasAVlruEFgo5lCrCZl+qgcDLwo51Y5ddwKAICzrPMwuDrFYTJGAQP1cDMZY5Ce9AEdrHB9N2y5gE7AINuSgDZWBgCYSOXKzX67WedP94fj8ASBBdXAQPFBghz0FKB2cBdogshrkYOTdggmYJvOx4IHaIBAA
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:16 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
sync
x.bidswitch.net/
Redirect Chain
  • https://ssp.behave.com/push_sync
  • https://ssp.behave.com/ul_cb/push_sync
  • https://x.bidswitch.net/sync?ssp=bouncex
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=82063e31-d895-4c78-815b-e5685b556304&ssp=bouncex&gdpr=&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10601403155718488451&gdpr=&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vis...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5&ssp=bouncex&gdpr_consent=&gdpr=
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=163850804087006939230&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10601403155718488451&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10601403155718488451&ssp=%3CSSP_VALUE%3E&gdpr=&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:19 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10601403155718488451&ssp=<SSP_VALUE>&gdpr=&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
truncated
/ Frame F4E3 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f54a4b534eff2d0440a262b1b1605f097fa4f47d87b389d7245863aea567726

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
2806
dfp.bouncex.net/pub/ 		6 B
177 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dfp.bouncex.net/pub/2806?li=4884048123|5203039836|5342964441
Requested by
Host: cdn.arstechnica.net
URL: https://cdn.arstechnica.net/wp-content/themes/ars/assets/js/main-7329c51a38.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
190377615dab87592bde12754eb00953d988b3f76326e097b61f3f77ecdec486

Request headers

Accept
*/*
Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:16 GMT
via
1.1 google
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://arstechnica.com
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
clear
content-length
6
css
fonts.googleapis.com/ Frame 2441 		12 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13230765150597808128/CR_popcornews.com_BL_CA_PC_Nongoogle_creative.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200a Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
af44f53567423b9ed7c413bcc6fcd8ef81ef36e20b6b2993d617959cef292443
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 11 Mar 2022 10:16:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 11 Mar 2022 10:53:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 11 Mar 2022 10:53:16 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 2441 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13230765150597808128/CR_popcornews.com_BL_CA_PC_Nongoogle_creative.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13230765150597808128/CR_popcornews.com_BL_CA_PC_Nongoogle_creative.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 15:48:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68682
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 11 Mar 2022 15:48:34 GMT
ibs:dpid=134096&dpuuid=2022031110531600094704083240
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://x.dlx.addthis.com/e/demdex_sync?na_exid=68547252942253779170798061318171033219&ru=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%3Cna_id%3E%20
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022031110531600094704083240
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022031110531600094704083240
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v026-018537d0e.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
88xnpRHxQxE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=2022031110531600094704083240
pragma
no-cache
date
Fri, 11 Mar 2022 10:53:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Fri, 11 Mar 2022 10:53:16 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=conde.ars&zMoatAdUnit2=hero&zMoatAdUnit3=information-technology&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=7&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=4&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=315&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995982584&de=901890910919&rx=604451054343&cu=1646995982584&m=12079&ar=359f21c1e97-clean&iw=8105762&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=1&ag=5569&an=1170&gi=1&gf=5569&gg=1170&ix=5569&ic=5569&ez=1&ck=1170&kw=1504&aj=1&pg=100&pf=100&ib=0&cc=1&bw=5569&bx=1170&ci=1170&jz=1504&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5530&cd=1504&ah=5530&am=1504&xd=00&rf=0&re=1&ft=1543&fv=0&fw=1543&wb=2&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.ars&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=197273&na=1058491859&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:16 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:16 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame FFB5 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x480%7C480x70&iu=%2F3379%2Fconde.ars%2Fplayer%2Finformation-technology%2Farticle&ciu_szs=1x1&gdfp_req=1&env=vp&output=xml_vmap1&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.5%26ctx_page_slug%3Dfeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%26cnt_tags%3Dcriminal-justice%252Cextortion%252Cindictments%252Cransomware%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D26%26usr_bkt_pv%3D64%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D%26ctx_line_items%3D%26height%3D329%26muted%3D0%26right_rail%3D0%26sensitive%3D0%26series%3D5c82bcebbcdfff6f132fc5e6%26width%3D584%26feature_flags%3Dclick-to-play&correlator=1247721029048928&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Funsolved-mysteries-unsolved-mysteries-of-quantum-leap-with-donald-p-bellisario&vid=60abade4dc31e5375248cba6&cmsid=1495&ppid=8a88dde585d64eb899f5d9efef957024&sdkv=h.3.503.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&ptt=20&adk=1842440556&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.503.0&sid=B07DA196-8442-46DF-8217-E8EDE3B34F58&nel=0&eid=44737473%2C44758348%2C44758374&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&dlt=1646995984621&idt=7636&dt=1646995996854&cookie=ID%3Dc0d5607e9ac7d54c%3AT%3D1646995983%3AS%3DALNI_MaTKKKWzO4ygPJr4VtVBpOnLfT8Jg&scor=2691703139664711&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.503.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
17911ae0a17688919987f0465e31d1c0ff584378fe16eeb2798c94d1a404f2da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1473
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame B849 		10 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=640x360%7C480x70&iu=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&ciu_szs=1x1&gdfp_req=1&env=vp&output=xml_vmap1&unviewed_position_start=1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.5%26ctx_page_slug%3Dfeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%26cnt_tags%3Dcriminal-justice%252Cextortion%252Cindictments%252Cransomware%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D26%26usr_bkt_pv%3D64%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D%26ctx_line_items%3D%26timeout%3D500%26height%3D155%26muted%3D1%26right_rail%3D0%26sensitive%3D0%26series%3D5c82bd18bcdfff6f1f2fc5e7%26width%3D276&correlator=1247721029048928&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&vid=5f90976042b5f03ec594bace&cmsid=1495&ppid=8a88dde585d64eb899f5d9efef957024&sdkv=h.3.503.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3408565466&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.503.0&sid=60285F20-5F79-4679-B13E-11E3CC8D51C6&nel=0&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&dlt=1646995984202&idt=8379&dt=1646995996967&cookie=ID%3Dc0d5607e9ac7d54c%3AT%3D1646995983%3AS%3DALNI_MaTKKKWzO4ygPJr4VtVBpOnLfT8Jg&scor=2691703139664711&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.503.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e518991bba2a5cf9106c207b2bcb4c19489875e919a76259605c3c7bc47ce0c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1498
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=540&dpuuid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=ADB&partner_url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D540%26dpuuid%3D%24%7BTA_DEVICE_ID%7D&partner_device_id=68547252942253779170798061318...
  • https://dpm.demdex.net/ibs:dpid=540&dpuuid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=540&dpuuid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v026-00717f77f.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
H1OLljNeTjs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=540&dpuuid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5
date
Fri, 11 Mar 2022 10:53:17 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
crum
dsum-sec.casalemedia.com/ Frame 14D7 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=f1770967-7ffa-4f4c-9ee5-7d6695b3f917&expiration=1654944796
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:17 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:17 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 84BC 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/ads.js?code=181621418&aid=52361067&tuid=3333326546105296117&duid=2540974486664799477&uimpd=1-e0wV8KO7_6OpDUsrFHkFImqC2Mq6iijWw-q5J_b9_AoavTxZxc3-FRoPAbRARuGhzmXRNAsUGCV2SRhiWXBJQVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiPH8aNlM8Mg0HcjiYdfEhoO8K0XGVTAg2AHN5sPe8leOswD9bP6BDOMs3U90ToOThit5LDa5AzomEr7Vp98inouTNZdACyFHTyx7ymaICVaUaEcLK7AsKBSjzDi_-b69IVnr6v1HrATFo0W-HabdiuQKPneOyWL79xqGFgw5I59gIgJqIglsM1r52PvRQE7x6E_1rTYHileDcSEp9i2oWw3iZilkvx4S2Cbyb1aMiA9F7mavDOFe_vDZKj_smRTbZr1yCA20upKigXe2kHNY2tlq1bwWl57NhRm-8GgzvVh_ZM9nsHFzegwuqKuUdD2wuc_bGfkzy1aGMcshAut-SZSuiJt7Qv_kLWZbnCJLYkrcKNzZEkI3DQvqeQdfNgdyucWD8T6TdEdNNiqAaHS7A6IPoVU1A18zIbbfV545S3zTpUfAzA35TgmHnjB4IxBplp4Cis0LGAJvkHxk0Wo3iEEvj-E6JfnC1Z_junwiDVJ5RpvrsgCgO6i-RM03HMiXSs6ieHdpHqi8fHOXrxms5y5tOCN0LerxR5PvvtzVEpAbF91DgYK07eqYO8zC--3zX-568vzPAkyGYJeBaH4GIUZjtUZzeY2lZpTcqb4U2zn4k8KJRqPEYtbDOJ3mzd-UOnrNN28D_RQenYik--OyFyi5yEc7BPqQl-9vRqtJ-gIcVbGL5CW6FRKhIzXplIU338BQfBjuTuu25DmenG5yZ1iBSe8TYepIvn4kLjwLtzqThmgveRQJhVd2T3MdJEGvLsJf_ukC3905z5Ioh7dGFz6SJI7QdQSBzXD7LPTM7CV39HlchXohJLSmW1H-UtlkfNVnxFU4jH5dGJisS5JZX6U&acp=1.279
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:22:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1864
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5008
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:23:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 11 Mar 2022 11:22:13 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CONDEVIDEOCONTENT1&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1646995996208&de=460753115249&m=0&ar=359f21c1e97-clean&iw=a0cb2c4&q=7&cb=0&ym=0&cu=1646995996208&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=Unsolved%20Mysteries%20Of%20Quantum%20Leap%20With%20Donald%20P.%20Bellisario%3A%2F3379%2Fconde.ars%2Fplayer%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&zMoatVideoId=60abade4dc31e5375248cba6&zMoatAP=-&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&gw=condenastjsvideocontent160527792519&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1145%3A1145%3A0%3A1743&fs=197273&na=1698001106&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:17 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:17 GMT
reloadCampaigns.js
api.bounceexchange.com/bounce/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.bounceexchange.com/bounce/reloadCampaigns.js?wklzs=1181&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYAWQgTjIFYKB2AJgA4AGTYALxChYHcBTAIxypgvAPqoAJlEZNCmAE68cIADZw0GAoSZMAHvjo6FvGL3mL5UbAEMVK1AgDmouPJVQAFsGAAHHAFIAZgBBfzoAMTDw63kcESQPBFQkawA6JBAAWyiHGBB5TOsNBABaeMTVEEcATyjDOjoopkCo0wkcEt5dYHlrCWFeEt6EZUzuGMGcOBwfXlwSmHkskroSnyX7GGSSx2snDocS6xKhJxVBvl4AayjMADdUIWBRDJAr1F4ofxoAITC6FQ+f5BUINLy+AJ0SghMKUCKwiIxOJzRLJNIZbJQiK5fKFYplFEISo1BHheqNLHhZqktodLo9PoDIZ7UbjRQnaazeaLZardaqVBbJA7PaOA6lY6nRznEqXG6U4F0ADC-3kwJhDWBNAAItgQG8Pl9fv87urQsaGrw7mZRCoqo5eBJxAgzTBbDheN9tWEVQ0YHdgGaiKQKNQyMQfSbJEGSOQqBRiAwGPhAqRIw1rCAzUx0wCgZqNXRwX5YRq4ZFKUjykkUuksqScQUiuhStXibVKeTSdTKbTOt1ev0RMyRlk2ZNOXNgB0eZkVmsNoLtrt9iVDpKHNKLrxrqTFb66NZIY0QjnlSafKaC8F8LmJGb-vfNeeGmrr4qKQekAGYyH4+HcyEJ8T2CT9-kcJA3xAmhCFzTEQLPA9+mAkF-mYfAyHwShiBoYgdECShCDoYhKCIfd-hUH9r2DOMwwjHV7iRABtB4JF4EBRAeIR+HOABdWB3V4RjYiYnxrAdURgGqWZ+JiNAkHOYScCYzIQAkWxOMeVAeN4fi3RUD0lKYuTknOUQEGsTJdIEgyhLuZiTIUsQUhERx8mqPTBKM3Y7DMapzMs6z9MM+yRJ8855H8lzeDcyLPNsoy7UcB0nQceKQuYq0bSSlLnXSuzmIkGAfFEeQeJAJArlkuwQG4IykAQUReEKVAVFEKZBEg7SzHyoyOsyYQRCdZrrFa0R8n4YReted4xFADiVBiB0bMM-gfC4TBeF8KAmN4zAfGnKwMR8ew9iQMQYEWxwrCKnxdqgRMGDwxMDECTBbvuuFmmaMgGECOQPv46FiDoMgSGIYh8HuDxrCsS9JAIBQVCk2YoFu0rysqpGLKsqBQtQawdKAA
Requested by
Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/br-ijs_all_modules_bbc32662d3ff8adbbac6de6e5ec04c71.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ac485ca8f3e0bdf5762188555494d8321d27406d7c62b7cd6f2a9537722cd360

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:17 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 10:53:17 GMT
timing-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
16
content-type
text/javascript;charset=UTF-8
alt-svc
clear
via
1.1 google
expires
0
reloadcampaigns
events.bouncex.net/track.gif/ 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.bouncex.net/track.gif/reloadcampaigns?wklz=E4UwNg9ghgJgxlAtgBygSwOYDsDOAuOAVxwBcJEA3KYNKAIzBBwF4BSAdgCFWAmHitDBAQA+gJxoGIXj1YBmAIIyAZlDA5pfXgGEZqDCBEkAnsk2zFM6iTRxGMnTMQQYasWglSHlvqvXnHPmtbRhEsJACfHj8NBx5dIOAbO0MEEhAMCGBjbyVfNViteJkMNUZssIjclQKA4r5SsHLjETSMrJytKJi6hJ5IDAMYETQsavz-OL6QChBgEQGhkbGuvOjaqZkYZWQRYAYIOABrcZ4yiAB3Tb44LBEQRHQwERxCOhw4Gjo5057rnledEQaBI6WGDyeIiydBBvw2WnYABEAGSgSCwBAodDYfDhRAgZhUGj0Rio8DQeBIVCYXB4ExmZjbXb7SDHZHOITMAAMyIuIHeIJAgmYPAAHFyAGzI8Qg4UARglABYJQBOFUAVjVitForlcmVyKEAjgQpgzHFcpVcvVivYiq5XLk6olPEV6oVyP0MzQIAu8uRGgAjoQQFgTcK5Mi7D6sKC0PjSFTmArlWrNSr2GK5VGwDGSFBkGhZsAJBAsMx8xhI0bbASYAGIIRgCbmHy6MioAZY8xiHMgA
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.8.32 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
32.8.111.34.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:17 GMT
via
1.1 google
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
0
timing-allow-origin
*
alt-svc
clear
content-length
42
expires
Tue, 01 Jan 2001 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4EBB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Mar 2022 00:44:34 GMT
expires
Sat, 11 Mar 2023 00:44:34 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
36523
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ibs:dpid=601&dpuuid=211622110763255&random=1646995997
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://dp2.33across.com/ps/?pid=897&random=1622186278
  • https://dpm.demdex.net/ibs:dpid=601&dpuuid=211622110763255&random=1646995997
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=601&dpuuid=211622110763255&random=1646995997
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v026-014f7d664.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
MKjO2GXfS/w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:17 GMT
referrer-policy
unsafe-url
server
33XP001
x-33x-status
200004000C
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
location
https://dpm.demdex.net/ibs:dpid=601&dpuuid=211622110763255&random=1646995997
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
Thu, 01-Jan-70 00:00:01 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v24/ Frame 2441 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v24/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 19:54:38 GMT
x-content-type-options
nosniff
age
140319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:19:40 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Mar 2023 19:54:38 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2441 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 08 Mar 2022 14:35:30 GMT
x-content-type-options
nosniff
age
245867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Mar 2023 14:35:30 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2441 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700,300italic|Roboto:700,regular,300,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:808::2003 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 10 Mar 2022 08:30:30 GMT
x-content-type-options
nosniff
age
94967
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 10 Mar 2023 08:30:30 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
f888e2cc-72c4-4e8d-abbf-db2c8eebbfa9cc.vtt
dp8hsntg6do36.cloudfront.net/5f90976042b5f03ec594bace/ Frame 8A4E 		40 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f90976042b5f03ec594bace/f888e2cc-72c4-4e8d-abbf-db2c8eebbfa9cc.vtt
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7e089a22bf0a1054f2eb57f4d54c7d6db7f5b58c45c019f69f8ec8ee5c26d29

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:18 GMT
Via
1.1 3c6fb804e042beb7f78515bd450ae3a2.cloudfront.net (CloudFront)
Vary
Origin
X-Amz-Cf-Pop
EWR52-C3
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Content-Length
40886
Last-Modified
Thu, 22 Oct 2020 01:05:27 GMT
Server
AmazonS3
ETag
"6cf36869794ecdb13f1e8797c90fe8ca"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/vtt; charset=utf-8
Access-Control-Allow-Origin
*
Accept-Ranges
bytes
X-Amz-Cf-Id
KI0KI12mpHDnhJZLC9hykaCL4bTnr1rhtFSBy-75ReGIpshKwv23Og==
/
www.facebook.com/tr/ Frame 8A4E 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1663130473914833&ev=Start&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&rl=&if=true&ts=1646995997635&cd[brand]=arstechnica&cd[url]=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&cd[category]=Video%20View&sw=1600&sh=1200&v=2.9.55&r=stable&ec=0&o=30&fbp=fb.1.1646995988224.403967254&it=1646995993921&coo=false&exp=p0&rqm=GET
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 11 Mar 2022 10:53:17 GMT
track
capture.condenastdigital.com/ Frame 8A4E 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A17.760Z&_c=Video%20View&_t=Content%20Start&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&cId=5f90976042b5f03ec594bace&cKe=war%20stories%2Cars%20war%20stories%2Cars%20technica%20war%20stories%2Cwar%20stories%20nintendo%2Cars%20technica%20nintendo%2Cars%20nintendo%2Cnintendo%20entertainment%20system%2Cnintendo%20power%2Cnintendo%20power%20magazine%2Cnintendo%201985%2Cnintendo%201986%2Cnintendo%20of%20america%2Cgail%20tilden%2Cnes%2Cn.e.s.%2Cnes%20launch%2Cnes%201985%2Cgail%20tilden%20nintendo%2Cg%20tilden%20nintendo%2Cgail%20tilden%20nintendo%20power%2Coriginal%20nes%2C8bit%20nes%2C8bit%20nintendo%2Chistory%20of%20nintendo%2Chistory%20of%20nes%2Cars%20nes%2Cars%20technica%20nes&cPd=2020-10-29T15%3A00%3A00%2B00%3A00&cTi=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=1582&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pWw=276&pWh=155.25&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=8a88dde5-85d6-4eb8-99f5-d9efef957024&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2201b4160%22%2C%22guid%22%3A%228b6d854e-a1a9-f2f2-b709-2dd5f43cd4e3%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:17 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ Frame 8A4E 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A17.761Z&_c=Video%20View&_t=Any%20Start&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&cId=5f90976042b5f03ec594bace&cKe=war%20stories%2Cars%20war%20stories%2Cars%20technica%20war%20stories%2Cwar%20stories%20nintendo%2Cars%20technica%20nintendo%2Cars%20nintendo%2Cnintendo%20entertainment%20system%2Cnintendo%20power%2Cnintendo%20power%20magazine%2Cnintendo%201985%2Cnintendo%201986%2Cnintendo%20of%20america%2Cgail%20tilden%2Cnes%2Cn.e.s.%2Cnes%20launch%2Cnes%201985%2Cgail%20tilden%20nintendo%2Cg%20tilden%20nintendo%2Cgail%20tilden%20nintendo%20power%2Coriginal%20nes%2C8bit%20nes%2C8bit%20nintendo%2Chistory%20of%20nintendo%2Chistory%20of%20nes%2Cars%20nes%2Cars%20technica%20nes&cPd=2020-10-29T15%3A00%3A00%2B00%3A00&cTi=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=1582&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pWw=276&pWh=155.25&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=8a88dde5-85d6-4eb8-99f5-d9efef957024&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2201b4160%22%2C%22guid%22%3A%228b6d854e-a1a9-f2f2-b709-2dd5f43cd4e3%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:17 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame 661A
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEOYlwd8UZdpOkF0MReGLMDo&google_cver=1&google_push=AYg5qPItbd_7ABphX9eMGsTAVPLFbnnafB-JpZKReLVauNINmMOLoaEpM6YxIomrxZfp0K9thHbYALY2ujV5KtQSdQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmUwNjMzZGMtYTQwMy00MmQ0LThmZGQtMDNiY2Y4MjY4NDg4&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6e0633dc-a403-42d4-8fdd-03bcf8268488
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmUwNjMzZGMtYTQwMy00MmQ0LThmZGQtMDNiY2Y4MjY4NDg4&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6e0633dc-a403-42d4-8fdd-03bcf8268488
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:17 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=NmUwNjMzZGMtYTQwMy00MmQ0LThmZGQtMDNiY2Y4MjY4NDg4&google_push&gdpr=0&gdpr_consent=&ttd_tdid=6e0633dc-a403-42d4-8fdd-03bcf8268488
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
CookieSyncAdX
rtb.adentifi.com/ Frame 661A 		0
47 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncAdX?google_gid=CAESEEy2GEf1P7bfMrB2okVBl_4&google_cver=1&google_push=AYg5qPIfD_iW-uGwt8Z2Y8rNMeamygz4TfRNiubKeQ9vUSCVUaASx2rwxeIbkTCntbBKNQxZUt2UdJyYEDBW_RoCaceg2FJXBRgj0A
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.124.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-124-234.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:17 GMT
content-length
0
content-type
text/plain
pixel
cm.g.doubleclick.net/ Frame 661A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEjEwtEr9guHZMOcr6TIBac&google_cver=1&google_push=AYg5qPK-pxPMUjzXfYEkrHb3HJ7QFcimWb_s-mipXrDmP7Wn8-_iSiqzfoX4k8xp3m756bG3zcvMh5S0AISEvr2WsdKivzt...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK-pxPMUjzXfYEkrHb3HJ7QFcimWb_s-mipXrDmP7Wn8-_iSiqzfoX4k8xp3m756bG3zcvMh5S0AISEvr2WsdKivztrjcWAlw&google_hm=NjQ5ODI4NjMzMDkxMjU4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK-pxPMUjzXfYEkrHb3HJ7QFcimWb_s-mipXrDmP7Wn8-_iSiqzfoX4k8xp3m756bG3zcvMh5S0AISEvr2WsdKivztrjcWAlw&google_hm=NjQ5ODI4NjMzMDkxMjU4NzEwNw%3D%3D
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 11 Mar 2022 10:53:17 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK-pxPMUjzXfYEkrHb3HJ7QFcimWb_s-mipXrDmP7Wn8-_iSiqzfoX4k8xp3m756bG3zcvMh5S0AISEvr2WsdKivztrjcWAlw&google_hm=NjQ5ODI4NjMzMDkxMjU4NzEwNw%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 661A
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEPYpuGWVR-FHkx3LkNCUt5s&google_cver=1&google_push=AYg5qPK5dzVRj7-WVgu9aS2F1-jAm6H8-wuC3yVTbU7u9MsP7TtwqAz1aD7JPpa0QtG6ZR5kV1Wr-g-DeVez7K6V...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK5dzVRj7-WVgu9aS2F1-jAm6H8-wuC3yVTbU7u9MsP7TtwqAz1aD7JPpa0QtG6ZR5kV1Wr-g-DeVez7K6VFGWI0dwkBqEytQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK5dzVRj7-WVgu9aS2F1-jAm6H8-wuC3yVTbU7u9MsP7TtwqAz1aD7JPpa0QtG6ZR5kV1Wr-g-DeVez7K6VFGWI0dwkBqEytQ
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 11 Mar 2022 10:53:17 GMT
via
1.1 edf4d9eb8e5d775f8b1cd6b4e97dd4c6.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
EWR52-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPK5dzVRj7-WVgu9aS2F1-jAm6H8-wuC3yVTbU7u9MsP7TtwqAz1aD7JPpa0QtG6ZR5kV1Wr-g-DeVez7K6VFGWI0dwkBqEytQ
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
hGhH0XRGjXC5PcRUKqnNgV3aiNojDmyRidQ6WUfcljr6nvD4xy0Nyw==
pixel
cm.g.doubleclick.net/ Frame 661A
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
  • https://sync.targeting.unrulymedia.com/csync/RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIwfFTtz5dvYG3vnJGMm...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIwfFTtz5dvYG3vnJGMmdPftnhp8opSQ00cEIq55u8BWEMFF8h_yxQO2Aa3Yo1BOHK1mYetk9zgzLmLB4Tleq1VWVpoyC73KA&google_hm=BTLtXvscLUT2sUhnEIyeAEQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIwfFTtz5dvYG3vnJGMmdPftnhp8opSQ00cEIq55u8BWEMFF8h_yxQO2Aa3Yo1BOHK1mYetk9zgzLmLB4Tleq1VWVpoyC73KA&google_hm=BTLtXvscLUT2sUhnEIyeAEQ
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Fri, 11 Mar 2022 10:53:18 GMT
Server
Tengine
ETag
RX32ed5efb1c2d44f6b14867108c9e0044005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIwfFTtz5dvYG3vnJGMmdPftnhp8opSQ00cEIq55u8BWEMFF8h_yxQO2Aa3Yo1BOHK1mYetk9zgzLmLB4Tleq1VWVpoyC73KA&google_hm=BTLtXvscLUT2sUhnEIyeAEQ
Connection
keep-alive
Content-Type
text/html
pixel
cm.g.doubleclick.net/ Frame 661A
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEJvDT2WpxGTmpGbjYJvpnIs&google_cver=1&google_push=AYg5qPLx9G3cO5Jt3oiDPuaWB1D2yq8B9nNvhisHBsPwPhM4ELoznn49NBMfaCleIosjjT1w4UZABmkM...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEJvDT2WpxGTmpGbjYJvpnIs%26google_cver%3D1%26google_push%3DAYg5qPLx9G3cO5Jt3oiDPu...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A4427270609957140250&exchange=193&google_gid=CAESEJvDT2WpxGTmpGbjYJvpnIs&google_cver=1&google_push=AYg5qPLx9G3cO5Jt3oiDPuaWB1D2yq8B9nNvhisHBsPwPhM4ELoz...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQ0MjcyNzA2MDk5NTcxNDAyNTA&google_push=AYg5qPLx9G3cO5Jt3oiDPuaWB1D2yq8B9nNvhisHBsPwPhM4ELoznn49NBMfaCleIosjjT1w4UZABmk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQ0MjcyNzA2MDk5NTcxNDAyNTA&google_push=AYg5qPLx9G3cO5Jt3oiDPuaWB1D2yq8B9nNvhisHBsPwPhM4ELoznn49NBMfaCleIosjjT1w4UZABmkMY-3jiaoWnlUfVwOdGZa93w
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQ0MjcyNzA2MDk5NTcxNDAyNTA&google_push=AYg5qPLx9G3cO5Jt3oiDPuaWB1D2yq8B9nNvhisHBsPwPhM4ELoznn49NBMfaCleIosjjT1w4UZABmkMY-3jiaoWnlUfVwOdGZa93w
Date
Fri, 11 Mar 2022 10:53:18 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
dot.gif
s0.2mdn.net/ Frame 661A 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESECtkujqQiII1e_84oI_9ZQc&google_cver=1&google_push=AYg5qPKcCTDMUknIv_D9OwRuofFCJ6xGmrKz_nznz1COIyxHNlq6vLbdUM-QrzrsC4ejUmnQDCOddMhz_tyH4O1fEgh0M9VvgiH7Eg
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Mar 2022 10:53:17 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 661A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lqkzm7-saef59ZTHakQ5gSeMWLzU0N8Cjga5Sd6zLDdrCrSRRXsjLlJQfkBTiG0aBYH78DdwE
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
impl_v85.js
www.googletagservices.com/dcm/ Frame 84BC 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v85.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 06:22:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16264
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17382
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 17:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 11 Mar 2023 06:22:13 GMT
p
sb.scorecardresearch.com/ Frame 8A4E 		64 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1646995993902_1&ns_st_ec=2&ns_st_sp=1&ns_st_cn=1&ns_st_ev=pause&ns_st_po=4085&ns_st_cl=1582680&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_pt=4088&ns_st_pa=4088&ns_st_ci=5f90976042b5f03ec594bace&ns_ts=1646995997990&ns_st_bt=0&ns_st_bp=0&ns_st_pc=1&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&c8=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-43.ewr52.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:18 GMT
via
1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
_BDUsoW42Fxj5ZWHYwEuf3nNGyed15mMPT5aH110MoG6-OHEu2u-Pw==
ibs:dpid=771&dpuuid=CAESEJzwkfqLTZpIVYqmHi9qx30&google_cver=1
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Njg1NDcyNTI5NDIyNTM3NzkxNzA3OTgwNjEzMTgxNzEwMzMyMTk=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJzwkfqLTZpIVYqmHi9qx30&google_cver=1?gdpr=0&gdpr_consent=
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJzwkfqLTZpIVYqmHi9qx30&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v026-060c34744.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
spT2YhDVSUI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJzwkfqLTZpIVYqmHi9qx30&google_cver=1?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CONDEVIDEOCONTENT1&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1646995996312&de=266707774452&m=0&ar=359f21c1e97-clean&iw=a0cb2c4&q=10&cb=0&ym=0&cu=1646995996312&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&zMoatVideoId=5f90976042b5f03ec594bace&zMoatAP=true&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&gw=condenastjsvideocontent160527792519&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1145%3A1145%3A0%3A1743&fs=197273&na=1344508432&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:18 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:18 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F4E3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsttQchXH7m57n12QC2m-HNlnRhzJHk96o_sSp9yj5t3X9Ii4DXBI4-XEaeXeQ8u1MCAUHJcg_0Bs-YbKRfg9Fjdjc0XTdlAjkjKIcG-cjsgiKlnVRk&sai=AMfl-YRj7pFGycb3mkbM8MmrKLrlEXHgcEEAx7B01pASsO9TcNrih4vdVBcB9WAeWrml-ITE0uVzYeAfqiAParpWub-JPOwcA5uoKJzckRLpUuQ3bqSR1-jgyr0aKo5c&sig=Cg0ArKJSzJ4CSe6WZmPPEAE&cid=CAASJeRo_O_07n-NJYFWsgRw8WV9erQo38iwoVQawUl4ArnrCPu3Q7k&id=lidar2&mcvt=1437&p=0,315,250,1285&mtos=1437,1437,1437,1437,1437&tos=1437,0,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2385402828&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646995987174&rpt=9311&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F4E3 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstZLGK6FGFND3HkslQsiTQb-4xnqe4MT3hv4_7f_XsCnmrG4bV_zNS7_KfDZzGN-rP0o-P12aZqqql7WaYDWfw5Z79Gt-1cdj9qnj-G0KrkVWyDmmUN2BxTNy_LAP0yyiqC0pkPknpHPXCXWaWTtFAB9SSjqraOyYF8WDuh_wN85OBZ0kZ6-f7Uhwnkjfe_ATalZPWFOthVr89vBThpc_zmz3OZ0WQwOYQGNON22U_p8_-AseeHdQsoE02-1K_JPo5gSnDgHoDirwQ4rGzTeoSID0rE74O3YtDcCrgwMByLwopRpz7vE4EK9Hp1UrMvVruql02b9XfEiPd2AhgJpkmBqOrb79_cA74xJOmZL0po_k087FadN6A9HNMA6XT5goxLdJNU-sRL9oQdPMQP3JQmn3ZMsd0o1mJxdjmR-Te6x8LmMSvI8-O5pl0KL_CmPsQ95rU748nQW2LIDDLDUfw4KfUhXG2iFm2RvG-pxHSM4lJ0fwv0E8GuLoMwy3BjvQm_Ad6EcH1p2oS9PJn5esXGwMoyrTF1RXMNzfo6mhVbWSowg3nMLG48JG7_2EFr1yYhiZTBZRfKjvfG1Fr8047b0A4su_zNEjuk7BVm0sJw0q3pWMr06dRWdcHvt6NtC-_eWJfPiC_-DlKtso6juUGcgQX3aBBBaM6HtBfIJwB239lDW0aZgK0pZ3A67PGMILU4RmK7P60Dx4ZkxlNUXWwSOPPw0zf6a-Bm9xjSDEqjy2ecxQ6H5l7hvkC3TvQ3QH8PresEgW4UW18ntmMprR1m4avQzTo9DWgzbMDHcP4RZO3DFKL_i0PLqhdcN6DmYaBjxSFR5gEYUQg3TVnPIeOGdicsab-NzgEFDMviiNoXn6XQHxPryALqbzlWrtNP0YK640__IHdcZ9Pv_K9y1Yf_q42UqHXLbV0FARQ9q7Dljw-Mh6sMtGa4QFAFN_KEncs7WjiB5oqOCxhmt-9zI2sIwqRUTHdXK2jyeMWw7LImcP2ZYdrgIIQ9v1hIeHS9ylHLCYrinH2H7eN9I__jbrXCfRWdomsUeIm4WelMW11rnMzmjbXNK5vO1qaPW5FpLr8cVvVGL8ElDnpXSDiCpDHK1gdEvsPRhYiBfJZkHYQ-rmzICaXJSFNXUGhIIkDiBjvXGOR1p87M4FrFESdvqaL9gFEgiWbyhuacpAvEbFxAJV-27uIy5qeY_I4mR6ZBB5O5IJRDVNzm593YitZYN-TaZ9gR_iRwUnRey26qv_bpi4ADdfAlbr4vslMFEKiaJK3ZQuJm2V53DAkgITWtgr9YTxs&sai=AMfl-YQiwQGbbrYXUhOSG5snkeODIUGZ08gNMrwjmTNYixCzcpwlA73dPZd0LVvYVvEdUjfvlHmGliMFXVO-iNF7TeW0KRAXPVn4gERtaKmeV1vy9KD18KD83_Wu4Hnta3RoX6IGpfqNnS1XavPxvzryzHuHa5BNLYQ8WLPe3Mq6yAXe5gO8BXyMZK5T3cA1Mj1khSnaV5pLjAcDyOo31pmJNfoR&sig=Cg0ArKJSzL14iRaAuEPREAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=4491&vt=11&dtpt=2457&dett=3&cstd=2027&cisv=r20220308.33336&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:18 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
PugMaster
image6.pubmatic.com/AdServer/ Frame 0975 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65783153&p=156512&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.28.7.81 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
d6803b29c8b5ba508c6163da094be46245d869934ba58b6aed13820e8606aa8b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:17 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
moatvideo.js
z.moatads.com/condenastinlineint626489506216/ Frame 8A4E 		317 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/condenastinlineint626489506216/moatvideo.js
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b530b7a174b5a22906440ec7ecc1bcc1232b34bc4f9ade2e3af37563f888fa5d

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:18 GMT
content-encoding
gzip
last-modified
Mon, 07 Mar 2022 17:16:15 GMT
server
AmazonS3
x-amz-request-id
AZVPX4NPZY947AJX
etag
"0c938c1901b1dfe45de269aa5b4cb9a2"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=9425
accept-ranges
bytes
content-length
108363
x-amz-id-2
Q9TcIDneLYSfDbqFcpQKeqOs2pUpyYO+dfzbVIqOBMekE7QZk6WMKwriMgu4ZnviegR1v8Sp1+o=
track
capture.condenastdigital.com/ Frame 8A4E 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A18.306Z&_c=Video%20Ad&_t=Ad%20Metadata&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&cId=5f90976042b5f03ec594bace&cKe=war%20stories%2Cars%20war%20stories%2Cars%20technica%20war%20stories%2Cwar%20stories%20nintendo%2Cars%20technica%20nintendo%2Cars%20nintendo%2Cnintendo%20entertainment%20system%2Cnintendo%20power%2Cnintendo%20power%20magazine%2Cnintendo%201985%2Cnintendo%201986%2Cnintendo%20of%20america%2Cgail%20tilden%2Cnes%2Cn.e.s.%2Cnes%20launch%2Cnes%201985%2Cgail%20tilden%20nintendo%2Cg%20tilden%20nintendo%2Cgail%20tilden%20nintendo%20power%2Coriginal%20nes%2C8bit%20nes%2C8bit%20nintendo%2Chistory%20of%20nintendo%2Chistory%20of%20nes%2Cars%20nes%2Cars%20technica%20nes&cPd=2020-10-29T15%3A00%3A00%2B00%3A00&cTi=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=1582&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pWw=276&pWh=155.25&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=8a88dde5-85d6-4eb8-99f5-d9efef957024&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2201b4160%22%2C%22guid%22%3A%228b6d854e-a1a9-f2f2-b709-2dd5f43cd4e3%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&videoViews=1&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:18 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
ibs:dpid=992&dpuuid=1tfnqezd9oppq
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://idpix.media6degrees.com/orbserv/hbpix?pixId=16873&pcv=70&ptid=66&tpuv=01&tpu=68547252942253779170798061318171033219
  • https://dpm.demdex.net/ibs:dpid=992&dpuuid=1tfnqezd9oppq
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=992&dpuuid=1tfnqezd9oppq
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v026-07b68e4a8.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
42+IZks5Qk4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://dpm.demdex.net/ibs:dpid=992&dpuuid=1tfnqezd9oppq
cache-control
no-cache
cf-ray
6ea3bedf3b027139-YUL
content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame B849 		70 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&sz=640x360%7C480x70&ciu_szs=1x1&cust_params=m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dgv_crime%252Cmoat_unsafe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26env_device_type%3Ddesktop%26ctx_template%3Darticle%26content_type%3Darticle%26ctx_page_channel%3Dinformation-technology%26env_server%3Dproduction%26ctx_cns_version%3D6.56.5%26ctx_page_slug%3Dfeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%26cnt_tags%3Dcriminal-justice%252Cextortion%252Cindictments%252Cransomware%26cnt_copilotid%3D%26usr_bkt_eva%3D100%26usr_bkt_ses%3D26%26usr_bkt_pv%3D64%26usr_pvc_bs%3D1%26usr_pvc_24hr%3D1%26usr_pvc_30d%3D1%26usr_svc_30d%3D1%26ctx_ses_soc%3Dnone%26ctx_ref_soc%3Dnone%26ctx_ref_url%3Dnone%26usr_auth%3Dfalse%26vnd_prx_segments%3D999998%26vnd_4d_cached%3D0%26vnd_4d_ctx_sg%3D%26vnd_4d_ctx_topics%3D%26vnd_4d_ctx_entities%3D%26vnd_4d_ctx_keywords%3D%26vnd_4d_usr_topics%3D%26vnd_4d_usr_wt%3D%26vnd_4d_xid%3D%26ctx_line_items%3D%26timeout%3D500%26height%3D155%26muted%3D1%26right_rail%3D0%26sensitive%3D0%26series%3D5c82bd18bcdfff6f1f2fc5e7%26width%3D276&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&pmnd=0&pmxd=30000&pmad=2&max_ad_duration=30000&vrid=1152515&ppid=8a88dde585d64eb899f5d9efef957024&sid=60285F20-5F79-4679-B13E-11E3CC8D51C6&adk=3408565466&correlator=1247721029048928&dlt=1646995984202&dt=1646995998440&ged=timeout&idt=8379&is_amp=0&omid_p=Google1%2Fh.3.503.0&osd=2&scor=2691703139664711&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&vis=1&u_so=l&hl=en&frm=0&cmsid=1495&sdki=44d&sdkv=h.3.503.0&sdr=1&video_doc_id=5f90976042b5f03ec594bace&nel=0&kfa=0&tfcd=0&ctv=0&cookie=ID%3Dc0d5607e9ac7d54c%3AT%3D1646995983%3AS%3DALNI_MaTKKKWzO4ygPJr4VtVBpOnLfT8Jg
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.503.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
6703a15cac2e132591d86dd3a41eda1bd2370028396c51d905950b5cf7e6f200
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8997
x-xss-protection
0
google-lineitem-id
5743013948,5297377134,5277835878
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138375420838,138300140330,138363094787
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
capture.condenastdigital.com/ Frame 8A4E 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A18.501Z&_c=Player%20Event&_t=Pause%20Video&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&cId=5f90976042b5f03ec594bace&cKe=war%20stories%2Cars%20war%20stories%2Cars%20technica%20war%20stories%2Cwar%20stories%20nintendo%2Cars%20technica%20nintendo%2Cars%20nintendo%2Cnintendo%20entertainment%20system%2Cnintendo%20power%2Cnintendo%20power%20magazine%2Cnintendo%201985%2Cnintendo%201986%2Cnintendo%20of%20america%2Cgail%20tilden%2Cnes%2Cn.e.s.%2Cnes%20launch%2Cnes%201985%2Cgail%20tilden%20nintendo%2Cg%20tilden%20nintendo%2Cgail%20tilden%20nintendo%20power%2Coriginal%20nes%2C8bit%20nes%2C8bit%20nintendo%2Chistory%20of%20nintendo%2Chistory%20of%20nes%2Cars%20nes%2Cars%20technica%20nes&cPd=2020-10-29T15%3A00%3A00%2B00%3A00&cTi=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=1582&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pWw=276&pWh=155.25&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=8a88dde5-85d6-4eb8-99f5-d9efef957024&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2201b4160%22%2C%22guid%22%3A%228b6d854e-a1a9-f2f2-b709-2dd5f43cd4e3%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:18 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&i=CONDEVIDEOCONTENT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=0&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995996312&de=266707774452&cu=1646995996312&m=1414&ar=359f21c1e97-clean&iw=a0cb2c4&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=0&ag=215&an=0&gf=215&gg=0&ez=1&aj=1&pg=100&pf=0&ib=0&cc=0&bw=215&bx=0&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1386&cd=0&ah=1386&am=0&dq=429&dr=0&ds=429&dt=0&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&rf=0&re=0&cl=0&at=0&d=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5f90976042b5f03ec594bace&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1642854078&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:18 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:18 GMT
B27259083.328419364;dc_ver=85.248;dc_eid=40004001;sz=300x600;u_sd=1;gdpr_consent=null;gdpr=0;dc_adk=1021063925;ord=dwar7t;click=https%3A%2F%2Fpresentation-atl1.turn.com%2Fr%2Fformclick%2Furlid%2F1D...
ad.doubleclick.net/ddm/adj/N46002.4197682SPEARFISH/ Frame 84BC 		49 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N46002.4197682SPEARFISH/B27259083.328419364;dc_ver=85.248;dc_eid=40004001;sz=300x600;u_sd=1;gdpr_consent=null;gdpr=0;dc_adk=1021063925;ord=dwar7t;click=https%3A%2F%2Fpresentation-atl1.turn.com%2Fr%2Fformclick%2Furlid%2F1DhorJi4Esm_KTImoKt_AdUdiPmfAnGrTYTZZguh4hRlZg_XNKu2bmBq3CCVPaN5ZhzmXRNAsUGCV2SRhiWXBJQVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiPH8aNlM8Mg0HcjiYdfEhoO8K0XGVTAg2AHN5sPe8leOswD9bP6BDOMs3U90ToOThit5LDa5AzomEr7Vp98inouTNZdACyFHTyx7ymaICVaUaEcLK7AsKBSjzDi_-b69IVnr6v1HrATFo0W-HabdiuQZ_O0JERoVzUgibbxSmRrpogJqIglsM1r52PvRQE7x6E_1rTYHileDcSEp9i2oWw3miqO00etsvEORK4U7F7X1A-Q-boTgPTcWEB676stBKd2cK9IoxoNPvVuT3KTnzWCVhpVpqZPEZj3-z4FecsDm6t5WweVmFbaRZRP5wegy70htXKGbkQpZKYkYLgE3Xyep65fdaDhiRBX_UkV1MyzrxVivVeOJxu3ToWP7KLT4dUERDw6WOeJJ4lrlfHUVzFuHHdFz2AMFKTy2Iu-9vbmZ-FScr0Ifj1HeooXW8anB6AKdtxipRfya3hblC5HBWEY_T-ztMgZ3PdL_XdpQpMfvy1Uj10Tywc9NjUkR3in8C7-5VJjeKz0PdRGi9j7WQTLDMrgUwzWRUuPTMGM_sfzGngh67C9gsELfnEMDlFF9gKMOHbfBQNNM0sjbERWI9DKEY4AyCzfFV9vKURL2a5am3alwfAw4g92P7H6OsnYW7HbIIiIt7DB_IW3XMuz-UbWjbpMu84JgZPO9Z8t1JFo9xiaAVcezyn7ZWEsApENFTRhym0HUJxho69wCywlDZwBYIgRx6aIdkXNs3Dhf_HW2PTaWMWi0eP-SxBcuVs7pJdED4LuCp_R00bIKW-lSNQp1Wmz0GO97BV9V73BbPnmmLbCuOVAkV5D5WLyQtJVqNzKRIcfXt4Na0GaBH7fSkOB%2Furl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=3,https%3A%2F%2Farstechnica.com%2F$0;xdt=1;crlt=IJtA(9'vXc;gcsr=m;sttr=659;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.64.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s31-in-f6.1e100.net
Software
cafe /
Resource Hash
c3faa6fe93cd06ba2fe1b17eae4d41227a20ca39ef3eae99b3b504b478b89bc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24833
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F4E3 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7bf791dd0690f29ec4ce774e933cf1229e265a55de015bd5fc832ea1b2f47dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5462
x-xss-protection
0
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-P1P55J3LNW&gtm=2oe370&_p=798283911&sr=1600x1200&ul=en-us&cid=1262709198.1646995983&dl=%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&dr=%2F&dt=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week%20%7C%20Ars%20Technica&sid=1646995988&sct=1&seg=0&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P1P55J3LNW&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
analytics.twitter.com/i/ Frame 83DF 		43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?p_user_id=68547252942253779170798061318171033219&p_id=38594
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_b /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time
6
date
Fri, 11 Mar 2022 10:53:18 GMT
server
tsa_b
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
fec3b62b6e76af3fc431efdab53e1d9293f96976fdb4457ef7110d50ab427940
content-length
43
log
hblg.media.net/ Frame 73DC 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=2&spSource=0&ifst=0&vid=fd3ab600-26c2-41e1-af23-34ba07f933eb&s_city=montreal&ugd=4&exp=sfl%3Dfalse%7Cmd_rp%3D1%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7CssProfile%3D0%7Cdbr%3D1&app=0&ctr=-1.0&ae=false&mx_UCC=2&prspt=headerBid&usp_status=0&seat=1566&og_cbdp=1.151&screeninfo=1600x1200&size=300x600&mx_gpid_sent=false&xtmax=350&commit_id=5f59afe1&itypeid=3&mx_SPRIG=1&viewability=-1&renderer=0&be=0&rtime=39.0&adj0=0.0&s_ip=149.56.153.179&adj2=10.0&adj1=0.0&usp_string=1---&mx_lr_seg_cnt=0&adtypes=0&mx_aabpc=0&reqid=fd3ab600-26c2-41e1-af23-34ba07f933eb&sc=QC&sd=-1&mowxReqId=a047d3e1c3964bcc94d8a48d86740289_3&ifdp=0&requrl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&bidrestime=1646995984657&pv_adtype=0&cc=CA&strg=no_strategy&pcrid=1608461493&pbasrc=0&coppa_enf=true&is_rewarded=false&bdp=1.279&ct=montreal&spIsReq=3&s=1&abs=0%7C0%7Cnxblock%3D-1%7Cno_strategy%7Cbrr%3D1&mx_epbc=8CU65UN7R&dnt_enf=false&mx_ssBucket=0&vls=0&asn=16276&mang=1&mx_isLossNtf=false&advUrl=discoversouthcarolina.com&dn=arstechnica.com&pgcatiab2=596&dt=O&acid=a047d3e1c3964bcc94d8a48d86740289&actltime=94&act=headerBid&iframingState=0&ufca=0&mx_lr_seg_deal=0&dfpBd=1.151&sckfl=0&mx_lr=0&coppa_applied=N&mx_adid=52361067&bfs=103&rfc=1&prvApiId=8CU65UN7R&epcexp=false&pubid=pub-8CU65UN7R&mx_bsProfile=3&cid=8CU65UN7R&bcrid=16320108461493&omul=1.0&res_mtype=0&apPrfs%3C%3E=13&pgcatiab=IAB19&chnl=no_strategy&pst=0&reqsize=300x600&adpos=0&itype=PREBID&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CU65UN7R&tgtval=pub-8CU65UN7R&__expireat=1646997784911&gsi=0&reftype=0&prvAccId=210143284&ckfl=0&pgcatsprig=1227&lper=1&mx_tgs=300x250%7C300x600&cbdp=1.151&pvdTmax=299&ltime=91.0&epc=210143284&prvReqId=7724748547169_1333141290_2101432842011&bId=1608435242&exid=78&spFst=0&mx_GCID=0&cliIPType=v4&pexid=PREBID-8CU65UN7R&brsrclk=0&mx_g_uid_cvrg%3C%3E=pubcid&rtttime=96&apTags%3C%3E=75&mx_PC=1&wsip=mowx-754d75bc5d-8qckq&currsrc_date=2022-03-09+00%3A00%3A00&mx_divid=rail_300x250_300x600&geoll=false&debug_ts=2022-03-11+10%3A53%3A04&mx_ssProfile=0&mx_SC=0&reftime=15000&pbidflr=0.056&spbf=0&currsrc=API&fpusp=false&mnrfc=1&moau=false&ocurr=USD&stagid=rail_300x250_300x600&snm=SUCCESS&mx_IAB2=1&usp_enf=1&bidflr=0.050&coppa_status=N&pid=8PRL4E7N3&spTo=3&pvid=201&mx_mrpp_key=profile_1&is_ortb=false&mx_aurl_hc=0&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=0&dbf=1&gdpr=0&csip=rtb-control-common-84d6d6dc9-dg62x.SC&mx_bsBucket=4&mx_aurt=0&spIvt=3&dsid=rail_300x250_300x600&ptype=23&media=0&smsrc=1&acsn=1&dtc=east_sc&cat=IAB20-8&mx_aqcpl_crid=4&ogbdp=1.279&tpbTkn=false&fpuReq=0&vcmplrt=-1.0&crid=210143284&geo_source=2&sat=0&mnet_ckfl=0&mp_seg%3C%3E=44629%23%2315607%23%2317212%23%2361085%23%237685%23%2317191%23%2358550%23%2361049%23%2361052%23%2361967&dfpDiv=rail_300x250_300x600&opbidflr=0.056&impId=493aa5787fa4d5a&rme=adm&evttyp=1
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:18 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Fri, 11 Mar 2022 10:53:18 GMT
9eb465d5-d2e9-4e67-8894-fcf0835b4feb.jpg
s0.2mdn.net/sadbundle/13230765150597808128/ Frame 2441 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13230765150597808128/9eb465d5-d2e9-4e67-8894-fcf0835b4feb.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c57bfdd896272485aa1fd780be7be5386876c8a1dcef8abd3d811ec48313491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13230765150597808128/CR_popcornews.com_BL_CA_PC_Nongoogle_creative.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 13:59:03 GMT
x-content-type-options
nosniff
age
334455
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118553
x-xss-protection
0
last-modified
Sun, 27 Feb 2022 15:17:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Mar 2023 13:59:03 GMT
sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js
pagead2.googlesyndication.com/bg/ Frame 4EBB 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 06:46:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
187580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13820
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Mar 2023 06:46:58 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F4E3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 11 Mar 2022 10:53:18 GMT
match
c1.adform.net/serving/cookie/ Frame BB43 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=8763B6A3-D1B4-4E71-AF29-58D268671E50
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.167.164.37 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Mar 2022 10:53:18 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 3AEA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YisqEAAAAByHOAQr&gdpr=0&gdpr_consent=
1 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YisqEAAAAByHOAQr&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Mar 2022 10:53:19 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
njrpug017:0:544
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Varnish
retry-after
0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YisqEAAAAByHOAQr&gdpr=0&gdpr_consent=
accept-ranges
bytes
date
Fri, 11 Mar 2022 10:53:18 GMT
via
1.1 varnish
x-served-by
cache-yul12822-YUL
x-cache
HIT
x-cache-hits
0
x-timer
S1646995999.898847,VS0,VE0
cache-control
no-cache
pragma
no-cache
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 550F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4f1b622b-2a11-4300-89bc-81aa7c7a5721&gdpr=0&gdpr_consent=
42 B
339 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4f1b622b-2a11-4300-89bc-81aa7c7a5721&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Mar 2022 10:53:19 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug008:0:509
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Fri, 11 Mar 2022 10:53:18 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
Keep-Alive
timeout=360
Access-Control-Allow-Origin
*
Server
MT3 4256 109297d master iad-pixel-x18 config:1.0.0
Cache-Control
no-cache
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:4f1b622b-2a11-4300-89bc-81aa7c7a5721&gdpr=0&gdpr_consent=
Expires
Fri, 11 Mar 2022 10:53:17 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 2106
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFERExFN0VWbFFBQUN0bmpkMmw2UQ&bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pp%2Csyn%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADDLE7EVlQAACtnjd2l6Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsyn%252Csas%252Cpm%26bee_sync_current_partne...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=syn%2Csas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AADDLE7EVlQAACtnjd2l6Q&pid=558502&do=add
  • https://sync.technoratimedia.com/services?srv=cs&pid=73&uid=AADDLE7EVlQAACtnjd2l6Q&cb=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dsy...
  • https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas,pm&bee_sync_current_partner=syn&bee_sync_initiator=adx&bee_sync_hop_count=3
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADDLE7EVlQAACtnjd2l6Q
42 B
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADDLE7EVlQAACtnjd2l6Q
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Mar 2022 10:53:19 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug015:0:1007
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Fri, 11 Mar 2022 10:53:19 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADDLE7EVlQAACtnjd2l6Q
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 1A83
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
206 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Mar 2022 10:53:19 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug006:0:372
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Fri, 11 Mar 2022 10:53:18 GMT
server
Kestrel
content-length
0
cache-control
no-cache
pragma
no-cache
expires
Fri, 11 Mar 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1291480
strict-transport-security
max-age=31536000; preload;
Pug
image2.pubmatic.com/AdServer/ Frame 3C75
Redirect Chain
  • https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_d8ea72eaab5e46e287f5a
42 B
214 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_d8ea72eaab5e46e287f5a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Mar 2022 10:53:19 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug020:0:512
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref='http://cdn.deepintent.com/p3p.xml', CP='NON CUR DEV TAI'
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw&piggybackCookie=di_d8ea72eaab5e46e287f5a
content-type
image/gif
content-length
0
date
Fri, 11 Mar 2022 10:53:18 GMT
server
b
Pug
simage2.pubmatic.com/AdServer/ Frame 1EC3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T4MRBqprSD9zkcsEDgDw1ZU4mbM
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T4MRBqprSD9zkcsEDgDw1ZU4mbM
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Mar 2022 10:53:19 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug005:0:537
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Fri, 11 Mar 2022 10:53:19 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=T4MRBqprSD9zkcsEDgDw1ZU4mbM
Content-Length
159
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 1A77
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=763c50f8-a129-11ec-ba1d-13cc640753b5
42 B
503 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=763c50f8-a129-11ec-ba1d-13cc640753b5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Mar 2022 06:42:07 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug025:0:496
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Date
Fri, 11 Mar 2022 10:53:19 GMT
Content-Type
image/gif
Content-Length
0
Connection
keep-alive
server
Cowboy
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=763c50f8-a129-11ec-ba1d-13cc640753b5
X-RealServer-NX
lga-delivery-6
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
pbmtc.gif
beacon.lynx.cognitivlabs.com/ Frame 1B87
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0xJnR5cGU9MSZjb2RlPTM0MzkmdGw9MTI5NjAw&piggybackCookie=5dd9b3c4-2b86-4156-8d0e-df02802af0ce&r=https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=$...
  • https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=8763B6A3-D1B4-4E71-AF29-58D268671E50
42 B
357 B 		Document
General
Check archive.org
Download Go to
Full URL
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=8763B6A3-D1B4-4E71-AF29-58D268671E50
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.215.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-215-67.compute-1.amazonaws.com
Software
Kestrel /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 11 Mar 2022 10:53:19 GMT
content-type
image/gif
content-length
42
server
Kestrel

Redirect headers

server
nginx
date
Fri, 11 Mar 2022 10:53:19 GMT
x-lat
njrpug013:0:567
location
https://beacon.lynx.cognitivlabs.com/pbmtc.gif?puid=8763B6A3-D1B4-4E71-AF29-58D268671E50
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
i.match
a.tribalfusion.com/ Frame 122B 		43 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 11 Mar 2022 10:53:19 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6ea3bee23ceb7154-YUL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 7166
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:WmVnYQcI1NsCTu5&gdpr=0&gdpr_consent=
42 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:WmVnYQcI1NsCTu5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Mar 2022 05:55:07 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug028:0:396
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Cache-Control
no-cache, must-revalidate
Date
Fri, 11 Mar 2022 10:53:18 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:WmVnYQcI1NsCTu5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-04c32c71432e428cf@us-east-1b@dxedge-app-us-east-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame 984E
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=6
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=654219918252
42 B
206 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=654219918252
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Mar 2022 10:53:19 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug018:0:484
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Content-Length
0
Access-Control-Allow-Origin
*
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI5NDcmdGw9MTI5NjAw&piggybackCookie=654219918252
Pug
simage2.pubmatic.com/AdServer/ Frame 1BD4
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005&rndcb=7698552522
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=82063e31-d895-4c78-815b-e5685b556304
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=82063e31-d895-4c78-815b-e5685b556304
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=66501900-d67a-40b1-a924-cf3f6bdd21a4&ssp=adconductor&expires=30&user_group=5&bsw_param=82063e31-d895-4c78-815b-e5685b556304
  • https://sync.1rx.io/usersync/bidswitch/82063e31-d895-4c78-815b-e5685b556304?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005
42 B
394 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Mar 2022 05:54:08 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug024:0:448
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
Tengine
Date
Fri, 11 Mar 2022 10:53:19 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005
ETag
RX32ed5efb1c2d44f6b14867108c9e0044005
Pug
simage2.pubmatic.com/AdServer/ Frame B19D
Redirect Chain
  • https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
  • https://um.simpli.fi/bnmlahttps%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D6%26uuid%3D%24UID
  • https://match.bnmla.com/usersync?dspid=6&uuid=88A43826E64D4192B957B7C4E6FE616D
  • https://sync.technoratimedia.com/services?srv=cs&pid=70&cb=https%3A%2F%2Fmatch.bnmla.com%2Fusersync%3Fdspid%3D170%26uuid%3D%5BUSER_ID%5D
  • https://match.bnmla.com/usersync?dspid=170&uuid=494D3CE41C99400BA621FD0E3E02E377
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=4b015e21-91d7-4216-ac8f-018a39260d41
42 B
379 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=4b015e21-91d7-4216-ac8f-018a39260d41
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Mar 2022 05:12:26 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug026:0:423
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 11 Mar 2022 10:53:19 GMT
Content-Length
0
Connection
keep-alive
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw&piggybackCookie=4b015e21-91d7-4216-ac8f-018a39260d41
Pug
image2.pubmatic.com/AdServer/ Frame FB19
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/15?redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA%3D%3D%26piggybackCookie%3D%24DSP_CKID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6ca62cbf-06fe-4d09-904c-455965eae6d8
1 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6ca62cbf-06fe-4d09-904c-455965eae6d8
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Mar 2022 10:53:19 GMT
content-type
text/html; charset=utf-8
content-length
1
x-lat
njrpug011:0:580
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

date
Fri, 11 Mar 2022 10:53:19 GMT
content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQzNSZ0bD00MzIwMA==&piggybackCookie=6ca62cbf-06fe-4d09-904c-455965eae6d8
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=15724800; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 0E3E
Redirect Chain
  • https://px.owneriq.net/epm?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=$UID
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fsimage2.pubmatic.com%2fAdServer%2fPug%3fvcode%3dbz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw%26piggybackCookie%3dQ7002823991353312790&uid=Q700282399135331...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7002823991353312790
42 B
391 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7002823991353312790
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Mar 2022 05:54:07 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug024:0:458
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
Apache/2.4.6 (CentOS)
Content-Length
154
Content-Type
text/html
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzMmdGw9MTI5NjAw&piggybackCookie=Q7002823991353312790
X-Powered-By
PHP/7.3.33
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Vary
Accept-Encoding
Cache-Control
max-age=40909
Date
Fri, 11 Mar 2022 10:53:19 GMT
Connection
keep-alive
Pug
image2.pubmatic.com/AdServer/ Frame E721
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HzIO2IQ6BCiPRPFEHyorYg
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HzIO2IQ6BCiPRPFEHyorYg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Fri, 11 Mar 2022 10:53:19 GMT
content-type
image/gif; charset=utf-8
content-length
42
x-lat
njrpug006:0:470
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
nginx
date
Fri, 11 Mar 2022 10:53:19 GMT
content-type
text/html; charset=utf-8
content-length
153
cache-control
no-store
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=HzIO2IQ6BCiPRPFEHyorYg
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 7091
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e608c96d-793e-4b06-b808-da3dae17fadc-tuct924af9f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
149 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e608c96d-793e-4b06-b808-da3dae17fadc-tuct924af9f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
accept-ranges
bytes
date
Fri, 11 Mar 2022 10:53:19 GMT
via
1.1 varnish
x-served-by
cache-yul12830-YUL
x-cache
MISS
x-cache-hits
0
x-timer
S1646995999.364520,VS0,VE9
content-length
0

Redirect headers

server
nginx
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=e608c96d-793e-4b06-b808-da3dae17fadc-tuct924af9f&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
accept-ranges
bytes
date
Fri, 11 Mar 2022 10:53:19 GMT
via
1.1 varnish
x-served-by
cache-yul12824-YUL
x-cache
MISS
x-cache-hits
0
x-timer
S1646995999.227881,VS0,VE12
x-vcl-time-ms
12
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0975
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=h2O2o9G0TnGvKVjSaGceUA%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
23.52.161.180 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-161-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:19 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=140359
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Sun, 13 Mar 2022 01:52:38 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:19 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
362588.gif
idsync.rlcdn.com/ Frame 0975
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=8763B6A3-D1B4-4E71-AF29-58D268671E50
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveramp&ttd_tpi=1
  • https://idsync.rlcdn.com/362588.gif?partner_uid=6e0633dc-a403-42d4-8fdd-03bcf8268488
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362588.gif?partner_uid=6e0633dc-a403-42d4-8fdd-03bcf8268488
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:20 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://idsync.rlcdn.com/362588.gif?partner_uid=6e0633dc-a403-42d4-8fdd-03bcf8268488
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
SPug
image4.pubmatic.com/AdServer/ Frame 0975
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4f1b622b-2a11-4300-89bc-81aa7c7a5721
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 11 Mar 2022 10:53:19 GMT
Server
MT3 4256 109297d master iad-pixel-x22 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=4f1b622b-2a11-4300-89bc-81aa7c7a5721
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 11 Mar 2022 10:53:18 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0975
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3480839182339453453&gdpr=0&gdpr_consent=&us_privacy=
1 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3480839182339453453&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 06:42:07 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug025:0:361
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3480839182339453453&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 11 Mar 2022 10:53:18 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 0975
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6e0633dc-a403-42d4-8fdd-03bcf8268488
42 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6e0633dc-a403-42d4-8fdd-03bcf8268488
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:19 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug014:0:585
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:19 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=6e0633dc-a403-42d4-8fdd-03bcf8268488
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
8763B6A3-D1B4-4E71-AF29-58D268671E50
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0975 		43 B
987 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/8763B6A3-D1B4-4E71-AF29-58D268671E50?gdpr=0&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:4e9:5a02:46a:34b7:83ca:e02c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:19 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 0975
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=8763B6A3-D1B4-4E71-AF29-58D268671E50&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZHdA.elE2uXkfgwB44kZ4r4b6EBH9t4-~A&gdpr=0&gdpr_consent=
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZHdA.elE2uXkfgwB44kZ4r4b6EBH9t4-~A&gdpr=0&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:18 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ZHdA.elE2uXkfgwB44kZ4r4b6EBH9t4-~A&gdpr=0&gdpr_consent=
date
Fri, 11 Mar 2022 10:53:19 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
image2.pubmatic.com/AdServer/ Frame 0975
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7380764466701486637&gdpr=0&gdpr_consent=
42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7380764466701486637&gdpr=0&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 04:50:43 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug027:0:407
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:19 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
eb265662-1c1b-47ad-bfc2-7a536dcf6bdd
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7380764466701486637&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 0975
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=8763B6A3-D1B4-4E71-AF29-58D268671E50&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6a7beb961a97120d&is_secure=true&networkId=17100&version=1&nuid=8763B6A3-D1B4-4E71-AF29-58D268671E50&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGaswxrVgJdAN9ySjpAAAAAAA&expiration=1647082399&nuid=8763B6A3-D1B4-4E71-AF29-58D268671E50&...
42 B
299 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGaswxrVgJdAN9ySjpAAAAAAA&expiration=1647082399&nuid=8763B6A3-D1B4-4E71-AF29-58D268671E50&is_secure=true&gdpr_consent=&gdpr=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:20 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug003:0:606
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:19 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAGaswxrVgJdAN9ySjpAAAAAAA&expiration=1647082399&nuid=8763B6A3-D1B4-4E71-AF29-58D268671E50&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0975
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=738e2803-a129-11ec-a977-0544ef27bb02&gdpr=0&gdpr_consent=
1 B
251 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=738e2803-a129-11ec-a977-0544ef27bb02&gdpr=0&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 05:55:07 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug028:0:427
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=738e2803-a129-11ec-a977-0544ef27bb02&gdpr=0&gdpr_consent=
Date
Fri, 11 Mar 2022 10:53:18 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
76352c8f-a129-11ec-a977-0544ef27bb02
Pug
image2.pubmatic.com/AdServer/ Frame 0975
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UpEFzlbCBp5JxQScXZYalVGQDp1JmwOYB5TTwl7K
42 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UpEFzlbCBp5JxQScXZYalVGQDp1JmwOYB5TTwl7K
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:19 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug001:0:673
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=UpEFzlbCBp5JxQScXZYalVGQDp1JmwOYB5TTwl7K
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
CookieSyncPubMatic&gdpr=0&gdpr_consent=
rtb.adentifi.com/ Frame 0975 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieSyncPubMatic&gdpr=0&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.124.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-124-234.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:19 GMT
content-length
0
content-type
text/plain
sync
x.bidswitch.net/ Frame 0975
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=82063e31-d895-4c78-815b-e5685b556304&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10601403155718488451&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5&ssp=pubmatic&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=[mPlatform_cookie_ID]&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=163850804087006939230&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10601403155718488451&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10601403155718488451&ssp=%3CSSP_VALUE%3E&gdpr=0&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
35.211.178.172 North Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
172.178.211.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:22 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:21 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
location
https://x.bidswitch.net/sync?dsp_id=419&user_id=10601403155718488451&ssp=<SSP_VALUE>&gdpr=0&gdpr_consent=
cache-control
no-cache, no-store, must-revalidate
alt-svc
clear
content-length
0
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0975
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341&gdpr=0&gdpr_consent=
42 B
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341&gdpr=0&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:19 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug010:0:467
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:18 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
sn.ashx
pmp.mxptint.net/ Frame 0975
Redirect Chain
  • https://pmp.mxptint.net/sn.ashx?&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjc0NCZ0bD0xNTc2ODAw&piggybackCookie=R1D531_EC8FEA92_AA647E30&r=https://pmp.mxptint.net/sn.ashx?ak=1
  • https://pmp.mxptint.net/sn.ashx?ak=1
43 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pmp.mxptint.net/sn.ashx?ak=1
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
38.67.14.233 Fredericksburg, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
Strict-Transport-Security max-age=-329982800; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:20 GMT
Cache-Control
no-cache
Expires
-1
Content-Length
43
Strict-Transport-Security
max-age=-329982800; includeSubDomains
Content-Type
image/gif

Redirect headers

location
https://pmp.mxptint.net/sn.ashx?ak=1
date
Fri, 11 Mar 2022 10:53:20 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug005:0:582
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 0975
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3647879326392102687
42 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3647879326392102687
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:19 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug011:0:558
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:19 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3647879326392102687
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=1&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995996312&de=266707774452&cu=1646995996312&m=1443&ar=359f21c1e97-clean&iw=a0cb2c4&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=0&ag=215&an=215&gf=215&gg=215&ez=1&aj=1&pg=100&pf=100&ib=0&cc=0&bw=215&bx=215&dj=1&aa=0&ad=0&cn=0&gk=0&gl=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1386&cd=1386&ah=1386&am=1386&dq=429&dr=429&ds=429&dt=429&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ef=1&rf=0&re=0&cl=0&at=0&d=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5f90976042b5f03ec594bace&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1802553642&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:19 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:19 GMT
ibs:dpid=1175&gdpr=0&dpuuid=xuBtJ8KzbnfdtGx1yedyfMXhZnTd6mtxk-X9jov5
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=xuBtJ8KzbnfdtGx1yedyfMXhZnTd6mtxk-X9jov5
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=xuBtJ8KzbnfdtGx1yedyfMXhZnTd6mtxk-X9jov5
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v026-07bed299c.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
lwt16eaqSJc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:19 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dpm.demdex.net/ibs:dpid=1175&gdpr=0&dpuuid=xuBtJ8KzbnfdtGx1yedyfMXhZnTd6mtxk-X9jov5
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame B849 		18 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?gdfp_req=1&env=vp&unviewed_position_start=1&sz=640x360&output=xml_vast4&ad_rule=0&nofb=1&iu=%2F7326%2C22656559276%2Fen.ars_technica.web&cmsid=2567594&vid=5f90976042b5f03ec594bace&url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&description_url=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&correlator=1247721029048928&pp=conde_ono&vpmute=1&vpa=1&cust_params=partner%3Dyes&sdkv=h.3.503.0&osd=2&frm=0&vis=1&sdr=1&hl=en&ciu_szs=1x1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=3408565466&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.503.0&sid=60285F20-5F79-4679-B13E-11E3CC8D51C6&nel=0&dlt=1646995984202&idt=8379&dt=1646995999522&cookie=ID%3Dc0d5607e9ac7d54c%3AT%3D1646995983%3AS%3DALNI_MaTKKKWzO4ygPJr4VtVBpOnLfT8Jg&scor=2691703139664711&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.503.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
139f8773a3a0d5819b4f4dcff5e6f5474f2d96e7b98b530b200f9dd8902c8726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:19 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2895
x-xss-protection
0
google-lineitem-id
4565303926
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138224167619
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 2441 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 84BC 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N46002.4197682SPEARFISH/B27259083.328419364;dc_ver=85.248;dc_eid=40004001;sz=300x600;u_sd=1;gdpr_consent=null;gdpr=0;dc_adk=1021063925;ord=dwar7t;click=https%3A%2F%2Fpresentation-atl1.turn.com%2Fr%2Fformclick%2Furlid%2F1DhorJi4Esm_KTImoKt_AdUdiPmfAnGrTYTZZguh4hRlZg_XNKu2bmBq3CCVPaN5ZhzmXRNAsUGCV2SRhiWXBJQVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiPH8aNlM8Mg0HcjiYdfEhoO8K0XGVTAg2AHN5sPe8leOswD9bP6BDOMs3U90ToOThit5LDa5AzomEr7Vp98inouTNZdACyFHTyx7ymaICVaUaEcLK7AsKBSjzDi_-b69IVnr6v1HrATFo0W-HabdiuQZ_O0JERoVzUgibbxSmRrpogJqIglsM1r52PvRQE7x6E_1rTYHileDcSEp9i2oWw3miqO00etsvEORK4U7F7X1A-Q-boTgPTcWEB676stBKd2cK9IoxoNPvVuT3KTnzWCVhpVpqZPEZj3-z4FecsDm6t5WweVmFbaRZRP5wegy70htXKGbkQpZKYkYLgE3Xyep65fdaDhiRBX_UkV1MyzrxVivVeOJxu3ToWP7KLT4dUERDw6WOeJJ4lrlfHUVzFuHHdFz2AMFKTy2Iu-9vbmZ-FScr0Ifj1HeooXW8anB6AKdtxipRfya3hblC5HBWEY_T-ztMgZ3PdL_XdpQpMfvy1Uj10Tywc9NjUkR3in8C7-5VJjeKz0PdRGi9j7WQTLDMrgUwzWRUuPTMGM_sfzGngh67C9gsELfnEMDlFF9gKMOHbfBQNNM0sjbERWI9DKEY4AyCzfFV9vKURL2a5am3alwfAw4g92P7H6OsnYW7HbIIiIt7DB_IW3XMuz-UbWjbpMu84JgZPO9Z8t1JFo9xiaAVcezyn7ZWEsApENFTRhym0HUJxho69wCywlDZwBYIgRx6aIdkXNs3Dhf_HW2PTaWMWi0eP-SxBcuVs7pJdED4LuCp_R00bIKW-lSNQp1Wmz0GO97BV9V73BbPnmmLbCuOVAkV5D5WLyQtJVqNzKRIcfXt4Na0GaBH7fSkOB%2Furl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=3,https%3A%2F%2Farstechnica.com%2F$0;xdt=1;crlt=IJtA(9'vXc;gcsr=m;sttr=659;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80d::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36343
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1646830771070120"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 11 Mar 2022 10:53:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/elements/html/ Frame 84BC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220308/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N46002.4197682SPEARFISH/B27259083.328419364;dc_ver=85.248;dc_eid=40004001;sz=300x600;u_sd=1;gdpr_consent=null;gdpr=0;dc_adk=1021063925;ord=dwar7t;click=https%3A%2F%2Fpresentation-atl1.turn.com%2Fr%2Fformclick%2Furlid%2F1DhorJi4Esm_KTImoKt_AdUdiPmfAnGrTYTZZguh4hRlZg_XNKu2bmBq3CCVPaN5ZhzmXRNAsUGCV2SRhiWXBJQVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiPH8aNlM8Mg0HcjiYdfEhoO8K0XGVTAg2AHN5sPe8leOswD9bP6BDOMs3U90ToOThit5LDa5AzomEr7Vp98inouTNZdACyFHTyx7ymaICVaUaEcLK7AsKBSjzDi_-b69IVnr6v1HrATFo0W-HabdiuQZ_O0JERoVzUgibbxSmRrpogJqIglsM1r52PvRQE7x6E_1rTYHileDcSEp9i2oWw3miqO00etsvEORK4U7F7X1A-Q-boTgPTcWEB676stBKd2cK9IoxoNPvVuT3KTnzWCVhpVpqZPEZj3-z4FecsDm6t5WweVmFbaRZRP5wegy70htXKGbkQpZKYkYLgE3Xyep65fdaDhiRBX_UkV1MyzrxVivVeOJxu3ToWP7KLT4dUERDw6WOeJJ4lrlfHUVzFuHHdFz2AMFKTy2Iu-9vbmZ-FScr0Ifj1HeooXW8anB6AKdtxipRfya3hblC5HBWEY_T-ztMgZ3PdL_XdpQpMfvy1Uj10Tywc9NjUkR3in8C7-5VJjeKz0PdRGi9j7WQTLDMrgUwzWRUuPTMGM_sfzGngh67C9gsELfnEMDlFF9gKMOHbfBQNNM0sjbERWI9DKEY4AyCzfFV9vKURL2a5am3alwfAw4g92P7H6OsnYW7HbIIiIt7DB_IW3XMuz-UbWjbpMu84JgZPO9Z8t1JFo9xiaAVcezyn7ZWEsApENFTRhym0HUJxho69wCywlDZwBYIgRx6aIdkXNs3Dhf_HW2PTaWMWi0eP-SxBcuVs7pJdED4LuCp_R00bIKW-lSNQp1Wmz0GO97BV9V73BbPnmmLbCuOVAkV5D5WLyQtJVqNzKRIcfXt4Na0GaBH7fSkOB%2Furl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=3,https%3A%2F%2Farstechnica.com%2F$0;xdt=1;crlt=IJtA(9'vXc;gcsr=m;sttr=659;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:36:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1001
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 25 Mar 2022 10:36:38 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 84BC 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRWu3WCZXQiPvUDCna_GNTphOyRLu4ByIpuenccxym6hUQNRhtKGiYbvFok9_56F14CLPgEpOMaglxRev1y7KsrC92uBFWXK7948BYwYGsPWDwAyue0te5L0zj9xkTH-pUxcGKXWOB94nQsZosNw&sig=Cg0ArKJSzBTe5bjejsb6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220308.61416&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N46002.4197682SPEARFISH/B27259083.328419364;dc_ver=85.248;dc_eid=40004001;sz=300x600;u_sd=1;gdpr_consent=null;gdpr=0;dc_adk=1021063925;ord=dwar7t;click=https%3A%2F%2Fpresentation-atl1.turn.com%2Fr%2Fformclick%2Furlid%2F1DhorJi4Esm_KTImoKt_AdUdiPmfAnGrTYTZZguh4hRlZg_XNKu2bmBq3CCVPaN5ZhzmXRNAsUGCV2SRhiWXBJQVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiPH8aNlM8Mg0HcjiYdfEhoO8K0XGVTAg2AHN5sPe8leOswD9bP6BDOMs3U90ToOThit5LDa5AzomEr7Vp98inouTNZdACyFHTyx7ymaICVaUaEcLK7AsKBSjzDi_-b69IVnr6v1HrATFo0W-HabdiuQZ_O0JERoVzUgibbxSmRrpogJqIglsM1r52PvRQE7x6E_1rTYHileDcSEp9i2oWw3miqO00etsvEORK4U7F7X1A-Q-boTgPTcWEB676stBKd2cK9IoxoNPvVuT3KTnzWCVhpVpqZPEZj3-z4FecsDm6t5WweVmFbaRZRP5wegy70htXKGbkQpZKYkYLgE3Xyep65fdaDhiRBX_UkV1MyzrxVivVeOJxu3ToWP7KLT4dUERDw6WOeJJ4lrlfHUVzFuHHdFz2AMFKTy2Iu-9vbmZ-FScr0Ifj1HeooXW8anB6AKdtxipRfya3hblC5HBWEY_T-ztMgZ3PdL_XdpQpMfvy1Uj10Tywc9NjUkR3in8C7-5VJjeKz0PdRGi9j7WQTLDMrgUwzWRUuPTMGM_sfzGngh67C9gsELfnEMDlFF9gKMOHbfBQNNM0sjbERWI9DKEY4AyCzfFV9vKURL2a5am3alwfAw4g92P7H6OsnYW7HbIIiIt7DB_IW3XMuz-UbWjbpMu84JgZPO9Z8t1JFo9xiaAVcezyn7ZWEsApENFTRhym0HUJxho69wCywlDZwBYIgRx6aIdkXNs3Dhf_HW2PTaWMWi0eP-SxBcuVs7pJdED4LuCp_R00bIKW-lSNQp1Wmz0GO97BV9V73BbPnmmLbCuOVAkV5D5WLyQtJVqNzKRIcfXt4Na0GaBH7fSkOB%2Furl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=3,https%3A%2F%2Farstechnica.com%2F$0;xdt=1;crlt=IJtA(9'vXc;gcsr=m;sttr=659;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 84BC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N46002.4197682SPEARFISH/B27259083.328419364;dc_ver=85.248;dc_eid=40004001;sz=300x600;u_sd=1;gdpr_consent=null;gdpr=0;dc_adk=1021063925;ord=dwar7t;click=https%3A%2F%2Fpresentation-atl1.turn.com%2Fr%2Fformclick%2Furlid%2F1DhorJi4Esm_KTImoKt_AdUdiPmfAnGrTYTZZguh4hRlZg_XNKu2bmBq3CCVPaN5ZhzmXRNAsUGCV2SRhiWXBJQVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiPH8aNlM8Mg0HcjiYdfEhoO8K0XGVTAg2AHN5sPe8leOswD9bP6BDOMs3U90ToOThit5LDa5AzomEr7Vp98inouTNZdACyFHTyx7ymaICVaUaEcLK7AsKBSjzDi_-b69IVnr6v1HrATFo0W-HabdiuQZ_O0JERoVzUgibbxSmRrpogJqIglsM1r52PvRQE7x6E_1rTYHileDcSEp9i2oWw3miqO00etsvEORK4U7F7X1A-Q-boTgPTcWEB676stBKd2cK9IoxoNPvVuT3KTnzWCVhpVpqZPEZj3-z4FecsDm6t5WweVmFbaRZRP5wegy70htXKGbkQpZKYkYLgE3Xyep65fdaDhiRBX_UkV1MyzrxVivVeOJxu3ToWP7KLT4dUERDw6WOeJJ4lrlfHUVzFuHHdFz2AMFKTy2Iu-9vbmZ-FScr0Ifj1HeooXW8anB6AKdtxipRfya3hblC5HBWEY_T-ztMgZ3PdL_XdpQpMfvy1Uj10Tywc9NjUkR3in8C7-5VJjeKz0PdRGi9j7WQTLDMrgUwzWRUuPTMGM_sfzGngh67C9gsELfnEMDlFF9gKMOHbfBQNNM0sjbERWI9DKEY4AyCzfFV9vKURL2a5am3alwfAw4g92P7H6OsnYW7HbIIiIt7DB_IW3XMuz-UbWjbpMu84JgZPO9Z8t1JFo9xiaAVcezyn7ZWEsApENFTRhym0HUJxho69wCywlDZwBYIgRx6aIdkXNs3Dhf_HW2PTaWMWi0eP-SxBcuVs7pJdED4LuCp_R00bIKW-lSNQp1Wmz0GO97BV9V73BbPnmmLbCuOVAkV5D5WLyQtJVqNzKRIcfXt4Na0GaBH7fSkOB%2Furl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=3,https%3A%2F%2Farstechnica.com%2F$0;xdt=1;crlt=IJtA(9'vXc;gcsr=m;sttr=659;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 00:44:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36525
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 11 Mar 2023 00:44:34 GMT
02152022-105554030-Canada_300x600_Golf.jpg
s0.2mdn.net/8304222/ Frame 84BC 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/8304222/02152022-105554030-Canada_300x600_Golf.jpg
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fa28dbc6c9539180a5694ef2592d86190a8b01e17afa930b0bf3585f4ceb4025
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 02:27:13 GMT
x-content-type-options
nosniff
age
30366
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49499
x-xss-protection
0
last-modified
Tue, 15 Feb 2022 18:55:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 12 Mar 2022 02:27:13 GMT
analytics
tag.yieldoptimizer.com/ps/ Frame 84BC
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/analytics?pxid=113314&
  • https://tag.yieldoptimizer.com/ps/analytics?tc=398643996&pxid=113314&
43 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.yieldoptimizer.com/ps/analytics?tc=398643996&pxid=113314&
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
35.190.52.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.52.190.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:20 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:19 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://tag.yieldoptimizer.com/ps/analytics?tc=398643996&pxid=113314&
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
dynamic_ddc.htm
presentation-atl1.turn.com/server/ Frame 9F92 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
774e56c1489bafd83af60626f6b1483c6e1237269c60b83b1293fcad591bc146

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/

Response headers

p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma
no-cache
vary
accept-encoding
content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 11 Mar 2022 10:53:18 GMT
checksync.php
contextual.media.net/ Frame 7FC7 		34 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
15cd7d7ccbb477c4a85b1354854ba0c74a0810f86c5ca9437bba1c9c4b7ff587
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Sun, 13 Mar 2022 10:53:19 GMT
date
Fri, 11 Mar 2022 10:53:19 GMT
content-length
11617
9eb465d5-d2e9-4e67-8894-fcf0835b4feb.jpg
s0.2mdn.net/sadbundle/13230765150597808128/ Frame 2441 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13230765150597808128/9eb465d5-d2e9-4e67-8894-fcf0835b4feb.jpg
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:808::2006 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c57bfdd896272485aa1fd780be7be5386876c8a1dcef8abd3d811ec48313491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13230765150597808128/CR_popcornews.com_BL_CA_PC_Nongoogle_creative.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 13:59:03 GMT
x-content-type-options
nosniff
age
334456
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118553
x-xss-protection
0
last-modified
Sun, 27 Feb 2022 15:17:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 07 Mar 2023 13:59:03 GMT
px
p.adsymptotic.com/d/ Frame 83DF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px?_pid=11693&_psign=bf265992ae7fbdc1ab4b39651c157974&_puuid=68547252942253779170798061318171033219&_rand=2052634866&_pp=adobeXtest&_redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=1524%26dpuuid=${UUID}
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.102.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
/
www.facebook.com/tr/ Frame 8A4E 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1663130473914833&ev=Microdata&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&rl=&if=true&ts=1646996000280&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.55&r=stable&ec=1&o=30&fbp=fb.1.1646995988224.403967254&it=1646995993921&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 11 Mar 2022 10:53:20 GMT
csi
csi.gstatic.com/ Frame B849 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l0maw0dl&c=3417098591108&slotId=1708549295554&qqid=CIjzvpvyvfYCFUaByAodIxsExg&gqid=HiorYs3mHJDLyQPtsKHwBA&fb=ima_html5-lima&sdkv=h.3.503.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.503.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4012:814::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:20 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B849 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9q3UWgeLP73QGuq0U6mDdQ0HVmqp6U5jfnhht2uXRIqrJmPCr4O3TFjc5p_y4DqdT9wsIZCgMUA87HLi0BTdrqjnxDwh91ga4lM-xf4Zly1UA1C9dLcvVjfIZF-BetomY_ZGtJzCS9IoUka_0D1lRU1uZuZ6UzXofcq1_nz4SDofuNSGiAo04vqIYMO6-9gISBLrkrLUkd7IET1On3YSBf1mA7QXBviMlizoAAQgPIimCUTGi1-gkL9hIPX_NxuIwxrVCzCtlWMEFSplF7ZZCHz2LtRUiPnGajrYZXxlfdebDmjJKYsQVV8mRAw&sig=Cg0ArKJSzCpu8wcMhvMfEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpkCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSIQhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBQABgB&adurl=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame B849 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJ39zZTVQ_u_Z7sXmepSF7LOa1249XJBwSNdrEXe77ctQeiQWUd-mHKOZ5fZXRplN_g3GFVGNcnkLBoPTsvLEFhgDqrfeZ1yu2JDKpQWcYE2fWLmbP3qVJwizmEP4vPDFgbwMvevTs_gQq4zrj_4DbMZhFeX0pzQIreafxkuB7k8s1w4zf6qcHsIu0-GqFrSvLPpFuVjPnwWJR4zuaTf6JtydfiAK5n0VhxHFO-p1Il5w9JDZmvuIiWyNCfv_182d7qWqrXsmpAorlU4oh8SxdvuefBW2-iBbNTY-em0ZmbdmBC4BI7vbeitFFQnnAXUvMCswAoqnY5-tJMBfyGZPqrqlEEFKpW97LKcc3ZMypz7m8Ig&sai=AMfl-YSlAr435smafn3C4mfc-r92pqkzC-un3LHQpffibys9k53dFup5DPIM8thEyKwQbdsiNRRkhXyQ675u_qguqyr8cGtmq8TRgzYinlKUnjyDXv6wLKtCJ8_oUPtJE_ycDrwl4qnPBkiygOT6Gnzf&sig=Cg0ArKJSzBV5oz0t92WKEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpkCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSIQhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBQABgB&adurl=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
track
capture.condenastdigital.com/ Frame 8A4E 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A20.549Z&_c=Player%20Event&_t=2%20Sec%20In-View%20Moat&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&cId=5f90976042b5f03ec594bace&cKe=war%20stories%2Cars%20war%20stories%2Cars%20technica%20war%20stories%2Cwar%20stories%20nintendo%2Cars%20technica%20nintendo%2Cars%20nintendo%2Cnintendo%20entertainment%20system%2Cnintendo%20power%2Cnintendo%20power%20magazine%2Cnintendo%201985%2Cnintendo%201986%2Cnintendo%20of%20america%2Cgail%20tilden%2Cnes%2Cn.e.s.%2Cnes%20launch%2Cnes%201985%2Cgail%20tilden%20nintendo%2Cg%20tilden%20nintendo%2Cgail%20tilden%20nintendo%20power%2Coriginal%20nes%2C8bit%20nes%2C8bit%20nintendo%2Chistory%20of%20nintendo%2Chistory%20of%20nes%2Cars%20nes%2Cars%20technica%20nes&cPd=2020-10-29T15%3A00%3A00%2B00%3A00&cTi=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=1582&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pWw=276&pWh=155.25&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=8a88dde5-85d6-4eb8-99f5-d9efef957024&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2201b4160%22%2C%22guid%22%3A%228b6d854e-a1a9-f2f2-b709-2dd5f43cd4e3%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%22%22%2C%22adType%22%3A%22%22%2C%22creativeId%22%3A%22%22%2C%22wrapperAdIds%22%3A%22%22%2C%22wrapperAdSystems%22%3A%22%22%2C%22dfpLineItem%22%3A%22%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A%22%22%7D&adId=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:20 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-11T10%3A53%3A20.552Z&_t=impressionViewable&cBr=Ars%20Technica&cKe=criminal%20justice%7Cextortion%7Cindictments%7Cransomware&cCh=information%20technology&cTi=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=775&cId=1840246&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pWw=1600&pWh=1200&pPw=1600&pPh=5200&pSw=1600&pSh=1200&uID=0884e157-1f7d-4567-95c8-d99c9013a3c8&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&uDt=desktop&dim1=%7B%22channel%22%3A%22information-technology%22%2C%22platform%22%3A%22wordpress%22%2C%22template%22%3A%22article%22%2C%22viewport%22%3A%22desktop%22%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22hero%22%2C%22size%22%3A%22970x250%22%7D&_o=ars-technica&_c=ad_metrics&xID=8a88dde5-85d6-4eb8-99f5-d9efef957024&environment=prod&origin=ars-technica
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:20 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js
pagead2.googlesyndication.com/bg/ Frame 50CA 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 06:46:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
187582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13820
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Mar 2023 06:46:58 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=2&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995996312&de=266707774452&cu=1646995996312&m=2159&ar=359f21c1e97-clean&iw=a0cb2c4&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=0&ag=959&an=215&gf=959&gg=215&ez=1&aj=1&pg=100&pf=100&ib=0&cc=0&bw=959&bx=215&dj=1&aa=0&ad=223&cn=0&gk=223&gl=0&cq=0&hj=1&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1685&cd=1386&ah=1685&am=1386&dq=728&dr=429&ds=728&dt=429&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=0&vt=30&vd=0&zMoatSRE=0.02228125&zMoatVSD=5&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=17410&ef=1&rf=0&re=0&cl=0&at=0&d=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5f90976042b5f03ec594bace&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=329909684&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:20 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:20 GMT
ibs:dpid=22069&dpuuid=2026732888443
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233
  • https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2026732888443
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2026732888443
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v026-0fcaefdef.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
dOBBldhYQKI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:20 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=2026732888443
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 84BC 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRWu3WCZXQiPvUDCna_GNTphOyRLu4ByIpuenccxym6hUQNRhtKGiYbvFok9_56F14CLPgEpOMaglxRev1y7KsrC92uBFWXK7948BYwYGsPWDwAyue0te5L0zj9xkTH-pUxcGKXWOB94nQsZosNw&sig=Cg0ArKJSzBTe5bjejsb6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1249&vt=11&dtpt=1248&dett=2&cstd=0&cisv=r20220308.61416&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N46002.4197682SPEARFISH/B27259083.328419364;dc_ver=85.248;dc_eid=40004001;sz=300x600;u_sd=1;gdpr_consent=null;gdpr=0;dc_adk=1021063925;ord=dwar7t;click=https%3A%2F%2Fpresentation-atl1.turn.com%2Fr%2Fformclick%2Furlid%2F1DhorJi4Esm_KTImoKt_AdUdiPmfAnGrTYTZZguh4hRlZg_XNKu2bmBq3CCVPaN5ZhzmXRNAsUGCV2SRhiWXBJQVUaa81rE5Va5TPoJV_1Ntn4-ZNPeiesLCUWGi5Q0pM7KRjdzxONxWW0Z6RoggDxjbLcisF5vf52pYjnxx7sgLDq60qaLSM9lSDH_P7r3m2LfHLNhuhT3pi82fEsIKY-zMcLaIqUa9FRu7ru1ABYiPH8aNlM8Mg0HcjiYdfEhoO8K0XGVTAg2AHN5sPe8leOswD9bP6BDOMs3U90ToOThit5LDa5AzomEr7Vp98inouTNZdACyFHTyx7ymaICVaUaEcLK7AsKBSjzDi_-b69IVnr6v1HrATFo0W-HabdiuQZ_O0JERoVzUgibbxSmRrpogJqIglsM1r52PvRQE7x6E_1rTYHileDcSEp9i2oWw3miqO00etsvEORK4U7F7X1A-Q-boTgPTcWEB676stBKd2cK9IoxoNPvVuT3KTnzWCVhpVpqZPEZj3-z4FecsDm6t5WweVmFbaRZRP5wegy70htXKGbkQpZKYkYLgE3Xyep65fdaDhiRBX_UkV1MyzrxVivVeOJxu3ToWP7KLT4dUERDw6WOeJJ4lrlfHUVzFuHHdFz2AMFKTy2Iu-9vbmZ-FScr0Ifj1HeooXW8anB6AKdtxipRfya3hblC5HBWEY_T-ztMgZ3PdL_XdpQpMfvy1Uj10Tywc9NjUkR3in8C7-5VJjeKz0PdRGi9j7WQTLDMrgUwzWRUuPTMGM_sfzGngh67C9gsELfnEMDlFF9gKMOHbfBQNNM0sjbERWI9DKEY4AyCzfFV9vKURL2a5am3alwfAw4g92P7H6OsnYW7HbIIiIt7DB_IW3XMuz-UbWjbpMu84JgZPO9Z8t1JFo9xiaAVcezyn7ZWEsApENFTRhym0HUJxho69wCywlDZwBYIgRx6aIdkXNs3Dhf_HW2PTaWMWi0eP-SxBcuVs7pJdED4LuCp_R00bIKW-lSNQp1Wmz0GO97BV9V73BbPnmmLbCuOVAkV5D5WLyQtJVqNzKRIcfXt4Na0GaBH7fSkOB%2Furl%2F;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=3,https%3A%2F%2Farstechnica.com%2F$0;xdt=1;crlt=IJtA(9'vXc;gcsr=m;sttr=659;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.40.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s39-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:20 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
track
capture.condenastdigital.com/ Frame 8A4E 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A21.043Z&_c=Video%20Ad&_t=Ad%20Loaded&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&cId=5f90976042b5f03ec594bace&cKe=war%20stories%2Cars%20war%20stories%2Cars%20technica%20war%20stories%2Cwar%20stories%20nintendo%2Cars%20technica%20nintendo%2Cars%20nintendo%2Cnintendo%20entertainment%20system%2Cnintendo%20power%2Cnintendo%20power%20magazine%2Cnintendo%201985%2Cnintendo%201986%2Cnintendo%20of%20america%2Cgail%20tilden%2Cnes%2Cn.e.s.%2Cnes%20launch%2Cnes%201985%2Cgail%20tilden%20nintendo%2Cg%20tilden%20nintendo%2Cgail%20tilden%20nintendo%20power%2Coriginal%20nes%2C8bit%20nes%2C8bit%20nintendo%2Chistory%20of%20nintendo%2Chistory%20of%20nes%2Cars%20nes%2Cars%20technica%20nes&cPd=2020-10-29T15%3A00%3A00%2B00%3A00&cTi=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=1582&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pWw=276&pWh=155.25&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=8a88dde5-85d6-4eb8-99f5-d9efef957024&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2201b4160%22%2C%22guid%22%3A%228b6d854e-a1a9-f2f2-b709-2dd5f43cd4e3%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Afalse%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%224565303926%22%2C%22adType%22%3A%22unknown%22%2C%22creativeId%22%3A%22138224167619%22%2C%22wrapperAdIds%22%3A%5B%225743013948%22%5D%2C%22wrapperAdSystems%22%3A%5B%22GDFP%22%5D%2C%22dfpLineItem%22%3A%225743013948%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A0%7D&videoViews=1&adId=4565303926
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:21 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
csi
csi.gstatic.com/ Frame 8A4E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l0mavwap&c=3417098591108&slotId=1708549295554&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4012:814::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:21 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=575&dpuuid=-5317812257848865376
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://fei.pro-market.net/engine?site=141472;size=1x1;mimetype=img;du=67;csync=68547252942253779170798061318171033219
  • https://dpm.demdex.net/ibs:dpid=575&dpuuid=-5317812257848865376
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-5317812257848865376
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v026-0693a0353.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
X4+js/b7T4k=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:21 GMT
via
1.1 google
server
Apache-Coyote/1.1
access-control-allow-origin
*
anserver
gapp9.us1
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=575&dpuuid=-5317812257848865376
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Mon, 1 Jan 1990 0:0:0 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 0975 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156512&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156512
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.115.114 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:20 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
screendelay480p0100.mp4
rogersadops-a.akamaihd.net/Pete/ Frame 8A4E 		1 KB
2 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://rogersadops-a.akamaihd.net/Pete/screendelay480p0100.mp4
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
23.50.53.184 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-50-53-184.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
0ca9835020d5222c62dbf7624c882b04a7384dd389d4774914bb23214e975d10

Request headers

Referer
https://arstechnica.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 11 Mar 2022 10:53:21 GMT
Last-Modified
Tue, 21 Apr 2015 15:34:18 GMT
Server
AkamaiNetStorage
Access-Control-Allow-Origin
*
ETag
"8f6955e49f7c45da2a3ba104e3262066:1429630458"
Content-Type
video/mp4
Content-Range
bytes 0-1392/1393
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Requested-With
Content-Length
1393
g.js
aa.agkn.com/adscores/ Frame 9F92 		143 B
622 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.js?sid=9212291198&_puid=3480839182339453453
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.238.176.75 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-238-176-75.us-west-2.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
0e24c77ee2df3b05b6f32e1890b39fbd6b46c7b159a256f0e07f8c5400468451

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:21 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-type
application/javascript;charset=iso-8859-1
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length
143
expires
0
rum
dsum-sec.casalemedia.com/ Frame 9F92 		43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3480839182339453453&gdpr=0&gdpr_consent=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:21 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:21 GMT
f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI3MDg5NDgx/mpuid/ Frame 9F92
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=684&partner_device_id=3480839182339453453&partner_url=https%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzI3MDg5NDgx%2Fmpuid%2F%24%7BTA_D...
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Freceive%3Fpartner_id%3DAPPNEXUS%26partner_device_id%3D%24UID%26pt%3Df8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5%252Chttps%253A...
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=APPNEXUS&partner_device_id=7380764466701486637&pt=f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5%2Chttps%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcG...
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI3MDg5NDgx/mpuid/f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI3MDg5NDgx/mpuid/f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
H2
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

location
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI3MDg5NDgx/mpuid/f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5
date
Fri, 11 Mar 2022 10:53:22 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
tap.php
pixel.rubiconproject.com/ Frame 9F92 		42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4212&nid=1185&put=3480839182339453453&expires=60&gdpr=0&gdpr_consent=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Content-Type
image/gif
/
loadm.exelator.com/load/ Frame 9F92
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=turn&id=3480839182339453453
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=turn&id=3480839182339453453&s_h=1
  • https://sb.scorecardresearch.com/p?c1=9&c2=5989497&cs_xi=6ba837dd-3fe8-4e92-8c05-f4d09f0592b4&rn=TIMESTAMP&cs_xs=2189&r=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1701
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1701
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzMxODMxNDE0/mpuid/6ba837dd-3fe8-4e92-8c05-f4d09f0592b4/rnd/0/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1702%2F
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1702%2F
  • https://dmp.truoptik.com/8bf33fe57526aec8/sync.gif?fck=6ba837dd-3fe8-4e92-8c05-f4d09f0592b4&dpid=1703&cbk=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx
  • https://sync.tidaltv.com/genericusersync.ashx?to_cookie=a468c49a3ea2042c955cf271e61d9a45&dpid=1703&fck=6ba837dd-3fe8-4e92-8c05-f4d09f0592b4
  • https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzE3NDc1MDIxMzYvdC8y/kv/ID=6ba837dd-3fe8-4e92-8c05-f4d09f0592b4/url/https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1704
  • https://sync.tidaltv.com/GenericUserSync.ashx?dpid=1704
  • https://tags.bluekai.com/site/5379?id=6ba837dd-3fe8-4e92-8c05-f4d09f0592b4&redir=https%3A%2F%2Fsync.tidaltv.com%2Fgenericusersync.ashx%3Fdpid%3D1705
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=1705
  • https://loadm.exelator.com/load/?p=204&g=281&buid=6ba837dd-3fe8-4e92-8c05-f4d09f0592b4&j=0
0
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=281&buid=6ba837dd-3fe8-4e92-8c05-f4d09f0592b4&j=0
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
H2
Server
34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-229-3-43.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:26 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:26 GMT
server
Apache-Coyote/1.1
location
https://loadm.exelator.com/load/?p=204&g=281&buid=6ba837dd-3fe8-4e92-8c05-f4d09f0592b4&j=0
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
dcm
s.amazon-adsystem.com/ Frame 9F92 		43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=ccaeebfd-a5be-4ecd-b221-fe04680fd116&id=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.180.144 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:21 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
30D9TJ2SNGGVRB66ZAVM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
4499
tags.bluekai.com/site/ Frame 9F92 		62 B
611 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/4499?id=3480839182339453453&BK_SWAP_DEST=4499
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.85.195.135 Piscataway, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-85-195-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:21 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
/
rtb-csync.smartadserver.com/redir/ Frame 9F92 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=32&partneruserid=3480839182339453453&gdpr=0&gdpr_consent=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
199.187.193.185 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:21 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
user-registering
ads.stickyadstv.com/ Frame 9F92 		43 B
672 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=3480839182339453453&redirectID=0
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
63.251.28.219 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:21 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1646996001655012-276
RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/ Frame 9F92
Redirect Chain
  • https://sync.1rx.io/usersync/turn/3480839182339453453?dspret=1&redir=https%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzg1MjQ2ODY4%2Fmpuid%2F%5BRX_UUID%5D&gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005?redir=https%3A%2F%2Fd.turn.com%2Fr%2Fdu%2Fid%2FL2NzaWQvMS9tcGlkLzg1MjQ2ODY4%2Fmpuid%2FRX-32ed5efb-1c2d-44f6-...
  • https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005
43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
H2
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

Date
Fri, 11 Mar 2022 10:53:21 GMT
Server
Tengine
ETag
RX32ed5efb1c2d44f6b14867108c9e0044005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzg1MjQ2ODY4/mpuid/RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005
Connection
keep-alive
Content-Type
text/html
v1
match.sharethrough.com/sync/ Frame 9F92
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=302&user_id=3480839182339453453&expires=7&gdpr=0&gdpr_consent=
  • https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=82063e31-d895-4c78-815b-e5685b556304&seat_user_id=&seat_key=%20%20&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy=
68 B
263 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=82063e31-d895-4c78-815b-e5685b556304&seat_user_id=&seat_key=%20%20&gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
H2
Server
34.232.5.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-5-62.compute-1.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:22 GMT
content-length
68
content-type
image/png

Redirect headers

Location
//match.sharethrough.com/sync/v1?source_id=bf2b131f1f7eff9d8892972c&source_user_id=82063e31-d895-4c78-815b-e5685b556304&seat_user_id=&seat_key= &gdpr=0&gdpr_consent=&gdpr_pd=&usprivacy=
Date
Fri, 11 Mar 2022 10:53:21 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9F92
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzQ4MDgzOTE4MjMzOTQ1MzQ1Mw==&gdpr=0&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEPC21XjRu7vszdRJYQkyxXE&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEPC21XjRu7vszdRJYQkyxXE&google_cver=1
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
H2
Server
2620:112:f002:bbbb::21 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:21 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:21 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=0&gdpr_consent=&google_gid=CAESEPC21XjRu7vszdRJYQkyxXE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
330
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 9F92 		23 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=11&uid=3480839182339453453
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.109.72 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-109-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:21 GMT
cache-control
max-age=0, no-cache, no-store
expires
Fri, 11 Mar 2022 10:53:21 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
362388.gif
idsync.rlcdn.com/ Frame 9F92 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362388.gif?partner_uid=3480839182339453453&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame 9F92 		43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3480839182339453453&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:21 GMT
via
1.1 google
server
OXGW/17.2.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
cksync.php
contextual.media.net/ Frame 9F92 		45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=amb&ovsid=3480839182339453453
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.167.93 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-167-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=604800
server
Apache
date
Fri, 11 Mar 2022 10:53:21 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Fri, 11 Mar 2022 10:53:21 GMT
/
bpi.rtactivate.com/tag/ Frame 9F92 		43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bpi.rtactivate.com/tag/?id=16873&user_id=3480839182339453453
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.211.82.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-211-82-118.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:21 GMT
server
awselb/2.0
content-length
43
content-type
image/gif
engine
pbid.pro-market.net/ Frame 9F92
Redirect Chain
  • https://fei.pro-market.net/engine?du=85&mimetype=img&csync=3480839182339453453
  • https://fei.pro-market.net/engine?du=85&mimetype=img&csync=3480839182339453453&sr
  • https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NDAxNjkxODcyMDAxNzk0MzkzNA==
  • https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEISqXIC2ww_codZj606Hk8g&google_cver=1
43 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEISqXIC2ww_codZj606Hk8g&google_cver=1
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
H2
Server
2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:21 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp2
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEISqXIC2ww_codZj606Hk8g&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
315
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
dmp.adblade.com/srv/sync/gateway/ Frame 7FC7 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adblade.com/srv/sync/gateway/?cId=Medianet;__src=adblade
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.199.73.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-199-73-116.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:21 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
710489.gif
id.rlcdn.com/ Frame 7FC7 		42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/710489.gif
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:21 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
sync
ups.analytics.yahoo.com/ups/58222/ Frame 7FC7
Redirect Chain
  • https://cs.media.net/scksync?cs=1&type=brx&ovsid=setstatuscode&redirect=https%3A%2F%2Fups.analytics.yahoo.com%2Fups%2F58222%2Fsync%3F_origin%3D1%26uid%3D%3CDSP_USER_ID%3E
  • https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2899975901454749000V10
0
447 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2899975901454749000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=9&cv=31&https=1&cid=8CU65UN7R&prvid=2033%2C2030%2C273%2C2027%2C159%2C2026%2C117%2C97%2C99%2C56%2C59%2C3012%2C3011%2C3010%2C201%2C3007%2C246%2C4%2C126%2C203%2C326%2C9%2C171%2C173%2C251%2C175%2C132%2C178%2C3018%2C3017%2C214%2C3016%2C3015%2C338%2C77%2C182%2C184%2C261%2C141%2C188%2C222%2C225%2C226%2C10000%2C80%2C108%2C229%2C307&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol
H2
Server
54.175.87.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-87-114.compute-1.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:22 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58222/sync?_origin=1&uid=2899975901454749000V10
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
cache-control
max-age=0, no-cache, no-store
expires
Fri, 11 Mar 2022 10:53:21 GMT
date
Fri, 11 Mar 2022 10:53:21 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=1&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=3&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995996312&de=266707774452&cu=1646995996312&m=2459&ar=359f21c1e97-clean&iw=a0cb2c4&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=1&ag=1270&an=959&gi=1&gf=1270&gg=959&ez=1&kw=2130&aj=1&pg=100&pf=100&ib=0&dw=1&cc=1&bw=1270&bx=959&jz=2130&dj=1&dx=1&aa=0&ad=534&cn=223&gk=534&gl=223&cq=0&hj=1&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2130&cd=1685&ah=2130&am=1685&dq=1173&dr=728&ds=1173&dt=728&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=30&vt=40&vd=0&zMoatSRE=0.02228125&zMoatVSD=5&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=17410&ef=1&rf=0&re=0&cl=0&at=0&d=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5f90976042b5f03ec594bace&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=848451000&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:21 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:21 GMT
ibs:dpid=53196&dpuuid=Q7002823991353312790P
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://px.owneriq.net/eucm/p/adpq?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D53196%26dpuuid%3D(OIQ_UUID)
  • https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7002823991353312790P
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7002823991353312790P
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v026-02599a78f.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
JYTGvOJ5Tdk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date
Fri, 11 Mar 2022 10:53:21 GMT
Server
Apache/2.4.6 (CentOS)
X-Powered-By
PHP/7.3.33
Vary
Accept-Encoding
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dpm.demdex.net/ibs:dpid=53196&dpuuid=Q7002823991353312790P
Cache-Control
max-age=28849
Connection
keep-alive
Content-Type
text/html
Content-Length
154
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1836 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Mar 2022 00:44:34 GMT
expires
Sat, 11 Mar 2023 00:44:34 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
36528
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
163850804087006939230
d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTYyNjUzMzQvdC8y/dpuid/ Frame 9F92 		43 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTYyNjUzMzQvdC8y/dpuid/163850804087006939230
Requested by
Host: presentation-atl1.turn.com
URL: https://presentation-atl1.turn.com/server/dynamic_ddc.htm?uid=3480839182339453453&mktid=1566&btp=-1&sp=n&pid=59&nu=n&ctid=1&cyid=1&app=n&gdpr=0&gdpr_consent=&us_privacy=&ssl=y&drvuid=-1&bddc=n
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:112:f002:bbbb::23 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://presentation-atl1.turn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ibs:dpid=73426&dpuuid=68547252942253779170798061318171033219
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://ads.scorecardresearch.com/p?c1=9&c2=6034944&c3=2&cs_xi=68547252942253779170798061318171033219&rn=1646995983732&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D73426%26dpuuid%3D685472529422537...
  • https://dpm.demdex.net/ibs:dpid=73426&dpuuid=68547252942253779170798061318171033219
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=68547252942253779170798061318171033219
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v026-000a74c6d.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
I7cpNXVkTsc=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Fri, 11 Mar 2022 10:53:22 GMT
via
1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://dpm.demdex.net/ibs:dpid=73426&dpuuid=68547252942253779170798061318171033219
content-length
105
x-amz-cf-id
sLITbpT1V9r6mRM8hIx_Tfhrp0cK2RSxE79yiYz_1OGe_50hdC3uZQ==
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=4&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995996312&de=266707774452&cu=1646995996312&m=2460&ar=359f21c1e97-clean&iw=a0cb2c4&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=1&ag=1270&an=1270&gi=1&gf=1270&gg=1270&ez=1&kw=2130&aj=1&pg=100&pf=100&ib=0&dw=1&cc=1&bw=1270&bx=1270&jz=2130&dj=1&dx=1&aa=0&ad=534&cn=534&gk=534&gl=534&cq=0&hj=1&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2130&cd=2130&ah=2130&am=2130&dq=1173&dr=1173&ds=1173&dt=1173&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=40&vt=40&vd=0&zMoatSRE=0.02228125&zMoatVSD=5&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=17410&ef=1&rf=0&re=0&cl=0&at=0&d=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5f90976042b5f03ec594bace&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=212501409&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:22 GMT
sn.ashx
dpm.demdex.net/ibs:dpid=75557&dpuuid=R1D531_EC8FEA92_AA647E30&redir=https://abp.mxptint.net/ Frame 83DF
Redirect Chain
  • https://abp.mxptint.net/sn.ashx
  • https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1D531_EC8FEA92_AA647E30&redir=https://abp.mxptint.net/sn.ashx?ak=1
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1D531_EC8FEA92_AA647E30&redir=https://abp.mxptint.net/sn.ashx?ak=1
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v026-0cb0d3ee4.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
WqXpmLNlTUs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=75557&dpuuid=R1D531_EC8FEA92_AA647E30&redir=https://abp.mxptint.net/sn.ashx?ak=1
Date
Fri, 11 Mar 2022 10:53:22 GMT
Cache-Control
private
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
237
Strict-Transport-Security
max-age=-329982802; includeSubDomains
Content-Type
text/html; charset=utf-8
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=conde.ars&zMoatAdUnit2=hero&zMoatAdUnit3=information-technology&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=7&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=5&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=315&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995982584&de=901890910919&rx=604451054343&cu=1646995982584&m=16788&ar=359f21c1e97-clean&iw=8105762&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=1&ag=10279&an=5569&gi=1&gf=10279&gg=5569&ix=10279&ic=10279&ez=1&ck=1170&kw=1504&aj=1&pg=100&pf=100&ib=0&cc=1&bw=10279&bx=5569&ci=1170&jz=1504&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10414&cd=5530&ah=10414&am=5530&xd=00&rf=0&re=1&ft=6253&fv=1543&fw=1543&wb=2&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.ars&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=197273&na=700027112&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:22 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BhFhZHyorYpmXIoTeowa33JXYApLQlZZFAAAAEAEgkMTBFjgBWMPVtfaCBGB9sgEPYXJzdGVjaG5pY2EuY29tugEKMzAweDUwX3htbMgBBdoBgQFodHRwczovL2Fyc3RlY2huaWNhLmNvbS9pbmZvcm1hdGlvbi10ZWNobm9sb2d5LzIwMjIvMDMvZmVkcy1leHRyYWRpdGUtcmFuc29td2FyZS1zdXNwZWN0cy1mcm9tLTItcHJvbGlmaWMtZ2FuZ3MtaW4tYS1zaW5nbGUtd2Vlay-pAj9t7cQtR6o-wAIC4AIA6gIZLzczMjYvZW4uYXJzX3RlY2huaWNhLndlYvgCgdIekAOkA5gDpAOoAwHQBJBO4AQB0gUGEPaE9IARkAYBoAYjqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAeAHD9IIBwiAYRABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=FJLf3b-w3aw&label=video_ad_loaded&acvw=&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpkCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSIQhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BOgzuHiorYojsHcaCogajtpCwDJ7Cn5JGAAAAEAEgt-O4IDgBWKa3xb6DBGB9sgEPYXJzdGVjaG5pY2EuY29tugELNDAweDMwMF94bWzIAQXaAYEBaHR0cHM6Ly9hcnN0ZWNobmljYS5jb20vaW5mb3JtYXRpb24tdGVjaG5vbG9neS8yMDIyLzAzL2ZlZHMtZXh0cmFkaXRlLXJhbnNvbXdhcmUtc3VzcGVjdHMtZnJvbS0yLXByb2xpZmljLWdhbmdzLWluLWEtc2luZ2xlLXdlZWsvmAKwbcACAuACAOoCPC8zMzc5L2NvbmRlLmFycy9pbmxpbmUtcGxheWVyL2luZm9ybWF0aW9uLXRlY2hub2xvZ3kvYXJ0aWNsZfgCgdIekAOkA5gDpAOoAwHgBAHSBQYQvOC9shWQBgGgBiSoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4Acf0ggHCIBhEAEYXdgIAoAKBZgLAYAMAdAVAfgWAYAXAQ&sigh=Eq0EfiS-QK8&label=video_ad_loaded&acvw=&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpkCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSIQhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=79908&dpuuid=c:0a2f6a73e9e7ad5fda850f527272b637
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://aorta.clickagy.com/pixel.gif?ch=124&cm=68547252942253779170798061318171033219&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D79908%26dpuuid%3D%7Bvisitor_id%7D
  • https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:0a2f6a73e9e7ad5fda850f527272b637
42 B
957 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:0a2f6a73e9e7ad5fda850f527272b637
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v026-060c34744.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
300
X-TID
15mYQdQoRRA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date
Fri, 11 Mar 2022 10:53:22 GMT
server
Aorta/20220310.de5380a
access-control-allow-origin
access-control-max-age
31536000
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain
Location
https://dpm.demdex.net/ibs:dpid=79908&dpuuid=c:0a2f6a73e9e7ad5fda850f527272b637
access-control-expose-headers
Set-Cookie
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
X-Aorta-Region
us-east-1
Connection
keep-alive
X-Aorta-Host
ip-10-42-22-15.ec2.internal
access-control-allow-headers
Origin,cache-control,content-type,man,messagetype,soapaction
Content-Length
0
view
securepubads.g.doubleclick.net/pcs/ Frame B849 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMTDCDEApdTIRO_geGylvbThwtjaSjVfeZz26uBmHZq1-H1a6xJXPPpliqWPvGvFsF1DpwmmexOzw9y1p9NSUFuGSQY80sv9X5499xsnxL9MUdNTEajrmdEE6Arkf5_9HtSwKcTllgCDjLKRXlpvAvTSCNvZRskwpBq7NvDN6f0_KeVhnL2JNaE43opj0LcbiOeWcA59TCPivCkVh7DRthruSyvHCtApXGskW6WjAHo1J9pN0FFVRQoxzPTQ4avMJUQk2wyOjrqZSmPrErgjU9rbxInMuYXuAvB3t-V2AP7HIwC854-vrSaeC3Gj1lyoJZSA0nMQND3no9Y-ziIWzsouuTGVThvfcLLGsk9JFPdR8&sai=AMfl-YT3hqggWodlcfz2Us1kcOE3Mb2HjXThZsEgwNu6Tv8NFNX_VrDSvZ0SCBYDcDP8mo480eNht80lCReAbs86jsaw5QfE4czZu6QKOxJVvHb_9LJQ1_Dr_fRkLI-phDP797sSftu2cjwyOm0U3KZr&sig=Cg0ArKJSzI7gHDSnc1zKEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&sdkv=h.3.503.0&adurl=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame B849 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssybrYx51o2POkJUi6JbNCk9sUOjAeCLT_WpNkjSjwgV6jHRSwgypJlIANGTTTivY2KNpqFXNQ-N7ewFcNzO8wgxmZ67ZXmpdPW6Th1zB1gXCMe0js28wLhg44TXIg_XpzeSZTP8DeKrFPvuwWkXT2WX8MamHMxgc6q8e5MyLcYs3BWUTT_ESqXvmuDEaqB2TiB6mIrnxWCyevZf-jBX8bY4ibDFy-Hh2PKMwdPDnktbNDNW2vRC4Qz1voWgFpl06ndjC9_aY_X2QAlOKRc64Xhr5TpkMXPaa5nUOCvPrvOGKOq2PTlXjq9Vn4&sig=Cg0ArKJSzJMc88WfkaJjEAE&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&sdkv=h.3.503.0&adurl=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BhFhZHyorYpmXIoTeowa33JXYApLQlZZFAAAAEAEgkMTBFjgBWMPVtfaCBGB9sgEPYXJzdGVjaG5pY2EuY29tugEKMzAweDUwX3htbMgBBdoBgQFodHRwczovL2Fyc3RlY2huaWNhLmNvbS9pbmZvcm1hdGlvbi10ZWNobm9sb2d5LzIwMjIvMDMvZmVkcy1leHRyYWRpdGUtcmFuc29td2FyZS1zdXNwZWN0cy1mcm9tLTItcHJvbGlmaWMtZ2FuZ3MtaW4tYS1zaW5nbGUtd2Vlay-pAj9t7cQtR6o-wAIC4AIA6gIZLzczMjYvZW4uYXJzX3RlY2huaWNhLndlYvgCgdIekAOkA5gDpAOoAwHQBJBO4AQB0gUGEPaE9IARkAYBoAYjqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAeAHD9IIBwiAYRABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=FJLf3b-w3aw&label=vast_creativeview&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D133%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996002667%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1646996000499&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpnCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSJAhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBImxBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BhFhZHyorYpmXIoTeowa33JXYApLQlZZFAAAAEAEgkMTBFjgBWMPVtfaCBGB9sgEPYXJzdGVjaG5pY2EuY29tugEKMzAweDUwX3htbMgBBdoBgQFodHRwczovL2Fyc3RlY2huaWNhLmNvbS9pbmZvcm1hdGlvbi10ZWNobm9sb2d5LzIwMjIvMDMvZmVkcy1leHRyYWRpdGUtcmFuc29td2FyZS1zdXNwZWN0cy1mcm9tLTItcHJvbGlmaWMtZ2FuZ3MtaW4tYS1zaW5nbGUtd2Vlay-pAj9t7cQtR6o-wAIC4AIA6gIZLzczMjYvZW4uYXJzX3RlY2huaWNhLndlYvgCgdIekAOkA5gDpAOoAwHQBJBO4AQB0gUGEPaE9IARkAYBoAYjqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAeAHD9IIBwiAYRABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=FJLf3b-w3aw&label=videoautoplayed&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D133%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996002667%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1646996000499&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpnCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSJAhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBImxBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BOgzuHiorYojsHcaCogajtpCwDJ7Cn5JGAAAAEAEgt-O4IDgBWKa3xb6DBGB9sgEPYXJzdGVjaG5pY2EuY29tugELNDAweDMwMF94bWzIAQXaAYEBaHR0cHM6Ly9hcnN0ZWNobmljYS5jb20vaW5mb3JtYXRpb24tdGVjaG5vbG9neS8yMDIyLzAzL2ZlZHMtZXh0cmFkaXRlLXJhbnNvbXdhcmUtc3VzcGVjdHMtZnJvbS0yLXByb2xpZmljLWdhbmdzLWluLWEtc2luZ2xlLXdlZWsvmAKwbcACAuACAOoCPC8zMzc5L2NvbmRlLmFycy9pbmxpbmUtcGxheWVyL2luZm9ybWF0aW9uLXRlY2hub2xvZ3kvYXJ0aWNsZfgCgdIekAOkA5gDpAOoAwHgBAHSBQYQvOC9shWQBgGgBiSoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4Acf0ggHCIBhEAEYXdgIAoAKBZgLAYAMAdAVAfgWAYAXAQ&sigh=Eq0EfiS-QK8&label=vast_creativeview&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D133%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996002667%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.02%26t%3D1646996000499&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpnCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSJAhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBImxBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssm_z5qSl0qQekYtz63x9p_AquQDkx-77Pxyxmcpxs48qjod3QEHkOHTCDSDqdnK7T8xpki4kyL_Q6LN2-q7ox0C7969xmOWog-95ypudVx8ei_MQ4d&sig=Cg0ArKJSzHL0GQfx3g6eEAE&id=lidarv&acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D133%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996002672%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1646996000499&avm=1
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst1ArMChCOyypxuGR4kUWJQnMCViWUVkR7gOSe2uznx5lPSZz2XJ7M7lP0HDE1-jN2pUYQKXzmYO7hPbEPZtn1Jo9yJYh2mW6CBV91LyuQsks6-IoYD&sig=Cg0ArKJSzDafaPhtUYfmEAE&id=lidarv&acvw=sv%3D922%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D133%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996002672%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1646996000499&avm=1
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BhFhZHyorYpmXIoTeowa33JXYApLQlZZFAAAAEAEgkMTBFjgBWMPVtfaCBGB9sgEPYXJzdGVjaG5pY2EuY29tugEKMzAweDUwX3htbMgBBdoBgQFodHRwczovL2Fyc3RlY2huaWNhLmNvbS9pbmZvcm1hdGlvbi10ZWNobm9sb2d5LzIwMjIvMDMvZmVkcy1leHRyYWRpdGUtcmFuc29td2FyZS1zdXNwZWN0cy1mcm9tLTItcHJvbGlmaWMtZ2FuZ3MtaW4tYS1zaW5nbGUtd2Vlay-pAj9t7cQtR6o-wAIC4AIA6gIZLzczMjYvZW4uYXJzX3RlY2huaWNhLndlYvgCgdIekAOkA5gDpAOoAwHQBJBO4AQB0gUGEPaE9IARkAYBoAYjqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAeAHD9IIBwiAYRABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=FJLf3b-w3aw&label=part2viewed&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D133%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996002676%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1646996000499&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpnCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSJAhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBImxBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BOgzuHiorYojsHcaCogajtpCwDJ7Cn5JGAAAAEAEgt-O4IDgBWKa3xb6DBGB9sgEPYXJzdGVjaG5pY2EuY29tugELNDAweDMwMF94bWzIAQXaAYEBaHR0cHM6Ly9hcnN0ZWNobmljYS5jb20vaW5mb3JtYXRpb24tdGVjaG5vbG9neS8yMDIyLzAzL2ZlZHMtZXh0cmFkaXRlLXJhbnNvbXdhcmUtc3VzcGVjdHMtZnJvbS0yLXByb2xpZmljLWdhbmdzLWluLWEtc2luZ2xlLXdlZWsvmAKwbcACAuACAOoCPC8zMzc5L2NvbmRlLmFycy9pbmxpbmUtcGxheWVyL2luZm9ybWF0aW9uLXRlY2hub2xvZ3kvYXJ0aWNsZfgCgdIekAOkA5gDpAOoAwHgBAHSBQYQvOC9shWQBgGgBiSoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4Acf0ggHCIBhEAEYXdgIAoAKBZgLAYAMAdAVAfgWAYAXAQ&sigh=Eq0EfiS-QK8&label=part2viewed&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D133%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996002676%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1646996000499&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpnCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSJAhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBImxBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BhFhZHyorYpmXIoTeowa33JXYApLQlZZFAAAAEAEgkMTBFjgBWMPVtfaCBGB9sgEPYXJzdGVjaG5pY2EuY29tugEKMzAweDUwX3htbMgBBdoBgQFodHRwczovL2Fyc3RlY2huaWNhLmNvbS9pbmZvcm1hdGlvbi10ZWNobm9sb2d5LzIwMjIvMDMvZmVkcy1leHRyYWRpdGUtcmFuc29td2FyZS1zdXNwZWN0cy1mcm9tLTItcHJvbGlmaWMtZ2FuZ3MtaW4tYS1zaW5nbGUtd2Vlay-pAj9t7cQtR6o-wAIC4AIA6gIZLzczMjYvZW4uYXJzX3RlY2huaWNhLndlYvgCgdIekAOkA5gDpAOoAwHQBJBO4AQB0gUGEPaE9IARkAYBoAYjqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAeAHD9IIBwiAYRABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=FJLf3b-w3aw&label=admute&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26tos%3D119,0,0,0,0%26mtos%3D119,119,119,119,119%26amtos%3D0,0,0,0,0%26mcvt%3D119%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D119%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D119%26pst%3D-1%26dur%3D133%26vmtime%3D-1%26dvs%3D119%26dfvs%3D119%26dvpt%3D119%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996002682%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,119&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1646996000499&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpnCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSJAhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBImxBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BOgzuHiorYojsHcaCogajtpCwDJ7Cn5JGAAAAEAEgt-O4IDgBWKa3xb6DBGB9sgEPYXJzdGVjaG5pY2EuY29tugELNDAweDMwMF94bWzIAQXaAYEBaHR0cHM6Ly9hcnN0ZWNobmljYS5jb20vaW5mb3JtYXRpb24tdGVjaG5vbG9neS8yMDIyLzAzL2ZlZHMtZXh0cmFkaXRlLXJhbnNvbXdhcmUtc3VzcGVjdHMtZnJvbS0yLXByb2xpZmljLWdhbmdzLWluLWEtc2luZ2xlLXdlZWsvmAKwbcACAuACAOoCPC8zMzc5L2NvbmRlLmFycy9pbmxpbmUtcGxheWVyL2luZm9ybWF0aW9uLXRlY2hub2xvZ3kvYXJ0aWNsZfgCgdIekAOkA5gDpAOoAwHgBAHSBQYQvOC9shWQBgGgBiSoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4Acf0ggHCIBhEAEYXdgIAoAKBZgLAYAMAdAVAfgWAYAXAQ&sigh=Eq0EfiS-QK8&label=admute&ad_mt=0&acvw=sv%3D922%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26tos%3D119,0,0,0,0%26mtos%3D119,119,119,119,119%26amtos%3D0,0,0,0,0%26mcvt%3D119%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D119%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D119%26pst%3D-1%26dur%3D133%26vmtime%3D-1%26dvs%3D119%26dfvs%3D119%26dvpt%3D119%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D5%26emuc%3D0%26emb%3D4,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996002682%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,119&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1646996000499&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpnCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSJAhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBImxBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 84BC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFKM3VqqGBVa7rsZA8YavNs3GWR0GSyVBv2VVBJv5oOaw71tUpv3jW26UmmkssysGT31FpzbsrXlUqrBqnkvf5rcYpvywi&sig=Cg0ArKJSzLcbKDR0PxO4EAE&id=lidar2&mcvt=1215&p=0,0,600,300&mtos=0,1215,1215,1215,1215&tos=0,1215,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=0.84&if=1&app=0&itpl=32&adk=1021063925&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646995996412&rpt=5095&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js
pagead2.googlesyndication.com/bg/ Frame 1836 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 06:46:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
187584
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13820
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Mar 2023 06:46:58 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=2&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=5&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995996312&de=266707774452&cu=1646995996312&m=3079&ar=359f21c1e97-clean&iw=a0cb2c4&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=1&ag=1582&an=1270&gi=1&gf=1582&gg=1270&ez=1&kw=2130&aj=1&pg=100&pf=100&ib=0&dw=1&cc=1&bw=1582&bx=1270&jz=2130&dj=1&dx=1&aa=1&ad=1155&cn=534&gn=1&gk=1155&gl=534&cp=2441&cq=0&cr=1&hj=1&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=2441&cd=2130&ah=2441&am=2130&dq=1484&dr=1173&ds=1484&dt=1173&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=40&vt=25&vd=0&zMoatSRE=0.02228125&zMoatVSD=10&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=17410&ef=1&rf=0&re=1&ft=311&fv=0&fw=311&cl=0&at=0&d=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5f90976042b5f03ec594bace&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=2003163864&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:22 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81d::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
sb.scorecardresearch.com/ Frame 8A4E 		64 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1646995993902_1&ns_st_ec=3&ns_st_sp=1&ns_st_cn=1&ns_st_ev=end&ns_st_po=4085&ns_st_cl=1582680&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_pt=4088&ns_st_pa=4088&ns_st_ci=5f90976042b5f03ec594bace&ns_ts=1646996002820&ns_st_bt=0&ns_st_bp=0&ns_st_pc=1&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&c8=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-43.ewr52.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:22 GMT
via
1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
_mlbtRvIkdwgGP2eMzRpyMl5aJRejZzBNH1AKDKaqMPVn4iDpennng==
p
sb.scorecardresearch.com/ Frame 8A4E 		64 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1646995993902_1&ns_st_ec=4&ns_st_sp=1&ns_st_sq=1&ns_st_cn=2&ns_st_ev=play&ns_st_po=0&ns_st_cl=0&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=1&ns_st_ad=1&ns_st_ci=0&ns_ts=1646996002821&ns_st_bt=0&ns_st_bp=0&ns_st_br=0&ns_st_ub=0&ns_st_ct=va&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&c8=&c9=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-43.ewr52.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:22 GMT
via
1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
C5oUGCO_S2He2rG2oo04AiN8ZeC6kTsgTEblQfxBvoVfP22ZOWOF6w==
track
capture.condenastdigital.com/ Frame 8A4E 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A22.906Z&_c=Video%20Ad&_t=Ad%20Start&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&cId=5f90976042b5f03ec594bace&cKe=war%20stories%2Cars%20war%20stories%2Cars%20technica%20war%20stories%2Cwar%20stories%20nintendo%2Cars%20technica%20nintendo%2Cars%20nintendo%2Cnintendo%20entertainment%20system%2Cnintendo%20power%2Cnintendo%20power%20magazine%2Cnintendo%201985%2Cnintendo%201986%2Cnintendo%20of%20america%2Cgail%20tilden%2Cnes%2Cn.e.s.%2Cnes%20launch%2Cnes%201985%2Cgail%20tilden%20nintendo%2Cg%20tilden%20nintendo%2Cgail%20tilden%20nintendo%20power%2Coriginal%20nes%2C8bit%20nes%2C8bit%20nintendo%2Chistory%20of%20nintendo%2Chistory%20of%20nes%2Cars%20nes%2Cars%20technica%20nes&cPd=2020-10-29T15%3A00%3A00%2B00%3A00&cTi=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=1582&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pWw=276&pWh=155.25&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=8a88dde5-85d6-4eb8-99f5-d9efef957024&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2201b4160%22%2C%22guid%22%3A%228b6d854e-a1a9-f2f2-b709-2dd5f43cd4e3%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Atrue%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%224565303926%22%2C%22adType%22%3A%22unknown%22%2C%22creativeId%22%3A%22138224167619%22%2C%22wrapperAdIds%22%3A%5B%225743013948%22%5D%2C%22wrapperAdSystems%22%3A%5B%22GDFP%22%5D%2C%22dfpLineItem%22%3A%225743013948%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A0%7D&videoViews=1&adId=4565303926
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:22 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
ibs:dpid=66757
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=68547252942253779170798061318171033219
  • https://dpm.demdex.net/ibs:dpid=66757?id=68547252942253779170798061318171033219&dpuuid=OtgMmMns
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=66757?id=68547252942253779170798061318171033219&dpuuid=OtgMmMns
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v026-065a035f3.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/cEskjbEStA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
//dpm.demdex.net/ibs:dpid=66757?id=68547252942253779170798061318171033219&dpuuid=OtgMmMns
date
Fri, 11 Mar 2022 10:53:23 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a014-ash-prod.krxd.net
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BhFhZHyorYpmXIoTeowa33JXYApLQlZZFAAAAEAEgkMTBFjgBWMPVtfaCBGB9sgEPYXJzdGVjaG5pY2EuY29tugEKMzAweDUwX3htbMgBBdoBgQFodHRwczovL2Fyc3RlY2huaWNhLmNvbS9pbmZvcm1hdGlvbi10ZWNobm9sb2d5LzIwMjIvMDMvZmVkcy1leHRyYWRpdGUtcmFuc29td2FyZS1zdXNwZWN0cy1mcm9tLTItcHJvbGlmaWMtZ2FuZ3MtaW4tYS1zaW5nbGUtd2Vlay-pAj9t7cQtR6o-wAIC4AIA6gIZLzczMjYvZW4uYXJzX3RlY2huaWNhLndlYvgCgdIekAOkA5gDpAOoAwHQBJBO4AQB0gUGEPaE9IARkAYBoAYjqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAeAHD9IIBwiAYRABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=FJLf3b-w3aw&label=videoplaytime25&ad_mt=133&acvw=sv%3D922%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26tos%3D779,0,0,0,0%26mtos%3D779,779,779,779,779%26amtos%3D0,0,0,0,0%26mcvt%3D779%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D779%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D675%26pst%3D780%26dur%3D133%26vmtime%3D133%26dvs%3D660%26dfvs%3D660%26dvpt%3D660%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D779,779,779,779,779%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D5,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483647%26psv%3D-2147483647%26psfv%3D-2147483647%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996003343%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,779&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1646996000499&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpnCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSJAhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBImxBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BOgzuHiorYojsHcaCogajtpCwDJ7Cn5JGAAAAEAEgt-O4IDgBWKa3xb6DBGB9sgEPYXJzdGVjaG5pY2EuY29tugELNDAweDMwMF94bWzIAQXaAYEBaHR0cHM6Ly9hcnN0ZWNobmljYS5jb20vaW5mb3JtYXRpb24tdGVjaG5vbG9neS8yMDIyLzAzL2ZlZHMtZXh0cmFkaXRlLXJhbnNvbXdhcmUtc3VzcGVjdHMtZnJvbS0yLXByb2xpZmljLWdhbmdzLWluLWEtc2luZ2xlLXdlZWsvmAKwbcACAuACAOoCPC8zMzc5L2NvbmRlLmFycy9pbmxpbmUtcGxheWVyL2luZm9ybWF0aW9uLXRlY2hub2xvZ3kvYXJ0aWNsZfgCgdIekAOkA5gDpAOoAwHgBAHSBQYQvOC9shWQBgGgBiSoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4Acf0ggHCIBhEAEYXdgIAoAKBZgLAYAMAdAVAfgWAYAXAQ&sigh=Eq0EfiS-QK8&label=videoplaytime25&ad_mt=133&acvw=sv%3D922%26cb%3Dima%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26tos%3D779,0,0,0,0%26mtos%3D779,779,779,779,779%26amtos%3D0,0,0,0,0%26mcvt%3D779%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D779%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D675%26pst%3D780%26dur%3D133%26vmtime%3D133%26dvs%3D660%26dfvs%3D660%26dvpt%3D660%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D779,779,779,779,779%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D5,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483647%26psv%3D-2147483647%26psfv%3D-2147483647%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996003343%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,779&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1646996000499&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpnCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSJAhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBImxBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BhFhZHyorYpmXIoTeowa33JXYApLQlZZFAAAAEAEgkMTBFjgBWMPVtfaCBGB9sgEPYXJzdGVjaG5pY2EuY29tugEKMzAweDUwX3htbMgBBdoBgQFodHRwczovL2Fyc3RlY2huaWNhLmNvbS9pbmZvcm1hdGlvbi10ZWNobm9sb2d5LzIwMjIvMDMvZmVkcy1leHRyYWRpdGUtcmFuc29td2FyZS1zdXNwZWN0cy1mcm9tLTItcHJvbGlmaWMtZ2FuZ3MtaW4tYS1zaW5nbGUtd2Vlay-pAj9t7cQtR6o-wAIC4AIA6gIZLzczMjYvZW4uYXJzX3RlY2huaWNhLndlYvgCgdIekAOkA5gDpAOoAwHQBJBO4AQB0gUGEPaE9IARkAYBoAYjqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAeAHD9IIBwiAYRABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=FJLf3b-w3aw&label=videoplaytime50&ad_mt=133&acvw=sv%3D922%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26tos%3D783,0,0,0,0%26mtos%3D783,783,783,783,783%26amtos%3D0,0,0,0,0%26mcvt%3D783%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D783%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D679%26pst%3D780%26dur%3D133%26vmtime%3D133%26dvs%3D4%26dfvs%3D4%26dvpt%3D4%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D4882%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4,4,4,4,4%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D5,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483647%26psv%3D-2147483647%26psfv%3D-2147483647%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996003363%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,783&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1646996000499&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpnCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSJAhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBImxBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BOgzuHiorYojsHcaCogajtpCwDJ7Cn5JGAAAAEAEgt-O4IDgBWKa3xb6DBGB9sgEPYXJzdGVjaG5pY2EuY29tugELNDAweDMwMF94bWzIAQXaAYEBaHR0cHM6Ly9hcnN0ZWNobmljYS5jb20vaW5mb3JtYXRpb24tdGVjaG5vbG9neS8yMDIyLzAzL2ZlZHMtZXh0cmFkaXRlLXJhbnNvbXdhcmUtc3VzcGVjdHMtZnJvbS0yLXByb2xpZmljLWdhbmdzLWluLWEtc2luZ2xlLXdlZWsvmAKwbcACAuACAOoCPC8zMzc5L2NvbmRlLmFycy9pbmxpbmUtcGxheWVyL2luZm9ybWF0aW9uLXRlY2hub2xvZ3kvYXJ0aWNsZfgCgdIekAOkA5gDpAOoAwHgBAHSBQYQvOC9shWQBgGgBiSoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4Acf0ggHCIBhEAEYXdgIAoAKBZgLAYAMAdAVAfgWAYAXAQ&sigh=Eq0EfiS-QK8&label=videoplaytime50&ad_mt=133&acvw=sv%3D922%26cb%3Dima%26e%3D2%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26tos%3D783,0,0,0,0%26mtos%3D783,783,783,783,783%26amtos%3D0,0,0,0,0%26mcvt%3D783%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D783%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D679%26pst%3D780%26dur%3D133%26vmtime%3D133%26dvs%3D4%26dfvs%3D4%26dvpt%3D4%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26ic%3D512%26cs%3D4882%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D4,4,4,4,4%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D5,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483647%26psv%3D-2147483647%26psfv%3D-2147483647%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996003363%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,783&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1646996000499&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpnCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSJAhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBImxBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BhFhZHyorYpmXIoTeowa33JXYApLQlZZFAAAAEAEgkMTBFjgBWMPVtfaCBGB9sgEPYXJzdGVjaG5pY2EuY29tugEKMzAweDUwX3htbMgBBdoBgQFodHRwczovL2Fyc3RlY2huaWNhLmNvbS9pbmZvcm1hdGlvbi10ZWNobm9sb2d5LzIwMjIvMDMvZmVkcy1leHRyYWRpdGUtcmFuc29td2FyZS1zdXNwZWN0cy1mcm9tLTItcHJvbGlmaWMtZ2FuZ3MtaW4tYS1zaW5nbGUtd2Vlay-pAj9t7cQtR6o-wAIC4AIA6gIZLzczMjYvZW4uYXJzX3RlY2huaWNhLndlYvgCgdIekAOkA5gDpAOoAwHQBJBO4AQB0gUGEPaE9IARkAYBoAYjqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAeAHD9IIBwiAYRABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=FJLf3b-w3aw&label=videoplaytime75&ad_mt=133&acvw=sv%3D922%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26tos%3D803,0,0,0,0%26mtos%3D803,803,803,803,803%26amtos%3D0,0,0,0,0%26mcvt%3D803%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D803%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D699%26pst%3D780%26dur%3D133%26vmtime%3D133%26dvs%3D20%26dfvs%3D20%26dvpt%3D20%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D4882%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D20,20,20,20,20%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D5,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483647%26psv%3D-2147483647%26psfv%3D-2147483647%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996003373%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,803&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1646996000499&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpnCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSJAhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBImxBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BOgzuHiorYojsHcaCogajtpCwDJ7Cn5JGAAAAEAEgt-O4IDgBWKa3xb6DBGB9sgEPYXJzdGVjaG5pY2EuY29tugELNDAweDMwMF94bWzIAQXaAYEBaHR0cHM6Ly9hcnN0ZWNobmljYS5jb20vaW5mb3JtYXRpb24tdGVjaG5vbG9neS8yMDIyLzAzL2ZlZHMtZXh0cmFkaXRlLXJhbnNvbXdhcmUtc3VzcGVjdHMtZnJvbS0yLXByb2xpZmljLWdhbmdzLWluLWEtc2luZ2xlLXdlZWsvmAKwbcACAuACAOoCPC8zMzc5L2NvbmRlLmFycy9pbmxpbmUtcGxheWVyL2luZm9ybWF0aW9uLXRlY2hub2xvZ3kvYXJ0aWNsZfgCgdIekAOkA5gDpAOoAwHgBAHSBQYQvOC9shWQBgGgBiSoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4Acf0ggHCIBhEAEYXdgIAoAKBZgLAYAMAdAVAfgWAYAXAQ&sigh=Eq0EfiS-QK8&label=videoplaytime75&ad_mt=133&acvw=sv%3D922%26cb%3Dima%26e%3D3%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26tos%3D803,0,0,0,0%26mtos%3D803,803,803,803,803%26amtos%3D0,0,0,0,0%26mcvt%3D803%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D803%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D699%26pst%3D780%26dur%3D133%26vmtime%3D133%26dvs%3D20%26dfvs%3D20%26dvpt%3D20%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D4882%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D20,20,20,20,20%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D5,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483647%26psv%3D-2147483647%26psfv%3D-2147483647%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996003373%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,803&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1646996000499&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpnCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSJAhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBImxBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=6&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995996312&de=266707774452&cu=1646995996312&m=4110&ar=359f21c1e97-clean&iw=a0cb2c4&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=1&ag=1582&an=1582&gi=1&gf=1582&gg=1582&ez=1&ck=1582&kw=2130&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&cc=1&bw=1582&bx=1582&ci=1582&jz=2130&dj=1&dx=1&undefined=1&aa=1&ad=1582&cn=1155&gn=1&gk=1582&gl=1155&co=1582&cp=2441&cq=0&cr=1&ew=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3062&cd=2441&ah=3062&am=2441&dq=1582&dr=1484&ds=1582&dt=1484&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=25&vt=25&vd=0&zMoatSRE=0.02228125&zMoatVSD=10&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=17410&ef=1&rf=0&re=1&ft=1344&fv=311&fw=311&cl=0&at=0&d=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5f90976042b5f03ec594bace&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=2106711539&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:23 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:23 GMT
ibs:dpid=121998&dpuuid=605c1349d50ebc618e582106d51c2c66
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=68547252942253779170798061318171033219?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
  • https://dpm.demdex.net/ibs:dpid=121998&dpuuid=605c1349d50ebc618e582106d51c2c66
42 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=605c1349d50ebc618e582106d51c2c66
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v026-056d604a4.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
IX0IF5yiRy4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:23 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=605c1349d50ebc618e582106d51c2c66
cache-control
no-cache
x-server
10.40.36.135
content-length
0
expires
0
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BhFhZHyorYpmXIoTeowa33JXYApLQlZZFAAAAEAEgkMTBFjgBWMPVtfaCBGB9sgEPYXJzdGVjaG5pY2EuY29tugEKMzAweDUwX3htbMgBBdoBgQFodHRwczovL2Fyc3RlY2huaWNhLmNvbS9pbmZvcm1hdGlvbi10ZWNobm9sb2d5LzIwMjIvMDMvZmVkcy1leHRyYWRpdGUtcmFuc29td2FyZS1zdXNwZWN0cy1mcm9tLTItcHJvbGlmaWMtZ2FuZ3MtaW4tYS1zaW5nbGUtd2Vlay-pAj9t7cQtR6o-wAIC4AIA6gIZLzczMjYvZW4uYXJzX3RlY2huaWNhLndlYvgCgdIekAOkA5gDpAOoAwHQBJBO4AQB0gUGEPaE9IARkAYBoAYjqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHAeAHD9IIBwiAYRABGB3YCAKACgWYCwHQFQH4FgGAFwE&sigh=FJLf3b-w3aw&label=videoplaytime100&ad_mt=133&acvw=sv%3D922%26cb%3Dima%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26p0%3D637,1122,792,1398%26p1%3D637,1122,792,1398%26p2%3D637,1122,792,1398%26p3%3D637,1122,792,1398%26tos%3D871,0,0,0,0%26mtos%3D871,871,871,871,871%26amtos%3D0,0,0,0,0%26mtos1%3D779,0,0%26mtos2%3D4,0,0%26mtos3%3D20,0,0%26mcvt%3D871%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D871%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D767%26pst%3D780%26dur%3D133%26vmtime%3D133%26dvs%3D68%26dfvs%3D68%26dvpt%3D68%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D4882%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D68,68,68,68,68%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D5,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483647%26psv%3D-2147483647%26psfv%3D-2147483647%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996003434%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,871%26ss0%3D0.02%26ss1%3D0.02%26ss2%3D0.02%26ss3%3D0.02&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1646996000499&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpnCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSJAhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBImxBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
pubads.g.doubleclick.net/pagead/interaction/ Frame B849 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/interaction/?ai=BOgzuHiorYojsHcaCogajtpCwDJ7Cn5JGAAAAEAEgt-O4IDgBWKa3xb6DBGB9sgEPYXJzdGVjaG5pY2EuY29tugELNDAweDMwMF94bWzIAQXaAYEBaHR0cHM6Ly9hcnN0ZWNobmljYS5jb20vaW5mb3JtYXRpb24tdGVjaG5vbG9neS8yMDIyLzAzL2ZlZHMtZXh0cmFkaXRlLXJhbnNvbXdhcmUtc3VzcGVjdHMtZnJvbS0yLXByb2xpZmljLWdhbmdzLWluLWEtc2luZ2xlLXdlZWsvmAKwbcACAuACAOoCPC8zMzc5L2NvbmRlLmFycy9pbmxpbmUtcGxheWVyL2luZm9ybWF0aW9uLXRlY2hub2xvZ3kvYXJ0aWNsZfgCgdIekAOkA5gDpAOoAwHgBAHSBQYQvOC9shWQBgGgBiSoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA4Acf0ggHCIBhEAEYXdgIAoAKBZgLAYAMAdAVAfgWAYAXAQ&sigh=Eq0EfiS-QK8&label=videoplaytime100&ad_mt=133&acvw=sv%3D922%26cb%3Dima%26e%3D4%26nas%3D1%26sdk%3Dh%26p%3D637,1122,792,1398%26p0%3D637,1122,792,1398%26p1%3D637,1122,792,1398%26p2%3D637,1122,792,1398%26p3%3D637,1122,792,1398%26tos%3D871,0,0,0,0%26mtos%3D871,871,871,871,871%26amtos%3D0,0,0,0,0%26mtos1%3D779,0,0%26mtos2%3D4,0,0%26mtos3%3D20,0,0%26mcvt%3D871%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26a1%3D0%26a2%3D0%26a3%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D871%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D767%26pst%3D780%26dur%3D133%26vmtime%3D133%26dvs%3D68%26dfvs%3D68%26dvpt%3D68%26is%3D275%26i0%3D275%26i1%3D275%26i2%3D275%26i3%3D275%26ic%3D0%26cs%3D4882%26c%3D1%26c0%3D1%26c1%3D1%26c2%3D1%26c3%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D68,68,68,68,68%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D10001%26femvt%3D0%26emc%3D6%26emuc%3D0%26emb%3D5,0,0,0,0%26avms%3Dexc%26qi%3D398397293%26psm%3D-2147483647%26psv%3D-2147483647%26psfv%3D-2147483647%26psa%3D0%26pnmm%3D1646995986267%26ptlt%3D1646996003434%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,871%26ss0%3D0.02%26ss1%3D0.02%26ss2%3D0.02%26ss3%3D0.02&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.02%26t%3D1646996000499&sdkv=h.3.503.0&vci=CkEIAhIYcHViYWRzLmcuZG91YmxlY2xpY2submV0GgRHREZQIAQqCjU3NDMwMTM5NDgyDDEzODM3NTQyMDgzOEDrAgpnCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoER0RGUCAEKgo0NTY1MzAzOTI2MgwxMzgyMjQxNjc2MTlAtwdSJAhREA8lAAAAACgBOgwxMzgyMjQxNjc2MTlCBEdERlBImxBQABgB
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:23 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
capture.condenastdigital.com/ Frame 8A4E 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A23.456Z&_c=Video%20Ad&_t=Ad%201st%20Quartile&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&cId=5f90976042b5f03ec594bace&cKe=war%20stories%2Cars%20war%20stories%2Cars%20technica%20war%20stories%2Cwar%20stories%20nintendo%2Cars%20technica%20nintendo%2Cars%20nintendo%2Cnintendo%20entertainment%20system%2Cnintendo%20power%2Cnintendo%20power%20magazine%2Cnintendo%201985%2Cnintendo%201986%2Cnintendo%20of%20america%2Cgail%20tilden%2Cnes%2Cn.e.s.%2Cnes%20launch%2Cnes%201985%2Cgail%20tilden%20nintendo%2Cg%20tilden%20nintendo%2Cgail%20tilden%20nintendo%20power%2Coriginal%20nes%2C8bit%20nes%2C8bit%20nintendo%2Chistory%20of%20nintendo%2Chistory%20of%20nes%2Cars%20nes%2Cars%20technica%20nes&cPd=2020-10-29T15%3A00%3A00%2B00%3A00&cTi=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=1582&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pWw=276&pWh=155.25&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=8a88dde5-85d6-4eb8-99f5-d9efef957024&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2201b4160%22%2C%22guid%22%3A%228b6d854e-a1a9-f2f2-b709-2dd5f43cd4e3%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Atrue%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%224565303926%22%2C%22adType%22%3A%22unknown%22%2C%22creativeId%22%3A%22138224167619%22%2C%22wrapperAdIds%22%3A%5B%225743013948%22%5D%2C%22wrapperAdSystems%22%3A%5B%22GDFP%22%5D%2C%22dfpLineItem%22%3A%225743013948%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A0%7D&videoViews=1&adId=4565303926
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:23 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ Frame 8A4E 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A23.486Z&_c=Video%20Ad&_t=Ad%202nd%20Quartile&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&cId=5f90976042b5f03ec594bace&cKe=war%20stories%2Cars%20war%20stories%2Cars%20technica%20war%20stories%2Cwar%20stories%20nintendo%2Cars%20technica%20nintendo%2Cars%20nintendo%2Cnintendo%20entertainment%20system%2Cnintendo%20power%2Cnintendo%20power%20magazine%2Cnintendo%201985%2Cnintendo%201986%2Cnintendo%20of%20america%2Cgail%20tilden%2Cnes%2Cn.e.s.%2Cnes%20launch%2Cnes%201985%2Cgail%20tilden%20nintendo%2Cg%20tilden%20nintendo%2Cgail%20tilden%20nintendo%20power%2Coriginal%20nes%2C8bit%20nes%2C8bit%20nintendo%2Chistory%20of%20nintendo%2Chistory%20of%20nes%2Cars%20nes%2Cars%20technica%20nes&cPd=2020-10-29T15%3A00%3A00%2B00%3A00&cTi=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=1582&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pWw=276&pWh=155.25&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=8a88dde5-85d6-4eb8-99f5-d9efef957024&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2201b4160%22%2C%22guid%22%3A%228b6d854e-a1a9-f2f2-b709-2dd5f43cd4e3%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Atrue%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%224565303926%22%2C%22adType%22%3A%22unknown%22%2C%22creativeId%22%3A%22138224167619%22%2C%22wrapperAdIds%22%3A%5B%225743013948%22%5D%2C%22wrapperAdSystems%22%3A%5B%22GDFP%22%5D%2C%22dfpLineItem%22%3A%225743013948%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A0%7D&videoViews=1&adId=4565303926
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:23 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ Frame 8A4E 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A23.515Z&_c=Video%20Ad&_t=Ad%203rd%20Quartile&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&cId=5f90976042b5f03ec594bace&cKe=war%20stories%2Cars%20war%20stories%2Cars%20technica%20war%20stories%2Cwar%20stories%20nintendo%2Cars%20technica%20nintendo%2Cars%20nintendo%2Cnintendo%20entertainment%20system%2Cnintendo%20power%2Cnintendo%20power%20magazine%2Cnintendo%201985%2Cnintendo%201986%2Cnintendo%20of%20america%2Cgail%20tilden%2Cnes%2Cn.e.s.%2Cnes%20launch%2Cnes%201985%2Cgail%20tilden%20nintendo%2Cg%20tilden%20nintendo%2Cgail%20tilden%20nintendo%20power%2Coriginal%20nes%2C8bit%20nes%2C8bit%20nintendo%2Chistory%20of%20nintendo%2Chistory%20of%20nes%2Cars%20nes%2Cars%20technica%20nes&cPd=2020-10-29T15%3A00%3A00%2B00%3A00&cTi=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=1582&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pWw=276&pWh=155.25&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=8a88dde5-85d6-4eb8-99f5-d9efef957024&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2201b4160%22%2C%22guid%22%3A%228b6d854e-a1a9-f2f2-b709-2dd5f43cd4e3%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Atrue%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%224565303926%22%2C%22adType%22%3A%22unknown%22%2C%22creativeId%22%3A%22138224167619%22%2C%22wrapperAdIds%22%3A%5B%225743013948%22%5D%2C%22wrapperAdSystems%22%3A%5B%22GDFP%22%5D%2C%22dfpLineItem%22%3A%225743013948%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A0%7D&videoViews=1&adId=4565303926
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:23 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
track
capture.condenastdigital.com/ Frame 8A4E 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_o=cne&_ts=2022-03-11T10%3A53%3A23.617Z&_c=Video%20Ad&_t=Ad%20Complete&app=playerservice&cBr=arstechnica&cCh=videos%2Fshow&cCu=https%3A%2F%2Fwww.arstechnica.com%2Fvideo%2Fwatch%2Fwar-stories-how-the-nes-conquered-a-skeptical-america-in-1985&cId=5f90976042b5f03ec594bace&cKe=war%20stories%2Cars%20war%20stories%2Cars%20technica%20war%20stories%2Cwar%20stories%20nintendo%2Cars%20technica%20nintendo%2Cars%20nintendo%2Cnintendo%20entertainment%20system%2Cnintendo%20power%2Cnintendo%20power%20magazine%2Cnintendo%201985%2Cnintendo%201986%2Cnintendo%20of%20america%2Cgail%20tilden%2Cnes%2Cn.e.s.%2Cnes%20launch%2Cnes%201985%2Cgail%20tilden%20nintendo%2Cg%20tilden%20nintendo%2Cgail%20tilden%20nintendo%20power%2Coriginal%20nes%2C8bit%20nes%2C8bit%20nintendo%2Chistory%20of%20nintendo%2Chistory%20of%20nes%2Cars%20nes%2Cars%20technica%20nes&cPd=2020-10-29T15%3A00%3A00%2B00%3A00&cTi=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&cTy=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&mDu=1582&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&pWw=276&pWh=155.25&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&uId=0884e157-1f7d-4567-95c8-d99c9013a3c8&xid=8a88dde5-85d6-4eb8-99f5-d9efef957024&dim1=%7B%22contentStartType%22%3A%22autoplay%22%2C%22doNotTrackSetting%22%3Anull%2C%22environment%22%3A%22oo%22%2C%22gitBranch%22%3A%22master%22%2C%22gitSha%22%3A%2201b4160%22%2C%22guid%22%3A%228b6d854e-a1a9-f2f2-b709-2dd5f43cd4e3%22%2C%22isMobile%22%3Afalse%2C%22isVerso%22%3Afalse%2C%22initialPlayerStartType%22%3A%22autoplay%22%2C%22playerDepth%22%3A481.5%2C%22playerType%22%3A%22interlude%22%2C%22playsOnPage%22%3A0%2C%22prerollPlayed%22%3Atrue%2C%22recAlgorithm%22%3A%22recommendations_cne-interlude-arstechnica_eb3ae99e-1903-4f11-8101-34de05e724a0_similar2-3_fallback_cral-top2-2%22%2C%22recStrategy%22%3A%22cral_top2_2%22%2C%22sticky%22%3Afalse%2C%22stickyPosition%22%3A%22%22%2C%22isRightRail%22%3Afalse%2C%22tabStatus%22%3A%22active%22%2C%22videoViews%22%3A1%2C%22viewportStatus%22%3A%22FULLY_IN_VIEWPORT%22%7D&dim2=%7B%22adBlocked%22%3Afalse%2C%22adId%22%3A%224565303926%22%2C%22adType%22%3A%22unknown%22%2C%22creativeId%22%3A%22138224167619%22%2C%22wrapperAdIds%22%3A%5B%225743013948%22%5D%2C%22wrapperAdSystems%22%3A%5B%22GDFP%22%5D%2C%22dfpLineItem%22%3A%225743013948%22%2C%22publicaEnabled%22%3Afalse%2C%22podIndex%22%3A0%7D&videoViews=1&adId=4565303926
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:23 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
u
dmp.v.fwmrm.net/ad/ Frame 83DF 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f16:e61:3f01:a4e3:c039:b71b:e458 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:23 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=3&hp=1&wf=1&ra=2&pxm=3&vz=-&zp=0&sgs=2&vb=7&kq=1&lo=0&tr=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDEVIDEOCONTENT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=7&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995996312&de=266707774452&cu=1646995996312&m=4111&ar=359f21c1e97-clean&iw=a0cb2c4&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=1&ag=1582&an=1582&gi=1&gf=1582&gg=1582&ez=1&ck=1582&kw=2130&aj=1&pg=100&pf=100&ib=0&dw=1&ka=1&cc=1&bw=1582&bx=1582&ci=1582&jz=2130&dj=1&dx=1&undefined=1&aa=1&ad=1582&cn=1582&gn=1&gk=1582&gl=1582&co=1582&cp=2441&cq=0&cr=1&ew=1&hj=1&pv=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3062&cd=3062&ah=3062&am=3062&dq=1582&dr=1582&ds=1582&dt=1582&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=1&vl=25&vt=25&vd=0&zMoatSRE=0.02228125&zMoatVSD=10&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=17410&ef=1&rf=0&re=1&ft=1344&fv=1344&fw=311&cl=0&at=0&d=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985%3A%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle%3Aundefined%3Aundefined&gw=condenastjsvideocontent160527792519&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=N%2FA&zMoatDomain=arstechnica.com&zMoatSubdomain=arstechnica.com&zMoatVideoId=5f90976042b5f03ec594bace&zMoatAP=true&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=192439007&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:23 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:23 GMT
f888e2cc-72c4-4e8d-abbf-db2c8eebbfa9cc.vtt
dp8hsntg6do36.cloudfront.net/5f90976042b5f03ec594bace/ Frame 8A4E 		40 KB
41 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dp8hsntg6do36.cloudfront.net/5f90976042b5f03ec594bace/f888e2cc-72c4-4e8d-abbf-db2c8eebbfa9cc.vtt
Requested by
Host: d2c8v52ll5s99u.cloudfront.net
URL: https://d2c8v52ll5s99u.cloudfront.net/player/main-994d707c54e6acf457a1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.99 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-99.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b7e089a22bf0a1054f2eb57f4d54c7d6db7f5b58c45c019f69f8ec8ee5c26d29

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:18 GMT
Via
1.1 3c6fb804e042beb7f78515bd450ae3a2.cloudfront.net (CloudFront)
Vary
Origin
Age
6
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
40886
Last-Modified
Thu, 22 Oct 2020 01:05:27 GMT
Server
AmazonS3
ETag
"6cf36869794ecdb13f1e8797c90fe8ca"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET, HEAD
Content-Type
text/vtt; charset=utf-8
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
EWR52-C3
Accept-Ranges
bytes
X-Amz-Cf-Id
43JW1FtEJ-wS5WYwS0k0EcR6o5-gyFMb3G8qd8h_Ek-JiY9ETIbUXg==
p
sb.scorecardresearch.com/ Frame 8A4E 		64 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1646995993902_1&ns_st_ec=5&ns_st_sp=1&ns_st_cn=2&ns_st_ev=end&ns_st_po=912&ns_st_cl=0&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=1&ns_st_pt=911&ns_st_pa=4999&ns_st_ad=1&ns_st_ci=0&ns_ts=1646996003732&ns_st_bt=0&ns_st_bp=0&ns_st_pc=0&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_ct=va&c3=*null&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&c8=&c9=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-43.ewr52.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:23 GMT
via
1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
bGYG_DxZPKy0SEZarJUu3RZkxkzeTJRoQWPvEZCsgmfs608OXm79UA==
p
sb.scorecardresearch.com/ Frame 8A4E 		64 B
441 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1646995993902_1&ns_st_ec=6&ns_st_sp=1&ns_st_sq=1&ns_st_cn=3&ns_st_ev=play&ns_st_po=0&ns_st_cl=1582680&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_ci=5f90976042b5f03ec594bace&ns_ts=1646996003732&ns_st_bt=0&ns_st_bp=0&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&c8=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-43.ewr52.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:23 GMT
via
1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
qchpTxt1ktENkpIOA5fQKFFu0eCwQJWuMBpqhv4RGRaDDNfU-gkpGg==
pixel
cm.g.doubleclick.net/ Frame 83DF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlzcUVBQUFBQnlIT0FRcg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlzcUVBQUFBQnlIT0FRcg==
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Server
142.251.40.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s38-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646996004.014909,VS0,VE0
x-served-by
cache-yul12822-YUL
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WWlzcUVBQUFBQnlIT0FRcg==
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CONDENASTINLINEINT1&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=8&f=0&j=&t=1646995999010&de=791285268938&m=0&ar=359f21c1e97-clean&iw=9d39110&q=12&cb=0&ym=0&cu=1646995999010&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=-%3A-%3A5743013948%3A138375420838&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&dfp=0%2C1&la=5743013948&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&gw=condenastinlineint626489506216&fd=1&ac=1&it=500&ti=0&ih=1&pe=1%3A1145%3A1145%3A0%3A1743&fs=197273&na=298611378&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:24 GMT
tap.php
pixel.rubiconproject.com/ Frame 83DF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YisqEAAAAByHOAQr&expires=90
42 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YisqEAAAAByHOAQr&expires=90
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
ace9692b4e77bdf741ff63add80edaca
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646996004.205910,VS0,VE0
x-served-by
cache-yul12822-YUL
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YisqEAAAAByHOAQr&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=0&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995999010&de=791285268938&cu=1646995999010&m=3798&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=0&ag=69&an=0&gf=69&gg=0&ez=1&aj=0&pg=100&pf=0&ib=0&cc=0&bw=69&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3711&cd=0&ah=3711&am=0&dq=137&dr=0&ds=137&dt=0&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5743013948%3A138375420838&dfp=0%2C1&la=5743013948&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&wx=GDFP&wy=5743013948&wz=138375420838&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=2135842679&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:24 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=0&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=1&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995999010&de=791285268938&cu=1646995999010&m=3803&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=0&ag=69&an=69&gf=69&gg=69&ez=1&aj=0&pg=100&pf=100&ib=0&cc=0&bw=69&bx=69&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&cq=0&hj=0&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=3711&cd=3711&ah=3711&am=3711&dq=137&dr=137&ds=137&dt=137&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&vm=0&vl=0&vt=0&vd=0&zMoatSRE=0&zMoatVSD=0&hc=0&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ef=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5743013948%3A138375420838&dfp=0%2C1&la=5743013948&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1835531903&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:24 GMT
rum
dsum-sec.casalemedia.com/ Frame 83DF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YisqEAAAAByHOAQr
43 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YisqEAAAAByHOAQr
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
23.52.162.21 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-162-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:24 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 11 Mar 2022 10:53:24 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646996004.419687,VS0,VE0
x-served-by
cache-yul12822-YUL
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YisqEAAAAByHOAQr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=1&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=2&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995999010&de=791285268938&cu=1646995999010&m=4451&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=0&ag=501&an=69&gf=501&gg=69&ez=1&aj=0&pg=100&pf=100&ib=0&cc=0&bw=501&bx=69&dj=0&aa=0&ad=216&cn=0&gk=216&gl=0&cq=0&hj=1&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4143&cd=3711&ah=4143&am=3711&dq=569&dr=137&ds=569&dt=137&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&hf=1&hi=1&hm=1&vm=1&vl=0&vt=46&vd=0&zMoatSRE=0.02228125&zMoatVSD=1.728&dh=133&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=22469&ef=1&eg=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5743013948%3A138375420838&dfp=0%2C1&la=5743013948&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=951228444&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:24 GMT
setuid
ib.adnxs.com/ Frame 83DF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YisqEAAAAByHOAQr
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YisqEAAAAByHOAQr
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
68.67.161.212 Brooklyn, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
801.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:24 GMT
X-Proxy-Origin
149.56.153.179; 149.56.153.179; 801.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid
2d811664-0115-4a8e-90c8-30e4719a449f
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646996005.597288,VS0,VE0
x-served-by
cache-yul12822-YUL
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YisqEAAAAByHOAQr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=3&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995999010&de=791285268938&cu=1646995999010&m=4463&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=0&ag=501&an=501&gf=501&gg=501&ez=1&aj=0&pg=100&pf=100&ib=0&cc=0&bw=501&bx=501&dj=0&aa=0&ad=216&cn=216&gk=216&gl=216&cq=0&hj=1&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4143&cd=4143&ah=4143&am=4143&dq=569&dr=569&ds=569&dt=569&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&hf=1&hi=1&hm=1&vm=1&vl=46&vt=46&vd=0&zMoatSRE=0.02228125&zMoatVSD=1.728&dh=133&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=22469&ef=1&eg=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5743013948%3A138375420838&dfp=0%2C1&la=5743013948&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=669946012&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:24 GMT
sd
us-u.openx.net/w/1.0/ Frame 83DF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YisqEAAAAByHOAQr
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YisqEAAAAByHOAQr
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:24 GMT
via
1.1 google
server
OXGW/17.2.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646996005.808815,VS0,VE0
x-served-by
cache-yul12822-YUL
x-cache
HIT
location
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YisqEAAAAByHOAQr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EBB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B42V3FyorYs-tCMS2MIa4mZABAAAAADgB4AQC&bg=!ICOlI2fNAAb7UztL-1M7ACkAdvg8WpIf81MoB9EF6_Sf_Le7Fp1cO7u7PyFgjBFiNbitR3KSxg4B9QIAAA7dUgAAAAZoAQeZAyWP0LwVHgMUtGJ_UF1U9_sQEkb0BKMXQ1jk5KMUUe3zgh_2CPBaJ-1GcgyNmdObYeIKjSRLP9MaDO0t1WN91bW-7nshQLvoBSf7YxvpIMFBatq86NsuzFaThEiXFt9MDF2RFGX0uZo1dRyaocKU32lPsC0UzmRI3_yFeVnclddG49ZT_u7TkybMC6FRRmOeYJFmETKc-DQ9Xm8TYA0ZocFKQ1ZxGAY5B_Ed0XMxkvHAY_Y5NxXO1x_0y6vCT9lPBKk0qZA-2O1c5WNrB4WRCBedgP6dhLr-Bn-aozEJSx5WjxvziaHoq0LYsXKIlb80Vh3uDNwG4Jt-UOz3ANnr1Z6z9rAvf5AL5H1UVGTVsdV7nQz33YCWn5dYm2fZg4lqz0GsJLOTdlX3-Ke8aoO0Hf3xhZTIisuUimvi0REuVl-fU5OzF7FKcZHUQCFzZB_ar8_PjEp6k2yctjqU33ZV6FoU9Mwz5KFWT9WmqKSYWwBh0GOdPL3m0cc3UZzX-aFS5biuYL1hBdsEB83jr6MlZe0wZw30ITaxXQbAPyCGS_y8k9uvOMiAhH70FAnCCfg4_90VW2h1icXzMcK_H75od3HnJoXsIjST15B2E46-MsY2YufMCSlimaiZjS-XSk8Drm4w7jzN4AfT7pHSuZksDUhs2jGZe6qVOo6Fy7dztg33cVOf1n3yoMY06BV9IR2aGzHbxXyMeHGbC4xeYpCBsm0BSQCGF6TiDqGvWy957iAg1aOZNZa-HZ5hRZcFCLD8JKlDRfHbjYTtMksi4iXPA2fEoAbmrjdCuAYs3RBFI7_OXRRgOy0_n0UwMekqlJXimlBrX78loLG_UW57oOEuJJEOQlstWJcygXOcxFDy4V5IrC-nLh8TN-Q1RJLzpRGOSY_DoRFah3LoDXnrUzqzpiXgZjEWoD9c3D6pEs_O3lTGlw9iGAGXw4x0Pwgp71Z8nrhabEMWdx6gniJ9LclbYofa3xVGeLv-bESrgQ1GzvJkxd0-5kSYTlaIWlFdXliXCsy2H1d6QDCai0nZUBRpZz7TB6W6LBfvIcmBbwDZ1QkmvOtLAyrm
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=2&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=4&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995999010&de=791285268938&cu=1646995999010&m=4478&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=0&ag=501&an=501&gf=501&gg=501&ez=1&aj=0&pg=100&pf=100&ib=0&cc=0&bw=501&bx=501&dj=0&aa=0&ad=216&cn=216&gk=216&gl=216&cq=0&hj=1&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4143&cd=4143&ah=4143&am=4143&dq=569&dr=569&ds=569&dt=569&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&hf=1&hi=1&hm=1&vm=1&vl=46&vt=46&vd=0&zMoatSRE=0.02228125&zMoatVSD=1.728&dh=133&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=22469&ef=1&eg=1&eh=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5743013948%3A138375420838&dfp=0%2C1&la=5743013948&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=146190832&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:24 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 83DF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YisqEAAAAByHOAQr
1 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YisqEAAAAByHOAQr
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Server
104.36.115.109 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:24 GMT
cache-control
no-store, no-cache, private
x-lat
njrpug014:0:730
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:24 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646996005.936327,VS0,VE0
x-served-by
cache-yul12822-YUL
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YisqEAAAAByHOAQr
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=3&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=5&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995999010&de=791285268938&cu=1646995999010&m=4508&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=0&ag=501&an=501&gf=501&gg=501&ez=1&aj=0&pg=100&pf=100&ib=0&cc=0&bw=501&bx=501&dj=0&aa=0&ad=216&cn=216&gk=216&gl=216&cq=0&hj=1&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4143&cd=4143&ah=4143&am=4143&dq=569&dr=569&ds=569&dt=569&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&hf=1&hi=1&hm=1&vm=1&vl=46&vt=46&vd=0&zMoatSRE=0.02228125&zMoatVSD=1.728&dh=133&hc=1&er=0&es=0&gs=0&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=22469&ef=1&eg=1&eh=1&ei=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5743013948%3A138375420838&dfp=0%2C1&la=5743013948&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1062273356&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:24 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:24 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=6&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995999010&de=791285268938&cu=1646995999010&m=4599&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=0&ag=133&an=133&gf=133&gg=133&ez=1&aj=0&pg=100&pf=100&ib=0&cc=0&bw=133&bx=133&dj=0&aa=0&ad=133&cn=133&gk=133&gl=133&cq=0&hj=1&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4143&cd=4143&ah=4143&am=4143&dq=569&dr=569&ds=569&dt=569&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&hf=1&hi=1&hm=1&vm=1&vl=46&vt=12&vd=0&zMoatSRE=0.02228125&zMoatVSD=1.728&dh=133&hc=1&er=0&es=0&gs=-368&gt=0&eu=0&ev=0&et=1&dz=1&eb=1&ec=22469&ef=1&eg=1&eh=1&ei=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5743013948%3A138375420838&dfp=0%2C1&la=5743013948&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=1562049653&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:25 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:25 GMT
partner
sync.search.spotxchange.com/ Frame 83DF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YisqEAAAAByHOAQr&img=1
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YisqEAAAAByHOAQr&img=1
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
192.35.249.120 Ashburn, United States, ASN11742 (SPOTX-IAD, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Fri, 11 Mar 2022 10:53:25 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
170
Connection
keep-alive
Content-Length
43

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646996005.070978,VS0,VE0
x-served-by
cache-yul12822-YUL
x-cache
HIT
location
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YisqEAAAAByHOAQr&img=1
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=7&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995999010&de=791285268938&cu=1646995999010&m=4601&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=0&ag=133&an=133&gf=133&gg=133&ez=1&aj=0&pg=100&pf=100&ib=0&cc=0&bw=133&bx=133&dj=0&aa=0&ad=133&cn=133&gk=133&gl=133&cq=0&hj=1&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4524&cd=4143&ah=4524&am=4143&dq=133&dr=133&ds=133&dt=133&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&hf=1&hi=1&hm=1&vm=1&vl=12&vt=12&vd=0&zMoatSRE=0.02228125&zMoatVSD=1.728&dh=133&hc=1&er=0&es=0&gs=-368&gt=-368&eu=0&ev=0&et=1&dz=1&eb=1&ec=22469&ef=1&eg=1&eh=1&ei=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5743013948%3A138375420838&dfp=0%2C1&la=5743013948&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=151021594&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:25 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:25 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=29&q=4&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=8&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995999010&de=791285268938&cu=1646995999010&m=4610&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=0&ag=133&an=133&gf=133&gg=133&ez=1&aj=0&pg=100&pf=100&ib=0&cc=0&bw=133&bx=133&dj=0&aa=0&ad=133&cn=133&gk=133&gl=133&cq=0&hj=1&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4524&cd=4524&ah=4524&am=4524&dq=133&dr=133&ds=133&dt=133&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&hf=1&hi=1&hm=1&vm=1&vl=12&vt=12&vd=0&zMoatSRE=0.02228125&zMoatVSD=1.728&dh=133&hc=1&er=0&es=0&gs=-368&gt=-368&eu=0&ev=0&et=1&dz=1&eb=1&ec=22469&ef=1&eg=1&eh=1&ei=1&ej=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5743013948%3A138375420838&dfp=0%2C1&la=5743013948&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=559201005&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:25 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:25 GMT
b.php
www.facebook.com/fr/ Frame 83DF
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YisqEAAAAByHOAQr&t=2592000&o=0
43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YisqEAAAAByHOAQr&t=2592000&o=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H3
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 02:53:25 PST
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
public
x-fb-debug
KWeL9IcnqLMlzVkOvsgY0SUmaetedIKf4LI1xQXhZGFXJ2QWJun06/Notn1wXf4xYyNxR1SLbdUuw1bzTHO00A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Fri, 11 Mar 2022 02:53:25 PST

Redirect headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:25 GMT
via
1.1 varnish
server
Varnish
x-timer
S1646996005.215963,VS0,VE0
x-served-by
cache-yul12822-YUL
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YisqEAAAAByHOAQr&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=28&q=0&hp=1&wf=1&ra=2&pxm=2&vz=-&zp=4&sgs=2&vb=7&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=1&ak=-&i=CONDENASTINLINEINT1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=8&g=9&h=155&w=276&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995999010&de=791285268938&cu=1646995999010&m=4611&ar=359f21c1e97-clean&iw=9d39110&cb=0&ym=0&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&gm=1&io=1&ch=0&vv=1&vw=1%3A3%3A0&vp=100&vx=100%3A100%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=0&ag=133&an=133&gf=133&gg=133&ez=1&aj=0&pg=100&pf=100&ib=0&cc=0&bw=133&bx=133&dj=0&aa=0&ad=133&cn=133&gk=133&gl=133&cq=0&hj=1&pv=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4524&cd=4524&ah=4524&am=4524&dq=133&dr=133&ds=133&dt=133&xd=00&zx=0&vu=0&tb=0&te=0&nj=0&fc=1&fk=1&wa=2&hf=1&hi=1&hm=1&vm=1&vl=12&vt=12&vd=0&zMoatSRE=0.02228125&zMoatVSD=1.728&dh=133&hc=1&er=0&es=0&gs=-368&gt=-368&eu=0&ev=0&et=1&dz=1&ea=1&eb=1&ec=22469&ef=1&eg=1&eh=1&ei=1&ej=1&rf=0&re=0&cl=0&at=0&d=-%3A-%3A5743013948%3A138375420838&dfp=0%2C1&la=5743013948&zMoatPL=arstechnica.com&zMoatPL2=arstechnica.com&bo=arstechnica.com&bd=arstechnica.com&gw=condenastinlineint626489506216&zMoatOrigSlicer1=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&zMoatOrigSlicer2=%2F3379%2Fconde.ars%2Finline-player%2Finformation-technology%2Farticle&zMoatBrand=conde.ars&zMoatPlayer=inline-player&zMoatSiteSection=information-technology&zMoatTemplate=article&ab=3&ac=1&fd=1&kt=strict&it=500&fz=1&or=0&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197273&na=729329296&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:25 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1836 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B8W6EHiorYuOaLOaIoPMPmMORQAAAAAA4AeAEAg&bg=!39yl3JjNAAb7UztL-1M7ACkAdvg8Wq2Lqu5lEw28e4vRF6xEDjzTopzzEwiKERPAfdVSXbG7g06fagIAAAYnUgAAAANoAQeZA7Iux7L4Ke0Gy5qcmS6zi4mK09INm3Q0obygrdWgMHsxiIWnOrdDvgm8FSB2I4YuwRgnbeJtRlZay8PmCE-eQlO4rmjOBne7yeD7XwfWGeAHMJztaT8SQ4luLJ88ayH8wB91_HZNOSZp0SLroxRU9Igcrys7nHRVJiGqTBxg0T4aMpaslEBiz0WHoFVBedPyhEphnXUSo346J1byqivRfeJYraVD5i2MLl78t6CYOMNJNvBq6bmwm3UZu-FObTHB_q9A_kNIIdhVwGxumYD2_H_JKcQ_pRBYhJvJky60ojeBx7Sw5FBlUlPFliPTrgNuR6vp00HMAyJyHgB3KB8ISb_rf98yLVkC8W_ha8x_3kTfXGdvXl-A_OJJ98ymmmgXXrHg9uKVj282HlF3Tb8-YpJbsa5xjocGrugUGgomixXUbvhT0qN4ZQgxHxHlsUtWGZ2p7t6RE2S5kemOXWF4dmaE7TXBWAaUa-zY-ec24fw3KWFiFHUrchT_0Max5MewZ6sfGdMONh3wVOLn2y2uLT3-GvZZSaQiyFxRRGBeuiDdczh3coh5a04fDJp5-sxhymiVYy0HcbPn60pJd2KGuWot4iRHnES9ZGMyU64iszLhIg2cMzwsZ3YrcoWj1UPcj_FJlBHWfnegZK4RDo_NeaMlXulPBRT6wXQYFnEjmjpzgN4X3KagSSlSUqmho0VZvGuwsaaOeVmC0kK6t9VI1MI7sHoPtSc-OPMhQuQBrYZT1jQoPGDbvEVBO2oowE0QQPaQSCXTvWp3hcJXz7-WTH56oyxHfc_ZPf6-GLlzICNEaxpdt9i5MOEmLcnTSyayil9hrj7iZl0bphS_PdBASEzCrj_yOXtAx3hFav5dvOj1E9ddLn_7Bf8GVd36_uZFo2Hg1NKxjWj02d8V8EOH95uZscfNv4LKa6KFsnaY72lvAMbETKWLUnui-4bMDzJ2zPzcmafwWyleS16eiRwge4VAamdodoX1Zngeiq_xG_rzN9gmselD-qDy1fo0ZoOI8VpvstzypHSHLTYiYf0HLq64wt2H-iK3w-9YVtNLblnBliaXKJgZrxnGSM8D-9KusEs6sdeLH6fQfkaJmgMEaJKn9khIdQl9huQ5_nFHn_Izo6qi8TceRfI2cSOjwFwBc81066U_IhR8jhVLpDLdTFVv6wDQm_ZqNXJE2pk-gf0axRcbm30aR3gB6Y_73oYGlIXlqYv2KOP3kla3VRKcXjLzbhas2V1l9LsmlWx1WaVi6KsR
Requested by
Host: 56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
URL: https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:25 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&zMoatAdUnit1=conde.ars&zMoatAdUnit2=hero&zMoatAdUnit3=information-technology&zMoatAdUnit4=article&wf=1&ra=3&pxm=3&sgs=3&vb=7&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=1&ak=https%3A%2F%2F56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CONDENAST_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-vUthrpVuFccVxRDaTGndGCUc8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-ynhf80RvHCbFpA%3D%3D&sc=1&os=1-6A%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=WliCq%2B%3A)VT&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=11&g=6&h=250&w=970&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&rm=1&fy=315&gp=0&zGSRC=1&gu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&id=1&ii=4&f=0&j=&t=1646995982584&de=901890910919&rx=604451054343&cu=1646995982584&m=21564&ar=359f21c1e97-clean&iw=8105762&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=5212&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A1145%3A1145%3A0%3A1743&as=1&ag=15055&an=10279&gi=1&gf=15055&gg=10279&ix=15055&ic=15055&ez=1&ck=1170&kw=1504&aj=1&pg=100&pf=100&ib=0&cc=1&bw=15055&bx=10279&ci=1170&jz=1504&dj=1&im=1&in=1&pd=1&nb=1&el=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=1%3A1%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=15481&cd=10414&ah=15481&am=10414&xd=00&rf=0&re=1&ft=10866&fv=6253&fw=1543&wb=2&cl=0&at=0&d=4660981638%3A2443012271%3A4884048123%3A138273356291&bo=conde.ars&bd=1&gw=condenastprebidheader987326845656&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=197273&na=955499039&cs=0
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.163.40 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-52-163-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:25 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Fri, 11 Mar 2022 10:53:25 GMT
ibs:dpid=161033&dpuuid=
dpm.demdex.net/ Frame 83DF
Redirect Chain
  • https://pixel.onaudience.com/?partner=130&mapped=68547252942253779170798061318171033219&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D161033%26dpuuid%3D%25m
  • https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
42 B
961 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
52.43.199.141 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-199-141.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v026-033d45748.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
300,104
X-TID
F5X9lTj0SBQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=161033&dpuuid=
content-length
0
image.sbxx
ib.mookie1.com/ Frame 83DF
Redirect Chain
  • https://global.ib-ibi.com/image.sbix?go=244346&pid=268&xid=68547252942253779170798061318171033219
  • https://ib.mookie1.com/image.sbix?go=244346&pid=268&xid=68547252942253779170798061318171033219
  • https://dpm.demdex.net/ibs:dpid=285689&dpuuid=68547252942253779170798061318171033219&redir=https%3A%2F%2Fglobal.ib-ibi.com%2Fimage.sbxx%3Fgo%3D244346%26pid%3D268%26xid%3D%24%7BDD_UUID%7D
  • https://global.ib-ibi.com/image.sbxx?go=244346&pid=268&xid=68547252942253779170798061318171033219
  • https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=68547252942253779170798061318171033219
120 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.mookie1.com/image.sbxx?go=244346&pid=268&xid=68547252942253779170798061318171033219
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Server
64.58.232.180 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://condenast.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 11 Mar 2022 10:53:25 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3p
CP=\"DSP COR ADM DEV PSA PSD OUR\", CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
X-Server
LAS05
Content-Type
image/png
Content-Length
120
Expires
-1

Redirect headers

Date
Fri, 11 Mar 2022 10:53:25 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Location
https://ib.mookie1.com:443/image.sbxx?go=244346&pid=268&xid=68547252942253779170798061318171033219
p3p
CP="DSP COR ADM DEV PSA PSD OUR"
Access-Control-Allow-Origin
*
Cache-Control
private
X-Server
LAS15
Content-Type
text/html; charset=utf-8
Content-Length
223
view
securepubads.g.doubleclick.net/pcs/ Frame FEB5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCdDf4NOuGgaV0JORmp-yboQ8lTGgEE8yNuvoJbhG9G1kQQKBVTd1_BcOIJqhemKP1pw_oCIVe6L4q_mr18XBh2-Kj9CyglKBLqDx773qHQFeNvMLr-uijM4brj8GWaHh9NVPzcDIQRRs2hY49Wm-NeDM8s_nfWJqlKTpeKEcsWDoTPn3o9_ohhPokgKmidgH_mgM8A30t2ByxZXYlgjecal14CTjyenrZhcJ_lne7CLaqy7N9vyExEHB6oui0qfSUmU4Pr1TD9kR84Vf01Hyw0_7updKlD3scZyKXHoIP1O0wDHR0XVFx5YgEWSAxk3PfKh_5dqc4LfxZ2nh6z-1c_XFi6g84te0Cw3oS&sig=Cg0ArKJSzIvMcofqrX3jEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 11 Mar 2022 10:53:26 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6cf6b07dcd7c0e37ddd2cc35b1de0741a54d883d5ed4005a6f872b419b22948a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 11 Mar 2022 10:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10538
x-xss-protection
0
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=228464857488266&ev=Spire-Studio-Segment&dl=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&rl=&if=false&ts=1646996006649&cd[code]=&sw=1600&sh=1200&v=2.9.55&r=stable&ec=2&o=30&fbp=fb.1.1646995988224.403967254&it=1646995984979&coo=false&dpo=&tm=2&exp=p1&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Fri, 11 Mar 2022 10:53:26 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035094/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
13.33.60.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-43.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:26:28 GMT
via
1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
age
1619
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
eQqSNJJIFuFX-bYw_xnAB8_h1X-b2r_zvEXWpwxTkYMX4pfgVFfpBw==

Redirect headers

date
Fri, 11 Mar 2022 10:53:26 GMT
via
1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
/internal-c2/default/cs.js
content-length
48
x-amz-cf-id
E28KcY0NX-eLNKklAj5hl9L7PfWiryZFNxhzMnkufxx8LyUjQF0irA==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030901.js?cb=31065604
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 11 Mar 2022 10:53:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CC35 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Fri, 11 Mar 2022 00:43:22 GMT
expires
Sat, 11 Mar 2023 00:43:22 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
36604
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D1F3 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80b::2004 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
595b3452792e28f29e2073bcb9744e9ca305c7c44bd3d00ba622a0bf83db3238
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DOWq4CrU+fc3hstjzBk87A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 11 Mar 2022 10:53:26 GMT
date
Fri, 11 Mar 2022 10:53:26 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-DOWq4CrU+fc3hstjzBk87A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame D1F3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030901&jk=3372216402445410&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js
pagead2.googlesyndication.com/bg/ Frame CC35 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sUHguJaOgo-7uJOhJ406zvaQRdrc_7oCnUaOp60Ji2o.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Mar 2022 06:46:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
187588
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13820
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Mar 2023 06:46:58 GMT
event
condenast.demdex.net/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://condenast.demdex.net/event?d_dil_ver=9.4&_ts=1646996007155
Requested by
Host: arstechnica.com
URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.81.86.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-81-86-185.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
94825be9f70f10ed173203b58b83dcb7b2aed60f0fa0779fe936ac9679e48349
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-2-v026-0b8249ce4.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
wy4gms9HTXE=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://arstechnica.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
2278
Expires
Thu, 01 Jan 1970 00:00:00 UTC
activeview
pagead2.googlesyndication.com/pcs/ Frame FEB5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstF6aaMhfTsftp8V0-H_Tm7mKKrnUFdQU0aspezgQVJzmuzS72NpOBxA4tghrawu3-vGR3-cierbt6xshYJfAdK2O79UYLgyG9Qjl2Hf7F6W9KSXRlv&sig=Cg0ArKJSzDojPLPcre3uEAE&id=lidar2&mcvt=1029&p=696,1110,1296,1410&mtos=0,1029,1029,1029,1029&tos=0,1029,0,0,0&v=20220309&bin=7&avms=nio&bs=0,0&mc=0.84&if=1&app=0&itpl=19&adk=1483574547&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1646995988966&rpt=17618&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame CC35 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?h5LfQg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2001 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-11T10%3A53%3A27.739Z&_t=impressionViewable&cBr=Ars%20Technica&cKe=criminal%20justice%7Cextortion%7Cindictments%7Cransomware&cCh=information%20technology&cTi=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=775&cId=1840246&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pWw=1600&pWh=1200&pPw=1600&pPh=5200&pSw=1600&pSh=1200&uID=0884e157-1f7d-4567-95c8-d99c9013a3c8&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&uDt=desktop&aam_uuid=68547252942253779170798061318171033219&dim1=%7B%22channel%22%3A%22information-technology%22%2C%22platform%22%3A%22wordpress%22%2C%22template%22%3A%22article%22%2C%22viewport%22%3A%22desktop%22%2C%22isOverride%22%3Afalse%2C%22position%22%3A%22rail%22%2C%22size%22%3A%22300x600%22%7D&_o=ars-technica&_c=ad_metrics&xID=8a88dde5-85d6-4eb8-99f5-d9efef957024&environment=prod&origin=ars-technica
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:27 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
collect
analytics.google.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-P1P55J3LNW&gtm=2oe370&_p=798283911&sr=1600x1200&ul=en-us&cid=1262709198.1646995983&_s=3&dl=%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&dr=%2F&dt=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week%20%7C%20Ars%20Technica&sid=1646995988&sct=1&seg=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P1P55J3LNW&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::200e Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://arstechnica.com/
Accept-Language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://arstechnica.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030901&jk=3372216402445410&bg=!JCelJ2PNAAb7UztL-1M7ACkAdvg8WtkXZZZoKfEcE3HPaFg1zzqkVGan5GcEDuSzOKwXWe0Q7MlBvQIAAAL0UgAAAARoAQcKAAKs_pkC3X9Skv4p81v9lFxx2_LQyUF99l-JlR1BzM8uzvqx0frFLKZsWSBv-ibYIvsyjxRt1PHoJcqeeMOi5NANvwf08ISJbXNyUCW2jzYWNBLq2KFdyz0yA5saAfV7rClHrphDTVvIPirHMkfbm1900GhZ4p_yt7Ny2PmUZvUMh3jrF236mGixsVErCc0oROtEQtIgfd-NLR4rUrTHIQMsPLv1cpZvBoIas6gOpQQqAM9_R9C0afihYWKRsXjlc6TtS34lvP_FLlRivW3N3q9Nm9M8y2oXjMF8Dreuw2S6uAVWi-JO1CTTg0-C_ZkePnOV2gABASv_7CSMVYO_klf2NglIPAQ-f5gvi60osmr8gjhaQbIMM6LgR_IAHtp_B-UkulLgE17Y1J6IDAQ-clLAxiK2wjy3Ciqmz2fOdkRFWCRevmiiYLXdVvK5TpgvEPNto0c0vVt6aeGiLSOWDdjcFYH1qWkjufk8i40Rf8y3Vp7c9dQrRovn5iBOGdGKzhBNe0Db0UL4VGNin6rpr9LQyy4IlD8EqQiGs0sf6gB_8bcE7kFLGYrMS0MvFHqL88B-EcfcTg8gVhaE1WRZiEhEP5HGp5SBx_MjXzuOcgPzQxPU4ubKDSa1cu6nU4VKANASEvCNUhbBH1pxpSgmkY4KQLYhTRnVa6kFAYFhQcrIVclsHLlOnew-HZY4HcutoEwo7Lk01NdjiBywjp0Q0jIsd70KgueldV6CdIZyw-kBR2DQgc-nKA0Lgb4I_merfXQ9T1fE5xZOexbB5NpBPjZPdLTlclZ71yvAhjzGT9uWdnZi1F1GiKujIjQ82Zt8m1ZP46lo5FU5b_g5i-fRHtKZA6cq_MLr2oe8YwOCNwNU6G1Sz5VZUnXcXUNgN2fFH0YzMVU2m_SFRun_ZGi36bSkNcq35AJ-eeDl2XLkJRulX9UutVPulz7T4w-yV_o6k-YnzIWIHOLoD7FXgap8rYuNMRw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:820::2002 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIj5X-l_K99gIVRBsMCh0GXAYSEAAYACDEyNtPQhMIy4vPlfK99gIVgbXICh0-YA54;met=1;&timestamp=1646996008647;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame F4E3 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIj5X-l_K99gIVRBsMCh0GXAYSEAAYACDEyNtPQhMIy4vPlfK99gIVgbXICh0-YA54;met=1;&timestamp=1646996008647;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.40.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s81-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 11 Mar 2022 10:53:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
capture.condenastdigital.com/ 		48 B
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capture.condenastdigital.com/track?_ts=2022-03-11T10%3A53%3A30.592Z&_t=adBlock&cBr=Ars%20Technica&cKe=criminal%20justice%7Cextortion%7Cindictments%7Cransomware&cCh=information%20technology&cTi=Feds%20extradite%20ransomware%20suspects%20from%202%20prolific%20gangs%20in%20a%20single%20week&cTy=article%7Creport&cCu=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&org_id=4gKgcFGUFUvCGFzHakTPfYp85Yi8&cCl=775&cId=1840246&ccS=web&cPv=all&pHr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week&pRt=referral&pHp=%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pRr=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&pWw=1600&pWh=1200&pPw=1600&pPh=5200&pSw=1600&pSh=1200&uID=0884e157-1f7d-4567-95c8-d99c9013a3c8&sID=19a825c1-2420-48c5-8e28-83266f50f6eb&pID=6ea5d4e4-8728-4982-ba4f-be7cb7463dfb&uDt=desktop&aam_uuid=68547252942253779170798061318171033219&dim1=%7B%22runtimeId%22%3A%22gzxidTdnkHjmE%22%2C%22device%22%3A%22desktop%22%2C%22pageContext%22%3A%7B%22contentType%22%3A%22article%22%2C%22templateType%22%3A%22article%22%2C%22channel%22%3A%22information-technology%22%2C%22slug%22%3A%22feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%22%2C%22server%22%3A%22production%22%2C%22keywords%22%3A%7B%22tags%22%3A%5B%22criminal-justice%22%2C%22extortion%22%2C%22indictments%22%2C%22ransomware%22%5D%2C%22cm%22%3A%5B%5D%2C%22platform%22%3A%5B%22wordpress%22%5D%2C%22copilotid%22%3A%22%22%7D%2C%22adBlock%22%3Afalse%7D%2C%22adBlock%22%3Afalse%7D&_o=ars-technica&_c=ad_metrics&xID=8a88dde5-85d6-4eb8-99f5-d9efef957024&environment=prod&origin=ars-technica
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.146.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-146-139.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 11 Mar 2022 10:53:30 GMT
Connection
keep-alive
Content-Length
48
Content-Type
image/gif
p
sb.scorecardresearch.com/ Frame 8A4E 		64 B
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=6035094&ns_type=hidden&ns_st_sv=4.1505.18&ns_st_it=r&ns_st_id=1646995993902_1&ns_st_ec=7&ns_st_sp=1&ns_st_cn=3&ns_st_ev=hb&ns_st_po=10001&ns_st_cl=1582680&ns_st_hc=1&ns_st_mp=streamsense&ns_st_mv=4.1505.18&ns_st_pn=1&ns_st_tp=0&ns_st_pt=10001&ns_st_pa=15000&ns_st_ci=5f90976042b5f03ec594bace&ns_ts=1646996013733&ns_st_bt=0&ns_st_bp=0&ns_st_pc=0&ns_st_pp=1&ns_st_br=0&ns_st_ub=0&ns_st_pr=*null&ns_st_ep=*null&ns_st_ct=vc&ns_st_ge=*null&ns_st_st=*null&ns_st_pu=*null&c3=ARSTECHNICA&c4=*null&c6=*null&c7=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&c8=How%20The%20NES%20Conquered%20A%20Skeptical%20America%20In%201985&c9=&ns_st_sn=*null&ns_st_en=*null&ns_st_ti=*null&ns_st_ia=*null&ns_st_ce=*null&ns_st_ddt=*null&ns_st_tdt=*null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.60.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-60-43.ewr52.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
en-CA,en;q=0.9
Referer
https://arstechnica.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 10:53:33 GMT
via
1.1 b3866c48e4cb6dc0d3dbbcbdc1d92d00.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
hL5Hod5Wnynt4jjcrXcHq12uOmhfXGEJVFGRxGiEA-w5PmF3HpfDsw==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sstats.arstechnica.com
URL
https://sstats.arstechnica.com/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=F7093025512D2B690A490D44%40AdobeOrg&mid=68762862322192564840819322226396803674&ts=1646995984105

Verdicts & Comments Add Verdict or Comment

229 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 function| structuredClone object| oncontextlost object| oncontextrestored object| ars object| dataLayer object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| OptanonWrapper function| __uspapi object| usPrivacyCookie object| gamoo object| otCcpaOptOut function| dnsfeed object| googletag object| cns object| sparrowQueue function| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| cnBus object| _perfRefForUserTimingPolyfill object| fastdom function| moatYieldReady object| BOOMR_mq object| apstag function| arsAdHeightManager function| adsStaticHeight object| otStubData object| Twig object| Arrive function| FPCountdown function| $ function| jQuery function| moment function| UAParser function| purl function| twig function| EvEmitter function| imagesLoaded function| easydropdown function| m function| transitionEnd function| arsVideoModulePlayerReady88856293 object| __memo_config function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| google_tag_manager function| postscribe object| google_tag_manager_external object| _cne object| headertag boolean| apstagLOADED object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| ggeac object| google_js_reporting_queue object| core object| __otccpaooLocation object| PolarConde object| NATIVEADS object| NATIVEADS_QUEUE string| referrer object| urlParams string| queryString string| fullUrl object| myParam object| publishDate object| now object| google_tag_data string| GoogleAnalyticsObject function| ga string| b object| h object| performanceConsent object| functionalConsent object| targetingConsent function| getVisitNumCustom number| d undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_78832957 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi string| hash object| MEMO object| SparrowConfigV2 undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| gaplugins function| isAnExcludedLink object| Optanon object| OneTrust function| e object| visitor object| adobe function| Visitor object| s_c_il number| s_c_in function| DIL object| dilInstance object| _qevents function| twq object| __adIq_Config string| _linkedin_partner_id object| _linkedin_data_partner_ids function| fbq function| _fbq function| addPixel function| hj object| _hjSettings string| TiktokAnalyticsObject object| ttq object| scrEm object| _aam_dataLayer undefined| userId boolean| _aam_spa object| NATIVEADS_STORE object| SparrowCache function| Sparrow boolean| sparrowInitialize object| _4d object| sparrow object| gaData object| trx function| md5 object| twttr function| lintrk boolean| _already_called_lintrk object| Sailthru object| auvars object| bouncex function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| webpackJsonp.TiktTokAnalytics object| JSBridge object| Native2JSBridge object| ToutiaoJSBridge number| google_global_correlator object| _google_rum_ns_ object| google_persistent_state_async object| closure_lm_794143 object| google object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings function| docReady object| au object| autag object| ampInaboxIframes object| ampInaboxPendingMessages function| _typeof object| PARSELY function| reload_campaigns function| setBounceCookie function| getBounceCookie function| setBounceVisitCookie function| getBounceVisitCookie function| clearBounceCookie object| closure_lm_718690 object| closure_lm_166157 function| close_bouncex_ad object| GoogleGcLKhOms object| google_image_requests function| arrive function| unbindArrive function| leave function| unbindLeave

337 Cookies

Domain/Path Name / Value
widgets.outbrain.com/nanoWidget/externals/cookie Name: thirdparty
Value: yes
i.liadm.com/s Name: _li_ss
Value: MgYI0gEQ1hEyBQgGEOQR
.arstechnica.com/ Name: session_seen_posts
Value: 0
.arstechnica.com/ Name: seen_posts
Value:
arstechnica.com/ Name: usprivacy
Value: 1---
arstechnica.com/ Name: CN_visits_m
Value: 1648771200550%26vn%3D1
arstechnica.com/ Name: CN_in_visit_m
Value: true
arstechnica.com/ Name: __srret
Value: 1
.arstechnica.com/ Name: _gcl_au
Value: 1.1.1587654578.1646995983
.turn.com/ Name: uid
Value: 3480839182339453453
.tapad.com/ Name: TapAd_TS
Value: 1646995983652
.tapad.com/ Name: TapAd_DID
Value: f8bdb9a2-38e4-41f1-ba5d-edf3b6d7b2e5
.scorecardresearch.com/ Name: UID
Value: 1F015ee594b594f4065f03b1646995983
.demdex.net/ Name: demdex
Value: 68547252942253779170798061318171033219
.ad.gt/ Name: au_id
Value: d07202dd-dbf8-4d5d-a13a-b0fb7e5202f9
.ad.gt/ Name: au_idmatch
Value: {"apn": "2022-03-11", "ttd": "2022-03-11", "pub": "2022-03-11", "adx": "2022-03-11", "halo": "2022-03-11", "goo": "2022-03-11", "impr": "2022-03-11", "unruly": "2022-03-11", "mediamath": "2022-03-11"}
.arstechnica.com/ Name: sID
Value: 19a825c1-2420-48c5-8e28-83266f50f6eb
arstechnica.com/ Name: pID
Value: 6ea5d4e4-8728-4982-ba4f-be7cb7463dfb
arstechnica.com/ Name: CN_sp
Value: 0884e157-1f7d-4567-95c8-d99c9013a3c8
arstechnica.com/ Name: CN_su
Value: a1c8150b-5d79-4340-9d7a-432672e2aee6
arstechnica.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.arstechnica.com/ Name: _pubcid
Value: 55a4c788-9f1f-47f8-91ba-87fb177dd771
.outbrain.com/ Name: obuid
Value: e8062a03-abd0-4179-9237-bc017ff4576d
.outbrain.com/ Name: recs_919925c0385e2204ce3c093611eee84c
Value: 0B4097603354A3794185264A4221888171A4082815021A4218518050A4035936778ACD1
infinityid.condenastdigital.com/ Name: CN_xid
Value: 8a88dde5-85d6-4eb8-99f5-d9efef957024
infinityid.condenastdigital.com/ Name: CN_xid_refresh
Value: 8a88dde5-85d6-4eb8-99f5-d9efef957024
.arstechnica.com/ Name: AMCVS_F7093025512D2B690A490D44%40AdobeOrg
Value: 1
arstechnica.com/ Name: __srui
Value: 6cba72ff-a129-11ec-87d7-bacfd01e3338
.openx.net/ Name: i
Value: 55a4c788-9f1f-47f8-91ba-87fb177dd771|1646995984
.yahoo.com/ Name: A3
Value: d=AQABBBAqK2ICEMqpgyk9y9rrrKmR0jiUPMoFEgEBAQF7LGI1YgAAAAAA_eMAAA&S=AQAAAsho6arkGpI8dQhS4VSve-Q
.rubiconproject.com/ Name: khaos
Value: L0MAVUNK-24-AM7U
arstechnica.com/ Name: CN_xid
Value: 8a88dde5-85d6-4eb8-99f5-d9efef957024
.arstechnica.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.arstechnica.com/ Name: _gid
Value: GA1.2.1204506803.1646995984
.pippio.com/ Name: did
Value: xlBHQA8pl2OVaW1Y
.pippio.com/ Name: didts
Value: 1646995984
.pippio.com/ Name: nnls
Value:
.adsrvr.org/ Name: TDID
Value: 6e0633dc-a403-42d4-8fdd-03bcf8268488
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YisqEAAAAByHOAQr
.arstechnica.com/ Name: _dc_gtm_UA-31997-1
Value: 1
.adnxs.com/ Name: uuid2
Value: 7380764466701486637
.adnxs.com/ Name: icu
Value: ChgI_rtmEAoYAiACKAIwkNSskQY4AkACSAIQkNSskQYYAQ..
arstechnica.com/ Name: sailthru_pageviews
Value: 1
.dpm.demdex.net/ Name: dpm
Value: 68547252942253779170798061318171033219
.linkedin.com/ Name: li_sugr
Value: 58c2fef9-6a1c-41eb-9ebf-6bd475714fa3
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&3c3c089e-cca3-4de8-8868-d101e6ee04bf"
.linkedin.com/ Name: lidc
Value: "b=TGST02:s=T:r=T:a=T:p=T:g=2737:u=1:x=1:i=1646995984:t=1647082384:v=2:sig=AQG4OkySvUHrVwepZctYx_HSTFn4ibFg"
.doubleclick.net/ Name: IDE
Value: AHWqTUnWBwgjg2IwVsxyLFhNk1s3OpM8cFDpwDydId2rlbGjFFVuaDtWSZsGLcprC94
.360yield.com/ Name: tuuid
Value: 731aab81-526e-449a-8b81-5fa14fdcea13
.360yield.com/ Name: tuuid_lu
Value: 1646995984
.arstechnica.com/ Name: OptanonConsent
Value: isIABGlobal=false&datestamp=Fri+Mar+11+2022+10%3A53%3A04+GMT%2B0000+(GMT)&version=6.23.0&hosts=&consentId=010e6017-2ad2-4d40-9120-cf8723918c99&interactionCount=0&landingPath=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2022%2F03%2Ffeds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week%2F&groups=C0001%3A1%2CC0003%3A1%2CC0004%3A1%2CC0002%3A1
.ad.gt/ Name: last_seeng_hosted
Value: 1646995985063
.ad.gt/ Name: g_hosted
Value:
.arstechnica.com/ Name: OB-USER-TOKEN
Value: e8062a03-abd0-4179-9237-bc017ff4576d
.mathtag.com/ Name: uuid
Value: 4f1b622b-2a11-4300-89bc-81aa7c7a5721
.amazon-adsystem.com/ Name: ad-id
Value: AxwXGrVGDUGsgN3aRP9DbIo
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.pippio.com/ Name: pxrc
Value: CJHUrJEGEgQIAhAAEgYI7OsBEAA=
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 8763B6A3-D1B4-4E71-AF29-58D268671E50
.linkedin.com/ Name: UserMatchHistory
Value: AQIw1WbdElLBPQAAAX94nFVHVTdq-yT5ZdrAsytOndkJtI1aer7F1HVv5fPSIaz0qQg-TfxuUqkzjg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJU4x8nBu3iyQAAAX94nFVHfu0C2QikEXspuHGGQNdSZX5VDs8_JeSI_OKx9f9O0B3UE1Pxe1y-asmI6mc4Yg
.ad.gt/ Name: last_seentd
Value: 1646995985738
.ad.gt/ Name: tdid
Value: 6e0633dc-a403-42d4-8fdd-03bcf8268488
.ad.gt/ Name: first_seentd
Value: 1646995985738
.ad.gt/ Name: last_seenadnxs
Value: 1646995985738
.ad.gt/ Name: adnxs_id
Value: 7380764466701486637
.ad.gt/ Name: first_seenadnxs
Value: 1646995985738
.ad.gt/ Name: last_seenadx
Value: 1646995985739
.ad.gt/ Name: google_gid
Value: CAESEHAGhIqFq0JL46uIHrnDrno
.ad.gt/ Name: first_seenadx
Value: 1646995985739
.twitter.com/ Name: personalization_id
Value: "v1_jQ96Wkfcgmgo3C2YX2wzxQ=="
.ad.gt/ Name: last_seenmediamath
Value: 1646995986267
.ad.gt/ Name: user_id
Value: 4f1b622b-2a11-4300-89bc-81aa7c7a5721
.t.co/ Name: muc_ads
Value: 53ea76a4-5b03-4eda-9699-40d46b87cfc0
.arstechnica.com/ Name: AMCV_F7093025512D2B690A490D44%40AdobeOrg
Value: -408604571%7CMCIDTS%7C19063%7CMCMID%7C68762862322192564840819322226396803674%7CMCAAMLH-1647600784%7C9%7CMCAAMB-1647600784%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1647003184s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19070%7CvVersion%7C4.6.0
.linksynergy.com/ Name: rmuid
Value: 4272d87a-7960-4846-b0cb-40ae05801c78
.linksynergy.com/ Name: icts
Value: 2022-03-11T10:53:06Z
.ad.gt/ Name: last_seenimprove
Value: 1646995986375
.ad.gt/ Name: impr_uid
Value: 731aab81-526e-449a-8b81-5fa14fdcea13
.ad.gt/ Name: last_seenpbm
Value: 1646995986377
.ad.gt/ Name: pbm
Value: 8763B6A3-D1B4-4E71-AF29-58D268671E50
.ad.gt/ Name: first_seenpbm
Value: 1646995986377
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&2022031110530627a9734b-dac3-4b4c-8ba5-d50bd68ffb69AQF1_OUwzsHvU3xG3-GADdfPyjJmsUHp"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005%22%7D
.krxd.net/ Name: _kuid_
Value: OtgMmMns
.bidswitch.net/ Name: tuuid
Value: 82063e31-d895-4c78-815b-e5685b556304
.bidswitch.net/ Name: c
Value: 1646995986
.mfadsrvr.com/ Name: tuuid
Value: 59125365-6b70-4daa-8987-45b896b15e4d
.mfadsrvr.com/ Name: c
Value: 1646995986
.zemanta.com/ Name: zuid
Value: M2AFWxq8fWs1QCyO1OUy
.zemanta.com/ Name: obuid
Value: qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
.geistm.com/ Name: gdpid
Value: WCFK1GiP2srZL
.quantserve.com/ Name: mc
Value: 622b2a12-f3095-95391-844c7
.eyeota.net/ Name: mako_uid
Value: 17f789c5a3f-4a30000010a4272
.eyeota.net/ Name: SERVERID
Value: 17010~DM
.ad.gt/ Name: last_seenunruly
Value: 1646995986983
.ad.gt/ Name: unruly_id
Value: RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005
.agkn.com/ Name: ab
Value: 0001%3AEuCLbhi0Myw5jajjFLilixrKrEsS9%2Bxl
arstechnica.com/ Name: sailthru_content
Value: 0f8f7c2ad0d1cca9569b29ae9a8ee9de
arstechnica.com/ Name: sailthru_visitor
Value: def41d5f-f2e1-484a-a3e8-80c5ab118225
.arstechnica.com/ Name: __gads
Value: ID=c0d5607e9ac7d54c:T=1646995983:S=ALNI_MaTKKKWzO4ygPJr4VtVBpOnLfT8Jg
.bttrack.com/ Name: GLOBALID
Value: 2uKlc8-sIBd987FnJwbHGp__AAkEJ1P883Q4nXPNJruORUNvcPFAL_7PnBzW5olTI2r2aeY0bJQC4TM1
.adfarm1.adition.com/ Name: UserID1
Value: 7073793900810664086
.ad.gt/ Name: last_seenconde_nast_xid
Value: 1646995987182
.ad.gt/ Name: conde_nast_xid
Value: 8a88dde5-85d6-4eb8-99f5-d9efef957024
.creativecdn.com/ Name: u
Value: g71zTyS3JrJ1a7exnX6p
.creativecdn.com/ Name: ts
Value: 1646995987
.exelator.com/ Name: EE
Value: "749a3fb36294af3e0be5477ca7a8aed6"
.casalemedia.com/ Name: CMID
Value: YisqEwvGNa5jhI2NpW1I0QAA
.casalemedia.com/ Name: CMPS
Value: 466
.arstechnica.com/ Name: _fbp
Value: fb.1.1646995988224.403967254
.arstechnica.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/%22%2C%22sref%22:%22%22%2C%22sts%22:1646995988259%2C%22slts%22:0}
.facebook.com/ Name: fr
Value: 03gJlNJKlpl5Wdlt2..BiKyoU...1.0.BiKyoU.
.arstechnica.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=9df2d1daf213a964c0d4ceb65e9db394%22%2C%22session_count%22:1%2C%22last_session_ts%22:1646995988259}
.outbrain.com/ Name: ttd
Value: 6e0633dc-a403-42d4-8fdd-03bcf8268488
arstechnica.com/ Name: cneplayercount
Value: 2
.arstechnica.com/ Name: bounceClientVisit2806v
Value: N4IgNgDiBcIBYBcEQM4FIDMBBNAmAYnvgIYBOKCApgMZwB2AltcQHTUD2AtkQ3QGbtSnYggbs6AWiq067MOwDmATyK4ADLlxE1GIn0oATFBMoAPBKWIGGVCZboouAdzKUJKAK4oINBMb6kXBK4EhCBYAx8TBIKxHQKxrwSxO68CmBuTpSUANZEIAA0IKQwICAAvkA
.bidswitch.net/ Name: tuuid_lu
Value: 1646995988
.mfadsrvr.com/ Name: tuuid_lu
Value: 1646995988
.outbrain.com/ Name: apnxs
Value: 7380764466701486637
.spotxchange.com/ Name: audience
Value: 703b40fe-a129-11ec-a4b2-19a2cb060103
.outbrain.com/ Name: rbcn
Value: L0MAVUNK-24-AM7U
.outbrain.com/ Name: actvagnt
Value: 7073793900810664086
.ad.gt/ Name: last_seenhaloid
Value: 1646995989125
.ad.gt/ Name: halo_id
Value: 0201148cok07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
.ad.gt/ Name: first_seenhaloid
Value: 1646995989125
.advertising.com/ Name: APID
Value: UP7056a3fc-a129-11ec-b6e3-0210df448c65
.emxdgt.com/ Name: uid
Value: 77451646995989241175ac
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQcHcxDLROC3J2MzI0iQxzTjVICnV1MTcPDnRPNEiMTXFbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJySX5RZvoiZ8fFRSlpDItKik8F79%252FjBwCbuiqb"
.casalemedia.com/ Name: CMPRO
Value: 992
arstechnica.com/ Name: _lr_retry_request
Value: true
arstechnica.com/ Name: _lr_env_src_ats
Value: false
.adsymptotic.com/ Name: U
Value: 133206bfc57dc84a527e3ac88db634d0
.media.net/ Name: visitor-id
Value: 2899975901454749000V10
sofia.trustx.org/ Name: tuuid
Value: 81a1407a-2a19-4c6a-b670-274528f02c1f
sofia.trustx.org/ Name: c
Value: 1646995990
sofia.trustx.org/ Name: tuuid_lu
Value: 1646995990
.arstechnica.com/ Name: __qca
Value: P0-932977213-1646995986898
.outbrain.com/ Name: mdfrc
Value: 59125365-6b70-4daa-8987-45b896b15e4d
.outbrain.com/ Name: zmnta
Value: M2AFWxq8fWs1QCyO1OUy
.outbrain.com/ Name: openx
Value: 3619d1d6-4976-45f3-a803-1dbecbe123a7
.outbrain.com/ Name: indxexcg
Value: YisqEwvGNa5jhI2NpW1I0QAAA-AAAAAB
.outbrain.com/ Name: rtbhs
Value: g71zTyS3JrJ1a7exnX6p
.arstechnica.com/ Name: _parsely_tpa_blocked
Value: {%22tpab%22:false}
.bing.com/ Name: MUID
Value: 396D3F4D53D06EBD30F72E2952FA6F79
.c.bing.com/ Name: MR
Value: 0
.technoratimedia.com/ Name: tads_uid
Value: 494D3CE41C99400BA621FD0E3E02E377
.technoratimedia.com/ Name: tads_uid_cd
Value: 20220311055310-0500
.technoratimedia.com/ Name: tads_zora
Value: 2
.smartadserver.com/ Name: pid
Value: 489781436322581848
.ad.gt/ Name: last_seenopenx
Value: 1646995990813
.ad.gt/ Name: openx_id
Value: af48e1b4-bf14-47f3-9897-5b4364252b88
sofia.trustx.org/ Name: buid
Value: 82063e31-d895-4c78-815b-e5685b556304
sofia.trustx.org/ Name: um2
Value: !1,82063e31-d895-4c78-815b-e5685b556304,416274790
arstechnica.com/ Name: _lr_sampling_rate
Value: 0
.openx.net/ Name: pd
Value: v2|1646995989.2|iKbwuYvPvMgahEgKkWg2f8gy.mmvJeSvuke
.rkdms.com/ Name: sessionid
Value: h-d98266e9b685071938b03c49ecdc7ad6_t-1646995991
.outbrain.com/ Name: improve_digital
Value: 731aab81-526e-449a-8b81-5fa14fdcea13
.3lift.com/ Name: tluid
Value: 3712844220807655623468
.contextweb.com/ Name: V
Value: AAVDZjpMrsEP
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: be15783f93e28e2f
.pubmatic.com/ Name: PUBMDCID
Value: 2
.arstechnica.com/ Name: _hjSessionUser_1632543
Value: eyJpZCI6IjE3MjJlOTViLTkzMTEtNTYyOS1hNzRmLWNlNGQ3MTY4YzY0OCIsImNyZWF0ZWQiOjE2NDY5OTU5ODY5OTAsImV4aXN0aW5nIjpmYWxzZX0=
.arstechnica.com/ Name: _hjFirstSeen
Value: 1
arstechnica.com/ Name: _hjIncludedInSessionSample
Value: 1
.arstechnica.com/ Name: _hjSession_1632543
Value: eyJpZCI6IjdhODllMzRlLTBhMTctNDUyMy04NjU3LTM0M2Y1YjEwZGZjYiIsImNyZWF0ZWQiOjE2NDY5OTU5OTEyODksImluU2FtcGxlIjp0cnVlfQ==
arstechnica.com/ Name: _hjIncludedInPageviewSample
Value: 1
.arstechnica.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.sitescout.com/ Name: ssi
Value: 5eeb4888-9012-4b3c-9528-1548c8465e44#1646995991346
.outbrain.com/ Name: oath_display
Value: y-wieNCjlE2uEnDGV5ht6_4R0hTe9WyDUFX.ot.jQ-~A
.yellowblue.io/ Name: wrvUserID
Value: PRjpHCvfCH_s
.outbrain.com/ Name: spotx
Value: 703b40fe-a129-11ec-a4b2-19a2cb060103
.outbrain.com/ Name: synacor
Value: 494D3CE41C99400BA621FD0E3E02E377
.outbrain.com/ Name: smart
Value: 489781436322581848
.outbrain.com/ Name: oath
Value: UP7056a3fc-a129-11ec-b6e3-0210df448c65
.outbrain.com/ Name: mediaforce_custom
Value: bcaf9e53-95b7-4356-9c31-3b956785f931
.addthis.com/ Name: ouid
Value: 622b2a180001f4bfb30c081ec459c9bfbbb60335a021eeb381fd
.addthis.com/ Name: um
Value: g.'68547252942253779170798061318171033219'
.addthis.com/ Name: uid
Value: 622b2a18a015d6b9
.outbrain.com/ Name: bdswch
Value: 82063e31-d895-4c78-815b-e5685b556304
.criteo.com/ Name: uid
Value: fa7763bf-d917-451f-853b-cf8801daf3e6
.w55c.net/ Name: wfivefivec
Value: WmVnYQcI1NsCTu5
.w55c.net/ Name: matchmedianet
Value: 5
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjS3NDQ2NwdiCyMLcwNjIwsLIT5D3cBsywzvSqdKbzd_bwABaRO8JQAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjS3NDQ2NwdiCyMLcwNjIwsLIT5D3cBsywzvSqdKbzd_byleQzMTM0tLU0tLYwNDcwBgoaKpNAAAAA
.media.net/ Name: data-rk
Value: 1791377137828703288~~8
.liadm.com/ Name: lidid
Value: 5ffee842-7fab-447d-985e-82044640f2ab
.openx.net/ Name: univ_id
Value: 537072971|6e0633dc-a403-42d4-8fdd-03bcf8268488|1646995993839755
.media.net/ Name: data-g
Value: CAESEB4pejAekEEt_MjVRbcwjVY~~8
.media.net/ Name: data-ttd
Value: 6e0633dc-a403-42d4-8fdd-03bcf8268488~~1
.mfadsrvr.com/ Name: ssh
Value: !bidswitch,1646995994!medianet,1646995993!outbrain,1646995988
.mfadsrvr.com/ Name: bsw_uid
Value: 82063e31-d895-4c78-815b-e5685b556304
.media.net/ Name: data-mm
Value: 4f1b622b-2a11-4300-89bc-81aa7c7a5721~~8
.media.net/ Name: data-mf
Value: 59125365-6b70-4daa-8987-45b896b15e4d~~1
.media.net/ Name: data-c
Value: fa7763bf-d917-451f-853b-cf8801daf3e6~~1
.media.net/ Name: data-c-ts
Value: 1646995994
.media.net/ Name: data-xu
Value: WmVnYQcI1NsCTu5~~8
.server.cpmstar.com/ Name: USER_ID
Value: %25a%f4%df%0c%99%be%94%3aV%04%a7%22%7eu
.mookie1.com/ Name: id
Value: 10601403155718488451
.mookie1.com/ Name: mdata
Value: 1|10601403155718488451|1646995994369
.mookie1.com/ Name: ov
Value: 660379561ffdd157ec06e792e54c7c24
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEGbcL73e2AFhjruAy7-Vf_Y&KRTB&16514-CAESEGbcL73e2AFhjruAy7-Vf_Y&KRTB&23025-CAESEGbcL73e2AFhjruAy7-Vf_Y
.ipredictive.com/ Name: cu
Value: 738e2803-a129-11ec-a977-0544ef27bb02|1646995994607
.bounceexchange.com/ Name: bounceClientVisit2806c
Value: %7B%22vid%22%3A1646995994881346%2C%22did%22%3A%228019154740035624516%22%7D
.media.net/ Name: data-co
Value: AAAGaswxrVgJGwM8nBtoAAAAAAA~~8
.media.net/ Name: data-bs
Value: 82063e31-d895-4c78-815b-e5685b556304~~1
.media.net/ Name: data-ze
Value: M2AFWxq8fWs1QCyO1OUy~~8
.mookie1.com/ Name: syncdata_TAP
Value: 1
.simpli.fi/ Name: suid
Value: 88A43826E64D4192B957B7C4E6FE616D
.dyntrk.com/ Name: dyn_u
Value: 04030001_622b2a1c582d2
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAPvFyGtoZmJmaWlqaWlmYmACAEd56CwQAAAA
.eqads.com/ Name: EQUser
Value: UID=f1770967-7ffa-4f4c-9ee5-7d6695b3f917
.deepintent.com/ Name: CDIUSER
Value: di_d8ea72eaab5e46e287f5a
.adform.net/ Name: C
Value: 1
.turn.com/ Name: fc
Value: y0zxBgKe-681zzbkU6X9Msr8tNP9yMvR-ZIw5w-8wJMeRQwZvWqVI-6pUg34vHZyzwoS3nKolbZxp-KIEYfqhrnFrJTqsUBI8caU_e4TLCpxdxA13xTlPwal8PUkKYzs
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:88A43826E64D4192B957B7C4E6FE616D
ssp.behave.com/ Name: tuuid
Value: 35002c8f-48b8-4540-9cae-e701b9b135e9
ssp.behave.com/ Name: c
Value: 1646995996
.mookie1.com/ Name: syncdata_NEU
Value: 1
.bidr.io/ Name: bitoIsSecure
Value: ok
.bidr.io/ Name: bito
Value: AADDLE7EVlQAACtnjd2l6Q
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 605c1349d50ebc618e582106d51c2c66
.adform.net/ Name: uid
Value: 3647879326392102687
ssp.behave.com/ Name: tuuid_lu
Value: 1646995997
.mookie1.com/ Name: syncdata_IOW
Value: 1
.arstechnica.com/ Name: _ga
Value: GA1.2.1262709198.1646995983
.33across.com/ Name: 33x_ps
Value: u%3D211622110763255%3As1%3D1646995997831%3Ats%3D1646995997831
arstechnica.com/ Name: cneplayercaptions
Value: showing
.adkernel.com/ Name: ADKUID
Value: A4427270609957140250
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.pubmatic.com/ Name: pi
Value: 156512:3
.pubmatic.com/ Name: DPSync3
Value: 1648166400%3A201_197%7C1647561600%3A164%7C1647043200%3A174
.pubmatic.com/ Name: SyncRTB3
Value: 1648166400%3A54_7_57_220_231_99_239_104_5_3_8_240_56_22_55_48_165_176_13_178_233_21_71_96_222_166%7C1647561600%3A223_15_38_2%7C1647820800%3A63%7C1649548800%3A224%7C1648252800%3A35
.media6degrees.com/ Name: clid
Value: 2r8ku8u01171tfnqezd9oppq000000011y010b01301
.media6degrees.com/ Name: acs
Value: 012020k1r8ku8uxzt10
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A4427270609957140250
.deepintent.com/ Name: CDIPARTNERS
Value: %7B%22141%22%3A%2220220311%22%7D
.w55c.net/ Name: matchpubmatic
Value: 5
.rlcdn.com/ Name: pxrc
Value: CI/UrJEGEgUI6AcQABIFCOhHEAASBgi16gEQChIGCLrqARAHEgYIwuoBEBASBgi46wEQAxIGCIq6KxAI
.analytics.yahoo.com/ Name: IDSYNC
Value: "195n~23oy:18y3~23oy:193c~23oy:18xa~23oy:175w~23oy:18za~23oy:18z8~23oy"
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTY0Njk5NTk5OTA5OSwiNCI6MTY0Njk5NTk5NDQ2NSwiMjciOjE2NDY5OTU5OTQ0NjUsIjE3IjoxNjQ2OTk1OTkyNTc4LCIzOSI6MTY0Njk5NTk5NDQ2NX0
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 4056-YisqEAAAAByHOAQr&KRTB&22978-YisqEAAAAByHOAQr&KRTB&23194-YisqEAAAAByHOAQr&KRTB&23209-YisqEAAAAByHOAQr
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:4f1b622b-2a11-4300-89bc-81aa7c7a5721&KRTB&16736-uid:4f1b622b-2a11-4300-89bc-81aa7c7a5721&KRTB&23019-uid:4f1b622b-2a11-4300-89bc-81aa7c7a5721&KRTB&23208-uid:4f1b622b-2a11-4300-89bc-81aa7c7a5721
.adgrx.com/ Name: ADGRX_UID
Value: 763c50f8-a129-11ec-ba1d-13cc640753b5
.acuityplatform.com/ Name: auid
Value: 654219918252
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANvqNdXNlck1hdGNoaW5nSWTMkWxhc3REcm9wVGltZU1pbGxpcyUBP14TSEyimGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAT9eE0hMoo90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.dotomi.com/ Name: DotomiTest
Value: 6a7beb961a97120d
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-4f831106-aa6b-483f-7391-cb040e00f0d5.UEI86e8TsA9SoFVgJACvs9jIWZ29qTDFWQIBk%2FMACuk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AT4MRBqprSD9zkcsEDgDw1ZU4mbM.0JuOyCSkgdnIBWl17TlZRhvLULHNVx1XvIKRk1u2rK8
.pubmatic.com/ Name: KRTBCOOKIE_107
Value: 1471-uid:WmVnYQcI1NsCTu5
.pubmatic.com/ Name: KRTBCOOKIE_1251
Value: 23269-di_d8ea72eaab5e46e287f5a
.tribalfusion.com/ Name: ANON_ID
Value: aBnuBsqZbaOE6iPq6fDMbZb0eFfY1XNOKWcAQV64fqodl7MsOlZa7piacQkXpZd3SSEqaePwhuZc9xa7ZaGnrRwMZcbTIrN5p3GZbrgsf8QWvgNpLUJv
.owneriq.net/ Name: si
Value: Q7002823991353312790P
.owneriq.net/ Name: pmc
Value: 1
.taboola.com/ Name: t_gid
Value: e608c96d-793e-4b06-b808-da3dae17fadc-tuct924af9f
.bnmla.com/ Name: rx_sspurl_10738
Value: https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D4b015e21-91d7-4216-ac8f-018a39260d41
.bnmla.com/ Name: rx_uuid
Value: 4b015e21-91d7-4216-ac8f-018a39260d41
.bnmla.com/ Name: rx_maxage_10738
Value: 1648291999
.adgrx.com/ Name: ADGRX_CM_PUBMATIC_BRIDGED
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_469
Value: 8273-654219918252
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-T4MRBqprSD9zkcsEDgDw1ZU4mbM
.pubmatic.com/ Name: KRTBCOOKIE_1278
Value: 23329-5dd9b3c4-2b86-4156-8d0e-df02802af0ce
.quantserve.com/ Name: d
Value: EOsBEQHRJfijC4jGAA
.inmobi.com/ Name: idsp_c
Value: 6ca62cbf-06fe-4d09-904c-455965eae6d8
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1cmt|2N.0.AAAGabtYezLYaQMDhsA2AAAAAAA|3oy.0.5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341|4is.0.CAESEH1ioGvot0rjvbXHYIxnCLw|7TY.0|7dN.0.AADDLE7EVlQAACtnjd2l6Q
.pubmatic.com/ Name: KRTBCOOKIE_1003
Value: 22761-763c50f8-a129-11ec-ba1d-13cc640753b5
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 93a8c1bb-d1be-4df9-93cb-23005a22104d
beacon.lynx.cognitivlabs.com/ Name: ss
Value: rj03D5Xk%2FoTzu%2F%2FBBMZTIbMwpo8mgsKFGVmihSWHo7G%2FFW7wGSN1NOoS%2FpYzLKBGADy91K9%2FpaaaUL3gs9eOUg%3D%3D
.pubmatic.com/ Name: KRTBCOOKIE_1233
Value: 23223-6ca62cbf-06fe-4d09-904c-455965eae6d8&KRTB&23266-6ca62cbf-06fe-4d09-904c-455965eae6d8&KRTB&23285-6ca62cbf-06fe-4d09-904c-455965eae6d8
.bnmla.com/ Name: rx_sspid_10738
Value: 170
.pubmatic.com/ Name: KRTBCOOKIE_286
Value: 5193-Q7002823991353312790&KRTB&22521-Q7002823991353312790
.technoratimedia.com/ Name: tads_uidp_73
Value: AADDLE7EVlQAACtnjd2l6Q
.creative-serving.com/ Name: tuuid
Value: 66501900-d67a-40b1-a924-cf3f6bdd21a4
.creative-serving.com/ Name: c
Value: 1646995999
.creative-serving.com/ Name: tuuid_lu
Value: 1646995999
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AADDLE7EVlQAACtnjd2l6Q
.pubmatic.com/ Name: KRTBCOOKIE_279
Value: 22890-738e2803-a129-11ec-a977-0544ef27bb02&KRTB&23011-738e2803-a129-11ec-a977-0544ef27bb02&KRTB&23355-738e2803-a129-11ec-a977-0544ef27bb02
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-7380764466701486637&KRTB&23339-7380764466701486637
.pubmatic.com/ Name: KRTBCOOKIE_308
Value: 22925-4b015e21-91d7-4216-ac8f-018a39260d41
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005%22%2C%22nxtrdr%22%3Afalse%7D
.adsrvr.org/ Name: TDCPM
Value: CAESFAoFdGFwYWQSCwjKxp6i69XBOhAFEhUKBmNhc2FsZRILCPruvPbr1cE6EAUSFgoHcnViaWNvbhILCIizqIPs1cE6EAUSFQoGZ29vZ2xlEgsIhtb8n-zVwToQBRIXCghwdWJtYXRpYxILCLbUrqvs1cE6EAUSFwoIbGl2ZXJhbXASCwikuIWx7NXBOhAFGAEgASgCMgsIpLCI3oLWwToQBTgBWghsaXZlcmFtcGAC
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-6e0633dc-a403-42d4-8fdd-03bcf8268488&KRTB&22918-6e0633dc-a403-42d4-8fdd-03bcf8268488&KRTB&23031-6e0633dc-a403-42d4-8fdd-03bcf8268488
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-3480839182339453453
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-UpEFzlbCBp5JxQScXZYalVGQDp1JmwOYB5TTwl7K&KRTB&19420-UpEFzlbCBp5JxQScXZYalVGQDp1JmwOYB5TTwl7K&KRTB&22979-UpEFzlbCBp5JxQScXZYalVGQDp1JmwOYB5TTwl7K
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-3647879326392102687&KRTB&23263-3647879326392102687
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-5eeb4888-9012-4b3c-9528-1548c8465e44-622b2a17-4341
.yieldoptimizer.com/ Name: fbh0
Value: %7B%7D
.yieldoptimizer.com/ Name: gcma
Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/ Name: rmxc
Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/ Name: cktst
Value: 398643996
.pubmatic.com/ Name: KRTBCOOKIE_594
Value: 17107-RX-32ed5efb-1c2d-44f6-b148-67108c9e0044-005
.c.appier.net/ Name: _auid
Value: HzIO2IQ6BCiPRPFEHyorYg
.pubmatic.com/ Name: KRTBCOOKIE_904
Value: 16787-HzIO2IQ6BCiPRPFEHyorYg&KRTB&23130-HzIO2IQ6BCiPRPFEHyorYg
.pubmatic.com/ Name: KRTBCOOKIE_52
Value: 22772-R1D531_EC8FEA92_AA647E30&KRTB&23092-R1D531_EC8FEA92_AA647E30
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAGaswxrVgJdAN9ySjpAAAAAAA&KRTB&22713-AAAGaswxrVgJdAN9ySjpAAAAAAA&KRTB&22715-AAAGaswxrVgJdAN9ySjpAAAAAAA
.yieldoptimizer.com/ Name: ckid
Value: 2026732888443
.yieldoptimizer.com/ Name: dph
Value: %7B%22t%22%3A%5B115618%5D%2C%22dp%22%3A%5B2233%5D%7D
.yieldoptimizer.com/ Name: ph
Value: %7B%22p%22%3A%5B1025%5D%2C%22t%22%3A%5B115618%5D%7D
.pubmatic.com/ Name: SPugT
Value: 1646996000
.turn.com/ Name: pxs
Value: 172291716%2319062%2C172291685%2319062%2C173614712%2319062%2C172291717%2319062%2C172291718%2319062%2C172291714%2319062%2C172291715%2319062%2C187431564%2319062%2C182725260%2319062%2C172291727%2319062%2C172291720%2319062%2C172291722%2319062%2C172291723%2319062%2C172291732%2319062%2C172291729%2319062%2C257013671%2319062%2C172291710%2319062%2C172291738%2319062
ads.stickyadstv.com/ Name: UID
Value: eba6e024abc36d8f0b41a55c0c489c7
ads.stickyadstv.com/ Name: uid-bp-171
Value: 3480839182339453453
ads.stickyadstv.com/ Name: sessionId
Value: b8b1ea409de513e9d23ae765b9654f44
.media.net/ Name: data-amb
Value: 3480839182339453453~~3
.smartadserver.com/ Name: csync
Value: 32:3480839182339453453
.teads.tv/ Name: tt_viewer
Value: 17e25837-3e53-4b54-aed0-44f8c43d40a1
.tidaltv.com/ Name: tidal_ttid
Value: 6ba837dd-3fe8-4e92-8c05-f4d09f0592b4
.rlcdn.com/ Name: rlas3
Value: 9IO9ZUP5AfJp/S2iXDJTZxcAGMEe3O41vxv3uqlnvvs=
.owneriq.net/ Name: p2
Value: adpq
.pro-market.net/ Name: anHistory
Value: "uio6ugo2sby6+2+!#7%3!j#/mY"
.sharethrough.com/ Name: stx_user_id
Value: f79cd4fd-15c4-4fa2-9178-16f0fd3aee44
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value: 1!1690-2!1690
.pro-market.net/ Name: anProfile
Value: "uio6ugo2sby6+1+1f=1+1g=1+1j=3k:1+rs=s+rt=26075300006078670000000000000002+s2=(r8ku8x)+vm=53-CAESEISqXIC2ww_codZj606Hk8g:85-3480839182339453453"
.mxptint.net/ Name: mxpim
Value: R1D531_EC8FEA92_AA647E30.1.0000000000000000622B2A1F00000000000000000000000000000000622B2A22
.arstechnica.com/ Name: _ga_P1P55J3LNW
Value: GS1.1.1646995988.1.0.1646996002.46
.truoptik.com/ Name: to_master_s
Value: a468c49a3ea2042c955cf271e61d9a45
.truoptik.com/ Name: to_version_s
Value: b2
.fwmrm.net/ Name: _uid
Value: "o2220_7073793969528568304"
.rubiconproject.com/ Name: audit
Value: 1|mFVHqHkj5bGjByFtahhlf+1WuCoMxA8a+JUixCbOKdrLBVAUjJ1CT8K+9GLnNv5RoQQ1ZWDgV22Y2dlbhav2vuCAnekPgJib7ZpQA0goIccPINyFRbEKpA==
.casalemedia.com/ Name: CMRUM3
Value: 27622b2a1a27606e0633dc-a403-42d4-8fdd-03bcf8268488&2d622b2a1b05a0CAESEK1lANW2foKcTnOMEJh9gU0&ce622b2a1a05a0&28622b2a1d2760f1770967-7ffa-4f4c-9ee5-7d6695b3f917&41622b2a1c05a0AAAGahZLjM3jAAMHSkHTAAAAAAA&c4622b2a1d276004030001_622b2a1c582d2&82622b2a1d2760AAHhLk7EVlQAACvQi0gD4w&5a622b2a1c276088A43826E64D4192B957B7C4E6FE616D&c3622b2a1c2760av-be6ce8a0-7d69-40ce-a8e6-a9c55b12db41&e6622b2a1a2760&2e622b2a1c27607380764466701486637&04622b2a2127603480839182339453453&58622b2a242760YisqEAAAAByHOAQr&69622b2a1a05a00&b0622b2a1a05a0&39622b2a1c27601791377137828703288&83622b2a1b276018072662291208079361&03622b2a1a27604f1b622b-2a11-4300-89bc-81aa7c7a5721&dd622b2a1a2760&f1622b2a1605a0&6f622b2a1d27603647879326392102687&49622b2a1a05a0
.casalemedia.com/ Name: CMST
Value: YisqFWIrKiQA
.adnxs.com/ Name: anj
Value: dTM7k!M40<F7/.XF']wIg2GTweUcm9!]tam8i_iqf!oN/@E'zz<*Z0Q8IKLq^j]dh7EXN^(tZ/z*HDsV.?=@2A7Y(YTD4Z]pPi_y0/m2EV=@j^q6MQkTtkugNSO[8.><2j.wL5oa9/sZwfzrVVMyXmTWBCu(lOfM!wwih/Us+M
.pubmatic.com/ Name: PugT
Value: 1646996004
.demdex.net/ Name: dextp
Value: 21-1-1646995988323|269-1-1646995990175|3-1-1646995990970|420-1-1646995992285|60-1-1646995993813|358-1-1646995994525|477-1-1646995995286|481-1-1646995996086|843-1-1646995996644|540-1-1646995997109|601-1-1646995997364|771-1-1646995998006|992-1-1646995998360|1123-1-1646995998712|1175-1-1646995999195|1524-1-1646996000154|22069-1-1646996000791|575-1-1646996001443|53196-1-1646996001913|73426-1-1646996002145|75557-1-1646996002360|79908-1-1646996002627|66757-1-1646996002981|121998-1-1646996003404|796-1-1646996003681|144230-1-1646996004007|144231-1-1646996004199|144232-1-1646996004414|144233-1-1646996004588|144234-1-1646996004799|144235-1-1646996004930|144236-1-1646996005062|144237-1-1646996005199|161033-1-1646996005328|285689-1-1646996005434
.onaudience.com/ Name: cookie
Value: 3ac768b766a8960b
global.ib-ibi.com/ Name: ASP.NET_SessionId
Value: p2ieh0vpjcxehhrxge1qdvev
ib.mookie1.com/ Name: ASP.NET_SessionId
Value: ndqnm2rzyen3hz1yo1wsxj52
.ib.mookie1.com/ Name: ibkukiuno
Value: s=d3ad226c-88ab-46a6-8b88-5216c89948db&h=&v=0&l=-8585546108790544916&op=&hl=0&vlu=0&tcs=1&dcc=-8585546108793167498
.ib.mookie1.com/ Name: ibkukinet
Value: 2503514547=-8585546108790544916&2503514547=-8585546108790544916
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjA1tjK0MNY1NLPQNTQ11TU0ANIGlrqGRuYAs+j8Kx0AAAA="
.arstechnica.com/ Name: aamoptsegs
Value: aam%3D226821
.arstechnica.com/ Name: aamconde
Value: conde%3Dsv
.arstechnica.com/ Name: aam_uuid
Value: 68547252942253779170798061318171033219

19 Console Messages

Source Level URL
Text
network error URL: https://d.turn.com/r/dd/id/L21rdC84MTYvY2lkLzI4NTk1MjE1L3QvMA/kv/PageName=undefined,SiteID=Ars%20Technica,CampaignID=1802C,Channel=website,CreativeID=information%20technology,Placement=undefined
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/
Message:
Access to XMLHttpRequest at 'https://sstats.arstechnica.com/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=F7093025512D2B690A490D44%40AdobeOrg&mid=68762862322192564840819322226396803674&ts=1646995984105' from origin 'https://arstechnica.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://sstats.arstechnica.com/id?d_visid_ver=4.6.0&d_fieldgroup=A&mcorgid=F7093025512D2B690A490D44%40AdobeOrg&mid=68762862322192564840819322226396803674&ts=1646995984105
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://arstechnica.com/infinityid
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
network error URL: https://tags.bluekai.com/site/29859?id=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.crwdcntrl.net/map/c=14516/tp=OBRN/tpid=qSZsVw7IUjQi-gwyCbHs7kqGbYOHIfpV2bpVGuG4BGGjcemTz4da8pxCHSCn49zu
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://fr-actions.trackonomics.net/prod/arstechnica.com/information-technology/2022/03/feds-extradite-ransomware-suspects-from-2-prolific-gangs-in-a-single-week/action_links.json
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=1409
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'interest-cohort'.
security error URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east
Message:
Blocked script execution in 'https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
security error URL: https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint
Message:
Blocked script execution in 'https://bh.contextweb.com/visitormatch?p=547259,530912,534301,548607,543793,561117&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid%3D%25%25VGUID%25%25%26ex%3DPulsepoint' because the document's frame is sandboxed and the 'allow-scripts' permission is not set.
network error URL: https://p.adsymptotic.com/d/px?_pid=11693&_psign=bf265992ae7fbdc1ab4b39651c157974&_puuid=68547252942253779170798061318171033219&_rand=2052634866&_pp=adobeXtest&_redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=1524%26dpuuid=${UUID}
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://z.moatads.com/condenastdfp9588492144/moatad.js(Line 136)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://idsync.rlcdn.com/362388.gif?partner_uid=3480839182339453453&gdpr=0&gdpr_consent=&us_privacy=
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval'; child-src https: data: blob:; connect-src https: data: blob:; font-src https: data:; img-src https: data:; media-src blob: data: https:; object-src https:; script-src https: data: blob: 'unsafe-inline' 'unsafe-eval'; style-src https: 'unsafe-inline'; block-all-mixed-content; upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4d.condenastdigital.com
56c7454c491040319f887b0add12c0c8.safeframe.googlesyndication.com
a.ad.gt
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
abp.mxptint.net
acdn.adnxs.com
ad.360yield.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.creative-serving.com
ads.pubmatic.com
ads.scorecardresearch.com
ads.stickyadstv.com
adservice.google.ca
adservice.google.com
ak.sail-horizon.com
ampcid.google.ca
ampcid.google.com
analytics.google.com
analytics.tiktok.com
analytics.twitter.com
aorta.clickagy.com
api.bounceexchange.com
api.cnevids.com
api.condenast.io
api.rlcdn.com
api.sail-personalize.com
arstechnica.com
as-sec.casalemedia.com
assets.bounceexchange.com
assoc-na.associates-amazon.com
aufp.io
b1sync.zemanta.com
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bh.contextweb.com
bpi.rtactivate.com
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c21lg-d.media.net
c2shb.ssp.yahoo.com
capture.condenastdigital.com
casale-match.dotomi.com
cdn-magiclinks.trackonomics.net
cdn.arstechnica.net
cdn.cookielaw.org
cdn.jsdelivr.net
cdn.mediavoice.com
cdn.memo.co
check.analytics.rlcdn.com
cm.adgrx.com
cm.everesttech.net
cm.g.doubleclick.net
condenast.demdex.net
condenastus-d.openx.net
connect.facebook.net
contextual.media.net
creativecdn.com
cs-server-s2s.yellowblue.io
cs.emxdgt.com
cs.media.net
csi.gstatic.com
d.adroll.com
d.turn.com
d2c8v52ll5s99u.cloudfront.net
dfp.bouncex.net
dis.criteo.com
dmp.adblade.com
dmp.truoptik.com
dmp.v.fwmrm.net
dp2.33across.com
dp8hsntg6do36.cloudfront.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
dwgyu36up6iuz.cloudfront.net
eb2.3lift.com
elsa.memoinsights.com
eus.rubiconproject.com
events.bouncex.net
fastlane.rubiconproject.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
fpa-cdn.arstechnica.com
fpa-events.arstechnica.com
fr-actions.trackonomics.net
geolocation.onetrust.com
global.ib-ibi.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hblg.media.net
hbx.media.net
htlb.casalemedia.com
i.liadm.com
ib.adnxs.com
ib.mookie1.com
ice.360yield.com
id.geistm.com
id.rlcdn.com
id.sv.rkdms.com
idpix.media6degrees.com
ids.ad.gt
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.outbrainimg.com
imasdk.googleapis.com
in.hotjar.com
infinityid.condenastdigital.com
js-sec.indexww.com
load77.exelator.com
loadm.exelator.com
loadus.exelator.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
mb.moatads.com
mcdp-sadc1.outbrain.com
medianet-match.dotomi.com
mweb.ck.inmobi.com
nep.advangelists.com
odb.outbrain.com
odr.mookie1.com
p.ad.gt
p.adsymptotic.com
p.rfihub.com
p.skimresources.com
pagead2.googlesyndication.com
pbid.pro-market.net
pbs.getpublica.com
pippio.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.condenastdigital.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pixels.ad.gt
player.cnevids.com
plugin.mediavoice.com
pm.w55c.net
pmp.mxptint.net
polarcdn-terrax.com
pr-bh.ybp.yahoo.com
prebid.media.net
presentation-atl1.turn.com
ps.eyeota.net
pubads.g.doubleclick.net
pubmatic-match.dotomi.com
pulsepoint-match.dotomi.com
px.ads.linkedin.com
px.moatads.com
px.owneriq.net
px4.ads.linkedin.com
qsearch-a.akamaihd.net
r.skimresources.com
r.turn.com
rogersadops-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.adentifi.com
rtb.mfadsrvr.com
rtb.openx.net
rtb2-useast.e-volution.ai
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.skimresources.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
segment-data.zqtk.net
server.cpmstar.com
simage2.pubmatic.com
simage4.pubmatic.com
snap.licdn.com
sofia.trustx.org
srv-1970-01-01-00.pixel.parsely.com
ssbsync-us.smartadserver.com
ssbsync.smartadserver.com
ssp.behave.com
sstats.arstechnica.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
su.addthis.com
sync-jp.im-apps.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.hgrtb.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
sync.tidaltv.com
t.co
t.skimresources.com
tag.bounceexchange.com
tag.yieldoptimizer.com
tags.bluekai.com
tags.rd.linksynergy.com
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
trx-hub.com
u.openx.net
um.simpli.fi
um2.eqads.com
ums.acuityplatform.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
vars.hotjar.com
warp.media.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
x.bidswitch.net
x.dlx.addthis.com
z-na.associates-amazon.com
z.moatads.com
sstats.arstechnica.com
104.107.15.75
104.16.109.154
104.18.102.194
104.244.42.67
104.244.42.69
104.36.115.109
104.36.115.114
104.45.178.220
107.178.246.49
107.178.254.65
129.159.70.95
13.107.42.14
13.33.60.107
13.33.60.29
13.33.60.43
13.33.81.81
13.33.86.49
142.250.176.194
142.250.64.102
142.251.40.162
142.251.40.194
142.251.40.226
143.204.137.197
143.204.146.2
143.204.146.92
146.75.28.157
146.75.30.132
151.101.128.239
151.101.129.44
151.101.192.239
151.101.66.49
151.139.128.11
169.197.150.8
172.105.221.29
173.231.178.82
174.129.136.41
174.137.133.49
18.176.120.50
18.215.24.252
18.223.55.244
18.232.14.164
184.85.195.135
185.167.164.37
185.184.8.65
192.132.33.46
192.35.249.120
198.148.27.140
198.24.171.51
199.127.204.142
199.187.193.181
199.187.193.185
199.38.167.128
205.234.175.175
207.198.113.178
209.54.180.144
23.195.109.72
23.198.216.120
23.216.132.60
23.50.53.184
23.52.160.130
23.52.161.180
23.52.162.190
23.52.162.21
23.52.163.40
23.52.164.28
23.52.167.93
23.66.229.102
23.73.244.44
2600:141b:13::17d7:82d1
2600:1901:0:8eee::
2600:1f16:e61:3f01:a4e3:c039:b71b:e458
2600:1f18:1c96:4103:8c46:e608:3238:e5d3
2600:1f18:4e9:5a02:46a:34b7:83ca:e02c
2600:9000:2120:9000:1d:8c8c:47c0:93a1
2600:9000:2140:2000:6:44e3:f8c0:93a1
2600:9000:2140:6400:1b:5138:8a40:93a1
2602:803:c002:200::62
2606:4700:10::6814:b844
2606:4700::6810:5514
2606:4700::6810:9440
2606:4700::6811:4132
2606:4700::6812:b4f
2606:4700::6812:c05
2606:4700::6813:da83
2606:ae80:1450:16::2040
2607:f8b0:4004:c0b::9a
2607:f8b0:4006:808::2003
2607:f8b0:4006:808::2006
2607:f8b0:4006:80b::2004
2607:f8b0:4006:80c::2003
2607:f8b0:4006:80c::2008
2607:f8b0:4006:80d::2002
2607:f8b0:4006:817::2001
2607:f8b0:4006:817::200e
2607:f8b0:4006:81c::2002
2607:f8b0:4006:81d::200e
2607:f8b0:4006:820::2002
2607:f8b0:4006:820::200a
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::200e
2607:f8b0:4006:823::2002
2607:f8b0:4012:814::2003
2620:100:a001::c
2620:112:f002:bbbb::21
2620:112:f002:bbbb::23
2620:116:800b:21:f716:921a:893c:c3d8
2620:1ec:21::14
2620:1ec:c11::200
2a02:6ea0:c400::12
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:200::300
3.14.94.35
3.210.148.149
3.211.35.116
3.211.82.118
3.216.55.148
3.233.22.19
3.33.220.150
34.107.148.139
34.111.8.32
34.120.155.137
34.120.253.250
34.199.124.234
34.199.214.21
34.199.73.116
34.213.88.197
34.226.175.205
34.226.51.171
34.229.3.43
34.232.146.139
34.232.5.62
34.236.83.94
34.98.67.3
34.98.72.95
35.190.52.204
35.190.59.101
35.190.60.146
35.190.90.30
35.190.91.160
35.201.67.47
35.207.10.239
35.207.24.140
35.211.168.6
35.211.178.172
35.227.252.103
35.244.159.8
35.71.139.29
35.81.86.185
35.84.228.30
38.27.122.101
38.67.14.224
38.67.14.233
44.200.208.73
44.235.32.190
44.238.176.75
44.240.184.96
50.19.69.187
51.161.117.180
51.210.112.63
52.0.156.250
52.11.239.202
52.116.221.248
52.2.129.5
52.202.90.162
52.203.60.58
52.206.174.18
52.3.57.166
52.43.199.141
52.5.237.191
52.54.42.45
52.6.194.164
52.7.157.94
52.94.223.37
54.156.48.24
54.158.197.5
54.164.187.255
54.175.87.114
54.205.17.116
54.209.12.215
54.224.102.47
54.234.215.67
54.236.214.209
54.85.186.77
63.251.28.219
64.58.232.176
64.58.232.180
64.74.236.127
66.225.223.127
67.202.105.21
68.67.161.210
68.67.161.212
69.90.254.78
70.42.32.159
72.21.195.65
74.119.119.150
74.121.140.14
75.101.138.186
8.28.7.81
8.28.7.82
8.43.72.97
8.43.72.98
85.114.159.93
99.80.161.153
99.83.154.140
99.84.120.215
99.84.125.103
99.84.125.75
99.84.125.95
99.84.125.99
99.84.42.58
99.84.42.90
99.84.42.94
005f315d6f7cf50f04161a51e17287b5040b513267560b083a3cf39d0b892ba8
012e9ca05924ae22684fd662f5b049846f53e0a9ecedc2c766e9fad39fbb1913
0186840386391fa2c0750ff7450a78e066498ba3274546a6fcf0fa9c55cd457c
02930a3c5f2c4d7916106255cd842ea509198e9f7c99160537aeb892eb3764e7
030e91b7512dbb40e9b9057f20bcf54c296a7f28c04bbcde0f2d2706dd2a3a06
0396be2ab58ec30babd0838d7e37d6407475d4361be85ee7451dbac9186add57
039f13cdf684666dd973e2385f773385adb074039e8a832ec48e1ae35fb20c15
03f79370c505484926193469c439ce3b7d7004f408c07b359a29274b1ab28000
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05ef4e52a9136146e829b903f03d6ceacafa049c481f5cca118c93a03663e12b
06b33c040105224101afcdaacd82b6dfb3ea1bf9ef3d7478cf5fa163a0ad65e0
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08b8b78504677c4bb61018fbcfe343bf7603d3ea56b3b47d9532569104f9b5c0
08ed3bf6e73a999bafb422b878fb05b87269b00a65230c9457ce75aee10b873e
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
09bbc2707865aef8533be98d346f3c2a47eace7a5b5eed4dae492e6a1d5a0bad
09c272dc0ba5fa58b24854c32acf50db5aa8e02659685ca6e4ec0d8a78e66c16
0a280e864b87587efb0dad5227e1e3c55a72cc15ad6f1aa76766bb6128118ccb
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b5c6a8d4a856db56da956eced8af9a5eb6e0a89dc67de5ffc4c83513472a3cc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0ca9835020d5222c62dbf7624c882b04a7384dd389d4774914bb23214e975d10
0e24c77ee2df3b05b6f32e1890b39fbd6b46c7b159a256f0e07f8c5400468451
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f8954ce595fcc5e030e44f8daea903da16781358fb95f97031a5e329d7bf762
1097abb6f0992cccc79428374463e7f23b99dae5eb85d7317b20bd57c96031bb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1193e934b76ed372f47e23f78f8a13e99d9588e564aff866e8f700e7a0650a83
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
139f8773a3a0d5819b4f4dcff5e6f5474f2d96e7b98b530b200f9dd8902c8726
15cd7d7ccbb477c4a85b1354854ba0c74a0810f86c5ca9437bba1c9c4b7ff587
1645cfe2c4914e99ee7ccc9eeadbc05b12b1298db1a495b532adfb0643ca598d
16708dda2536b4b3782313db4a6ec8456cd84da7ae0f56d7d2455e68fc9bc4f0
16f86804dd013db340fee4020a539d3e9d6e5a03d6841e431e50c428e99c26e8
173d7c7e266672df75c4e048a934c55ee24d9a9028a87fd2957e74d1bd6a8d08
17828d5067aa485c747a0e94d3a01d076f725d745d547e091cfebc2ebafa8af6
17911ae0a17688919987f0465e31d1c0ff584378fe16eeb2798c94d1a404f2da
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18794d2ef2e62636a8d7cea1ce420a572c82e448ab1e4a0a9b817013e99e25f4
190377615dab87592bde12754eb00953d988b3f76326e097b61f3f77ecdec486
1bf55bc00dbf13180884211c3d301729e67b81f3456225c1fbf97d271d636509
1c43462cc6df9573f5da97b3183b55ad55ac21976679c2f652b453d4e927d5f5
1c7dcc8216c6f82da2998ceeac2523632c7f9bffe510824b6d082621201f2012
1defb6bc54a7ee9c066136908360e8455c23ee9ad0dec9924e7255d7948cd4be
1f466b08649eef5ad16c20f6d7207bf8818cb107b6241950dbc568cdffc03d63
1f9cd4a445ba85172da6090dd7b95edf55fd9e81ddb193e0b78093c1afa84378
1feafaa9eaf1db06371a7897b4563c43a30d6b0de9912310c0b5bc5c4c1a593f
20660a9ef7ec454c15b2dc62b3db084e0cc9f74c5bb6de71a96fb1a54aef00f8
22b4738b19f4538b2b4e0e8fa9893dc9bd9aa2a9905d8cd04f22c03f7dfc8c94
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27348ba4b98bd80f1038496ec5dea6ad865680540058fb085b8ca199b8aaf4c5
28e332b169942af1515d3eb1c40391556421cd1a8c56f07481e4d43a8c7a015e
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29637e0647104ccc5d5583e652db29ce99e947c858c3d9502960e7ea7f1aea19
298b271ee28d46aa6c13d93172661d524489854b36cbeec1601cb605207284d3
29bf31337ef99cc5bb0ae0fcd2b4626d863141c8900bd9175af03327d6285120
2b34ca04fed55adeaadd1818db50026eddd64e7438ee8ef577a8ad3ce395a74f
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2d8da20e250aa413de7bfbc8ccb0b88c7fc0015a7a4a2dd69cd1b437eaeec8f8
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32deea184d626e57d2be55e815bceb4c582b5a7283131d5ec3a1e19e55bda377
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
3557e85820c5b6af8b1f10bbd07b503a8460232b8a7ba5d678c1b379b2dfb764
35aa6009a5e9c65ecc00c19fa23c0556808d65876fead02712c88a1d27f14c0e
35fdad62baf3ffcea320584d286822a561c05dde8f52d72bed13bd3c861f7f82
361b138d5ee8745e6d460be4dbb1c94e4bd4071bd5d224efdf11fab3ba11beaf
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
3b0209841325362235c221628e471145726897e4e1c9b210b6e6b2217fdf2ee8
3ce7e824185893264ab44fbf8370a8f1262831c4c6c367b15f7d4f1e88fadc8c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e3e6c14c037e02bcd7dadfcec6b9aa7a0b00f9a16f80d258cc1df4fa72af34a
3e3f40300b1685c3911589ab78d30f12541035b430e3381aa4c355c08bb0c2ce
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f2cf5f857c617761a251ceef8f6ed452a7690e21f16eff0a70dddf9beea8633
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b601bc0d93dfca6e350b46d113bf8e7ff9e40a87a0c57ab9b3c9c219062423
43935402f95c6e02452551eed170ad4ce21cd71f18dedc5efddd21ed1deca984
43b0a448dfabca1c64deab31c9b3b004d41bac8fafc0796a4f5675cea0dda5a8
454511b4e1f0636670156c9c7de2816701dc59fc9753504b1f87ec7fb7de576e
45f0f27fb78191006375051ee3046fae3105b652d11680432511cba61b32c330
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
46a9ddb1f206a46900872e0a832750ae06925528f81883a3d3517fdb42aefb6d
474e43543efcb5a0bf6c248cbfff92130a2a5611cd0d57ec64170ba982abd99e
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49282a74c6ced31e99f808232188ade8d82652004df4d664dcdb98c32563dd39
4980853759711c8e9e2779239acd62e9e802fba38371763c65ecdd016a83fdbd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba5146eb33e639576b0befa39a523230a21b504b6a68f57bb1a32ea9b514c23
4bd22d2964c3d797dad33a2241e583a00349cb77e39f238a14fefe58e35e2598
4d04b7d4a062fa7873d675612b23bd067cf886a0de7759d617e14bf1641d5105
4da3e3aa30b5b06390d7e7e3fcfb16d648909eb429d161c2748bd6d79a7ec5fb
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec4b6769730ca98db1f40b152c52bd5bec01f61f559fb92709c307750388ac8
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f54a4b534eff2d0440a262b1b1605f097fa4f47d87b389d7245863aea567726
4fb846048afd0ee79141b669572402fc0a024d937c00977e124405d11cd319fe
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5315cf641e62ac7de4a82e6003cc1bd1ff09218400d8ff5286c951e25aee966b
53a0db506162ed3060ae85b44c1fa345ef586cb64b3dfcbf0590ded5b462373d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551ca43e390e357fa87f923bebd068de9448ffd0c86197b6a873a80fdd0d1c2b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56461278ff30f38c727c3303125d7de4992f0c8890bb6d2e314d5ee001400d0a
56f8838a24cb0cc47dc34a19d6b84d6ce8bf8086b1682bbb990abc13b1e2da65
571479d52cd675db5573fe46973c62cba6d8224a76136fcefeb90f7dc42a6391
5776ba1daf67d30c1adc2b55914f0fd71364ffd8bb22d10dc4f8b1488d9d5fc5
577cffba3a5e4060fc00267dd1aae194bab397fc806fa2bdf2498277102cafa2
59201950b83489808587827b4050ffe0597992825daa88c227476cdbbf8ca282
5945f5bc1545e8ef6bfdd0224514923d1e520a96e9282b7cd5dc511af226b61e
595b3452792e28f29e2073bcb9744e9ca305c7c44bd3d00ba622a0bf83db3238
5a57cecd2bf4d6d3b8498c67487333f6dc9e102371f5e48ffc7fcf18a6e8487e
5ab499494548829e507e9b6cd57247a6cd565e7f1bc6eb55e3da445af76f1f0c
5be5b0170ad4bbd2be91182d137933e7de9c7e86b09ec855a4bac015ebfd746f
5c5dcbdd805b4603a4ac478d0e3966033767767309ac8eb2ddb6a1aea68ad2c7
5d076962515986764e40e0d4d8ba48e9ea4b61189b10d4de9365822e7f821098
5dfdf8364391fb0206fd041768223181bad6754d36faa9428d03ca8832514d5d
5ecbfb541946a9a9437190a21d98e1c7ab7d863837d7d038a9a1e053c649c8ba
5f051ce04c92470044891b9377a5b538bff2c906ed0159ad922688b362949552
5f3dfe5ae04216d60a5eebd9b2eebfdf38a196c8bd2446de3492e804926a63db
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
60236872a96cff4612101efc416706fe34892d9152f2c019e42209fb7d8d8de4
606f146ddca26cd4eb1d03c0a42e550e7b897e799998b67e7b115febbce98bc0
60c3f2162f8079ebbcfacb99e8e83922b4c4b2da6f22b20c6b592072ae7aa51f
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
617e0f9fee7ef0ca891735246b4b5a61caa3622db4a4256685b061c9f43bd053
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c7d2da9a5942053f17c9756e53b7cda414541619bd35c2b1441cd88c77f235
636ed63be35a13e9ac7891f7c1b62d7fd23c7872c6a59f01fe0e7489f7be83cd
6703a15cac2e132591d86dd3a41eda1bd2370028396c51d905950b5cf7e6f200
67b829bf42594362b988e1a795c40661f5fc51509c0509545c3779e867187ab9
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c57bfdd896272485aa1fd780be7be5386876c8a1dcef8abd3d811ec48313491
6cf6b07dcd7c0e37ddd2cc35b1de0741a54d883d5ed4005a6f872b419b22948a
6e53da60f022a960fdf289f9baf1c70e7b57603b2022d38d0626aea34cc6cf92
6f261533d4b74ae931965cf3609bf47bb55001e39eb7029502d96cec73c4749a
6f99091cfd4343db6da0de90a7d93ba904b76134e4818f36a075c41df24cac9c
6fce0dbbc989e2f852d8045ea7aaa7db852aab75caef08e0cac9bf3205dff02f
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
734077f9a9575e82a7f8718e4e255298f84f51962f22407b35b6ce299ff74ca9
7364fcbb6c5d775f07816712af8a6419db99268f72c337a4977f706dc3423bb3
7475f5c70d3b6020b6f4621b2e69fba3360bea00a913e60b085af165b93842ec
74b1612d1cb16d432cfd6542a7efe8f9297f1197025e044b9e0d9fa8e54befab
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
774e56c1489bafd83af60626f6b1483c6e1237269c60b83b1293fcad591bc146
7762f62eb79f23ea31d953c69e508627a084a1770afefec9a7a073b51b7a8000
78c8c364b438f0be81f1c51627902fda95b7aebdd2c04aee28c2f72cd4390207
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
797c97257815c56cf48ec80a3ac309000ce91f6d2d1ee2e7bca5037a503eaa5e
79976aaa95264ee9d558115794253d31d5b0039a0b6c6214f27188f69af0fbd6
79d97d01b2e5c628e364124d57c548587469395b86bde5cd81a7ac0899ca7228
7b48a74fa0f94d83ae6d60c772f5e7aa66e7be1b63ccf223ca14e34d3d7b0d22
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
7d91c04c657709af03f6dad61d375c3208d18ab5ff7851c2472007dc05201342
7de3444a426229074eb923a3f4ff2cf46c61939fb2be252112952ed088e252f2
7dfb735aacf9b97aa1a65c2bb61a762e34daffea3e2213c4e861981cddff925a
7fc88c65d46e83b3f3e9f098f05fd639480332fc3718cd714725e2e4633af4e8
7fea3f1469a47a2a31191b5c7cdae71d8f47bdb5170a27a33ded4494a5b935f2
807271433f80bb33654a84ec904035be3d2b34e505a051e3469a47fe39ccb752
80a7b5cd61008647d83733ffb6dae5e4604f613f0b1ecaec6e99a9c875f22413
81478a4736e344919fa3f2dac491477f645efcb779c4fdde0ec102d4e767200a
823fca52bee1d6cb234fc34a9868e7c748a8fa1cfd8352b71de25d301a494fcc
82cd1a97f81e5b63a621311be2993916eea0907b5eadd53bb6b280f4bb0f8391
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
833a86642252016b29f08dd45ffd27f9e00ca237f28d8c5f0147a6e15d009377
837863ba5a4848de455d526a97db545f6c456a6c5dee1d20117d7e2f3034e90d
83a366075eb2387c6d9f848f42b08df0546027333eccf5813edf95ba45709be2
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
85c33811c2b04e4e02babe2fd6bd7ac0035f93e95827116429bbda2cf9c6c95d
85db95dbe15c810a710ca6d9094a2a29f2eeea05791cc7aaab7af8939684b978
85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94
86096831a70c72ac0c08f5e65ae92d98330d9fd2b7511dde65ff50b8a16bfd9a
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
86b1750ac3fa82df8295e51912887cc0f10833802b17dc1f76a31293f7ecf049
87b2408523892f375c00a9d521c67f6eb516ecac25c479a7b15705bfab08fcd3
87efb9be0146779593bbe426eafa97ec5bbc95f44db4cbce67c9ba9681429a9d
88082e2436305c53b9849eab602898e4d5b728b68c2439cbfad581846fd32cdf
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a5477e9982444491d1ece766b1b4c1fa5ba0712af6ed47ccf42cea17bdd7c45
8b3268e2ce0d2967367801ae12fdcbbb1aa50ab8d786d901530867214b67f04a
8b4e23165d9d11b0e205ec23438968fa03c06bbbb7d61fbcb34bd0067492aed5
8b72952d3fd656ee6594f0d9735d928113ad1d590705b14f77abf75f1d4d5d69
8bb831c2b810d0797a6e24c24e87c7b87ee191344f011b4671671b8e8aba9918
8cb42e8847df02cc0d863921e9c2fe3f8a24a9078cd878ae3f7d0b47e039ad22
8dc40a5096530714279199bd98ffbe44f3108bf9dd183ec74d85f69705d86e25
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
918effd8eebf1d220ca8a7b865ccabe852f4c849113f446b70ad2bc986412aec
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9325e7ffee12aa958b1d3fa602493849cd5d088b0543960badbedb73a1c89640
9380129b18a146823f4a5b725bd655adba385f8c42f84515687cb506a6d892a5
9431bc6d1a6d036a70c92dfc9000d7965f939671a59705bdd01c3e652048ed9a
947e22d9ed05fbe3f5ed3c4ee35618a1910a85968f48a22c0277f9936f2eb769
94825be9f70f10ed173203b58b83dcb7b2aed60f0fa0779fe936ac9679e48349
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9933997608e86beaf1e7f7188a5c657cdad8ccd9d20eb7b1a46adaa83fa850ab
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c186382b6a768d6f78f7601305ed2b1f7c879e577e2fc47b6f7cd7df196e373
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a074bf9875c16892d6fc4869e9a7ad603810ba93cce9dc5370c728240fb214ff
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2366a1c3a0c9cfd2f98e11d6183507debc057e4736139ba4cb4218943ae1971
a2bd43c80adc73ae26472a90ec3bd9df44a5b7d2dafb133b8660efd800c719b1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d450d9f67e06c84c82a9a8c58cfc96fd91795b935201dace82e858732ddea6
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a752705baaf1b6424744a68ce4aeeda0cb4c8c12f63fe609cca51c1e580dda69
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a7ed5bc0d84f5b2b2bbe1dc70610cae5c6fb03f2c29531888ec54f4ec19fadc8
aa3b9513abbbf65a2c8483122648fce1b39b1afa2a69bdf863242f1411baba58
ac485ca8f3e0bdf5762188555494d8321d27406d7c62b7cd6f2a9537722cd360
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acc2eabd64654b82015e5e58d31d6fba6159b9b081bca201970a3efe16de7f0e
ae01f81568274cd06b5147c59eddad07b73d10799cfc76b67223dfc30abfb95a
ae6be2e2763ad0bdc19adde03b9c11d49d8a0deda929db041d6d1457f3b264d6
ae8264ec552f76003b5335b0839b6fe29284e27617923b0b2c50357ade389091
af029183fec521886e120f1deea6bb4c74f8270ad8367e4688ecb1016d25d4d8
af44f53567423b9ed7c413bcc6fcd8ef81ef36e20b6b2993d617959cef292443
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b141e0b8968e828fbbb893a1278d3acef69045dadcffba029d468ea7ad098b6a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b2864c65b32cd25bf64a7eb4fddf486dff821f1924172a0083db962615bd6ce0
b530b7a174b5a22906440ec7ecc1bcc1232b34bc4f9ade2e3af37563f888fa5d
b5a0783c853ecf2785cf7380bcf03bfc7a37ea6ffbef000d2c16d4089eff77e9
b7e089a22bf0a1054f2eb57f4d54c7d6db7f5b58c45c019f69f8ec8ee5c26d29
b80304a9d93bd9e90a03367a3f1e1d4780a95a0f71d43ce1e95293dd5c238510
bb9dfe37a84d25e47a931cdffe5d8c2a0d9c289ef11e0b269159ab39369dcb9c
c0f89675b2d83804c5d54816d4b8f3343604261ab7a734fa895a9d0e103eb76f
c0fffa0081cfcf9092c63f0c080fa8dce13c97c00f927de57751559c488e05fd
c14a030b0b5ef06f710d9bbff164662d4b43c037e62f254aa6280504013caa34
c21029f21dc145723d40362da85504ee5a5bd33f5db6636beae3a01c7aba1fa2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3faa6fe93cd06ba2fe1b17eae4d41227a20ca39ef3eae99b3b504b478b89bc8
c462d460eab61de19f36cc384c99666e5bf65eaeba0c12b8f594c5410c01f220
c53c1e4fe935eca947511b36cc26c401f7f6f16042314d3e82c578e339e93f41
c567d0068aa9d314d13047cf6af171cce476501aac5e5521bd2b2233b16fbce5
c56bc3540bbe70b580833813772246a3da8ace048bcf982c5983330dcaca7a06
c5ab0d1f589ff1bed88ec9c1e565cd26b1060afb185910bc2b027d61cd30864b
c5c2fc39b47e07e067b38ba1309842f5ae795265b7e447fe31036168a4982cda
c8dd1f8056375009edff50e8c196c039a2eddd75a2bbc6a6448cc8e798bfa688
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa3854f28740fa98125ded826446ee4456379e8ad7c4ff46643347d1901506a
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb52c9b5c6b4f30eb9580d4414ecd97d408ffb0579fc9792f379da7e9e43221c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc8373e96f331082cf231dc1bfb2da7f317e74f0f785b095da91d49dcb66b2f1
ccf25eed304963be5ca3c94de43dcf827e8ac05a2c857d1a19371e86649a3459
cd216bc5cece19866e688ce56e5c5243f32241dfc9cd4045d393f4f111f9333e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfe904f4c14a2d63fcf8b37a75f30282b13501015ca9fcd1fe8e1600ab35ab39
cff3ff7513a42187f914df965c0006c8756f549dc13ffb64540767042902a748
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d06ae5e97e495832fc4526c3e93d7e9440f1faf5f77669b41678c9d564a25faf
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0ef936654ba84031c1ef90617069aceaab3dac1dd0912b76ebd449f9a566e55
d281c9d6bae645f3da6d2f0769a2cf0668709fd28e2021ce74821cdd8c7117b3
d47d74fef90dbe66799550c8b75f6f0366b243cd963395a48cbd6949600ae5e1
d574ea3f744818bf42eb39c6ae49bebf0b7134e722d9dd9c3a2c500b79672cd9
d6803b29c8b5ba508c6163da094be46245d869934ba58b6aed13820e8606aa8b
d69016ca21ee080f6fe79d800d7f6d033ed940a4bd026bcf95bd3fc958efe32b
d6f350f62fc19bfd7091e3841649be70e806fb94c00a1f777dbed2ea8ecc9daa
da161a8783423e515443a9aa247ba42e83bea343431dccfa77e0fa7856f0f561
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de24551bd4396fc8579b2d87ce01944553dd48fb52775d14373725a50efa0c37
de46b77a5b05ab09a32c1999473923ea2b42c8c1489a4a1fb15d551a45366df3
de5e37739b5797e8ba9dba4a2dcb65f37c36a65fe839cb306162e21c74ba166e
de6d9929cafab4dabc8e369bf19b9a193ee27531263ac95498cc24d0366e4515
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
debde1bc71e84bc339bc2f5417713f411494806678ecc583f2665d4ce18521bc
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e0f23d16bb40b894855d19e097cc0b9f4695b98a7db1fed18625cfb1ce8bda35
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e312bc18779e0d9c6626ee0bdb426676ebb2835346604c114191b3ffe4251527
e336ff50623cff960c2396944be4392139f63dcc032e5f3428d81489fdfe697a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3f5e5e83fe0ffb305e73c4405c7ecf55dc088fcede4ec94dd03288c0bb172ac
e518991bba2a5cf9106c207b2bcb4c19489875e919a76259605c3c7bc47ce0c5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e63b3c685cf3c6357e32397d0c704f3071df41ae8c3721e2f325e87661c42b01
e72a4d605e3d5af4047f1f34af4008981be221e0809e57805c6011c451f81c14
e7366791e8d37a1d230bd56b738dc83c339697df86c14fe55e43283ce66cef65
e74b9cb9d8871d300d2a1d36ce2cd00dfbfe0c5d8066d1d415c4ce620a919d47
e762460a2a5cf7d02f2b1c248476357208d74703e55d95bc47398eca7d5b3c97
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e8830a414dfeb4c0e0f519d3419f69849df9226f329357c938333dbf2c956f63
e8ede051cc17fc5a872b91d10f4bec83c2bc1b75b559a08d7c7245a1cbdc848f
e944e6d1b0904bc0c1298fe828ec727bc6a9b46f0b4799e197a1a2acc46fb685
ea4dfbb85ad48cf0a96ca32b0dc92895fd4697c8e60327667351183f044b0bfb
eaed684290a92148cafb646f3122ce208e4d7f1623ca17e2fb294e6b96ff1dbf
eba88ef6b1f09543b0b3f34bc3c1d401da36d590354cd7728e2aae4d3c1abc91
ec068031a38f2d97255ddf90e6d75a5538a3b0ea29510482d1909c5a1a10ad74
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ee5955c6046065755ce9fbbc2fad28d4fd1e739f2779955dd4332b5858363069
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdbd8582066a12cf45115f1e150d2a8de06bf6b14db3feca98b116efeb9e0bb
f2649db29712c0b6bb0702c7c4b1187b10ec39f238ddee4f17a614fa64ce31f3
f2f11e4d45030f1f21ec7d3ae67a65b83c4c67016fe861fbebdff04ca0c8cd60
f3e8f1f5163b712a260f0211d88ccb0973003057ea14c3c18997c3a5d8259e0b
f48f6f88754b5e4ced111a1939239a223b36fbbc88679acd8f4edabd4559128a
f584fecc26e454af055fc09703c4bd577eb2a5bc797910f0f69f2d017cc33131
f5a2ac577c39585912f27b9cbe386430cbe683b09344bb70c1d41c1072885be1
f7bf791dd0690f29ec4ce774e933cf1229e265a55de015bd5fc832ea1b2f47dd
f8e31c22da5c2280c4f7f35d9187db8c66c827ddc6517947b5ded9555a8a0033
f90dbd1c287ed7162f3adf22f39fcb7f971ee8c26468d016ac21abc7a356d830
f95836cdd8c1af1d8261e8e198a4c1dd306e2b50ddc389fe820b56212a9cb17d
f9a1171fde453f3ece04daab3fb1fb9b801dec400d4ae2679ff0f374fc150c99
f9d9e96c4439beeca49a1a10f9dffe6f5cd0b604d13aa13af170d0bc62d8ca1b
fa28dbc6c9539180a5694ef2592d86190a8b01e17afa930b0bf3585f4ceb4025
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fd239cbc31f0976120b6649fe926ccd9f043e8155452b986658ed4bfdcd3471e
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b
fea322f456810170b635d0be50c4878688dfa63285f79768823c69a85626942c
ff1d5bed54a0c64f04a2f49463f9df997e1c97a2bad9cbb9e7914d158a81208f
ff22ba41f2fece3b0143db4953ff5d0b14429e0d151836a01fdf12fed589882d